Tor  0.4.3.0-alpha-dev
connection.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * \file connection.c
9  * \brief General high-level functions to handle reading and writing
10  * on connections.
11  *
12  * Each connection (ideally) represents a TLS connection, a TCP socket, a unix
13  * socket, or a UDP socket on which reads and writes can occur. (But see
14  * connection_edge.c for cases where connections can also represent streams
15  * that do not have a corresponding socket.)
16  *
17  * The module implements the abstract type, connection_t. The subtypes are:
18  * <ul>
19  * <li>listener_connection_t, implemented here in connection.c
20  * <li>dir_connection_t, implemented in directory.c
21  * <li>or_connection_t, implemented in connection_or.c
22  * <li>edge_connection_t, implemented in connection_edge.c, along with
23  * its subtype(s):
24  * <ul><li>entry_connection_t, also implemented in connection_edge.c
25  * </ul>
26  * <li>control_connection_t, implemented in control.c
27  * </ul>
28  *
29  * The base type implemented in this module is responsible for basic
30  * rate limiting, flow control, and marshalling bytes onto and off of the
31  * network (either directly or via TLS).
32  *
33  * Connections are registered with the main loop with connection_add(). As
34  * they become able to read or write register the fact with the event main
35  * loop by calling connection_watch_events(), connection_start_reading(), or
36  * connection_start_writing(). When they no longer want to read or write,
37  * they call connection_stop_reading() or connection_stop_writing().
38  *
39  * To queue data to be written on a connection, call
40  * connection_buf_add(). When data arrives, the
41  * connection_process_inbuf() callback is invoked, which dispatches to a
42  * type-specific function (such as connection_edge_process_inbuf() for
43  * example). Connection types that need notice of when data has been written
44  * receive notification via connection_flushed_some() and
45  * connection_finished_flushing(). These functions all delegate to
46  * type-specific implementations.
47  *
48  * Additionally, beyond the core of connection_t, this module also implements:
49  * <ul>
50  * <li>Listeners, which wait for incoming sockets and launch connections
51  * <li>Outgoing SOCKS proxy support
52  * <li>Outgoing HTTP proxy support
53  * <li>An out-of-sockets handler for dealing with socket exhaustion
54  * </ul>
55  **/
56 
57 #define CONNECTION_PRIVATE
58 #include "core/or/or.h"
59 #include "feature/client/bridges.h"
60 #include "lib/buf/buffers.h"
61 #include "lib/tls/buffers_tls.h"
62 #include "lib/err/backtrace.h"
63 
64 /*
65  * Define this so we get channel internal functions, since we're implementing
66  * part of a subclass (channel_tls_t).
67  */
68 #define TOR_CHANNEL_INTERNAL_
69 #define CONNECTION_PRIVATE
70 #include "app/config/config.h"
72 #include "core/mainloop/mainloop.h"
74 #include "core/or/channel.h"
75 #include "core/or/channeltls.h"
76 #include "core/or/circuitbuild.h"
77 #include "core/or/circuitlist.h"
78 #include "core/or/circuituse.h"
80 #include "core/or/connection_or.h"
81 #include "core/or/dos.h"
82 #include "core/or/policies.h"
83 #include "core/or/reasons.h"
84 #include "core/or/relay.h"
85 #include "core/or/crypt_path.h"
86 #include "core/proto/proto_http.h"
87 #include "core/proto/proto_socks.h"
88 #include "feature/client/dnsserv.h"
97 #include "feature/hs/hs_common.h"
98 #include "feature/hs/hs_ident.h"
101 #include "feature/relay/dns.h"
104 #include "feature/rend/rendclient.h"
105 #include "feature/rend/rendcommon.h"
106 #include "feature/stats/rephist.h"
108 #include "lib/geoip/geoip.h"
109 
110 #include "lib/sandbox/sandbox.h"
111 #include "lib/net/buffers_net.h"
112 #include "lib/tls/tortls.h"
114 #include "lib/compress/compress.h"
115 
116 #ifdef HAVE_PWD_H
117 #include <pwd.h>
118 #endif
119 
120 #ifdef HAVE_UNISTD_H
121 #include <unistd.h>
122 #endif
123 #ifdef HAVE_SYS_STAT_H
124 #include <sys/stat.h>
125 #endif
126 
127 #ifdef HAVE_SYS_UN_H
128 #include <sys/socket.h>
129 #include <sys/un.h>
130 #endif
131 
137 #include "core/or/port_cfg_st.h"
140 
141 /**
142  * On Windows and Linux we cannot reliably bind() a socket to an
143  * address and port if: 1) There's already a socket bound to wildcard
144  * address (0.0.0.0 or ::) with the same port; 2) We try to bind()
145  * to wildcard address and there's another socket bound to a
146  * specific address and the same port.
147  *
148  * To address this problem on these two platforms we implement a
149  * routine that:
150  * 1) Checks if first attempt to bind() a new socket failed with
151  * EADDRINUSE.
152  * 2) If so, it will close the appropriate old listener connection and
153  * 3) Attempts bind()'ing the new listener socket again.
154  *
155  * Just to be safe, we are enabling listener rebind code on all platforms,
156  * to account for unexpected cases where it may be needed.
157  */
158 #define ENABLE_LISTENER_REBIND
159 
161  const struct sockaddr *listensockaddr,
162  socklen_t listensocklen, int type,
163  const char *address,
164  const port_cfg_t *portcfg,
165  int *addr_in_use);
167  const port_cfg_t *port,
168  int *defer, int *addr_in_use);
169 static void connection_init(time_t now, connection_t *conn, int type,
170  int socket_family);
171 static int connection_handle_listener_read(connection_t *conn, int new_type);
173 static int connection_flushed_some(connection_t *conn);
175 static int connection_reached_eof(connection_t *conn);
177  ssize_t *max_to_read,
178  int *socket_error);
179 static int connection_process_inbuf(connection_t *conn, int package_partial);
181 static void set_constrained_socket_buffers(tor_socket_t sock, int size);
182 
183 static const char *connection_proxy_state_to_string(int state);
186 static const char *proxy_type_to_string(int proxy_type);
187 static int conn_get_proxy_type(const connection_t *conn);
189  const or_options_t *options, unsigned int conn_type);
190 static void reenable_blocked_connection_init(const or_options_t *options);
191 static void reenable_blocked_connection_schedule(void);
192 
193 /** The last addresses that our network interface seemed to have been
194  * binding to. We use this as one way to detect when our IP changes.
195  *
196  * XXXX+ We should really use the entire list of interfaces here.
197  **/
199 /* DOCDOC last_interface_ipv6 */
200 static tor_addr_t *last_interface_ipv6 = NULL;
201 /** A list of tor_addr_t for addresses we've used in outgoing connections.
202  * Used to detect IP address changes. */
204 
205 #define CASE_ANY_LISTENER_TYPE \
206  case CONN_TYPE_OR_LISTENER: \
207  case CONN_TYPE_EXT_OR_LISTENER: \
208  case CONN_TYPE_AP_LISTENER: \
209  case CONN_TYPE_DIR_LISTENER: \
210  case CONN_TYPE_CONTROL_LISTENER: \
211  case CONN_TYPE_AP_TRANS_LISTENER: \
212  case CONN_TYPE_AP_NATD_LISTENER: \
213  case CONN_TYPE_AP_DNS_LISTENER: \
214  case CONN_TYPE_AP_HTTP_CONNECT_LISTENER
215 
216 /**************************************************************/
217 
218 /** Convert a connection_t* to an listener_connection_t*; assert if the cast
219  * is invalid. */
222 {
223  tor_assert(c->magic == LISTENER_CONNECTION_MAGIC);
224  return DOWNCAST(listener_connection_t, c);
225 }
226 
227 size_t
228 connection_get_inbuf_len(connection_t *conn)
229 {
230  return conn->inbuf ? buf_datalen(conn->inbuf) : 0;
231 }
232 
233 size_t
234 connection_get_outbuf_len(connection_t *conn)
235 {
236  return conn->outbuf ? buf_datalen(conn->outbuf) : 0;
237 }
238 
239 /**
240  * Return the human-readable name for the connection type <b>type</b>
241  */
242 const char *
244 {
245  static char buf[64];
246  switch (type) {
247  case CONN_TYPE_OR_LISTENER: return "OR listener";
248  case CONN_TYPE_OR: return "OR";
249  case CONN_TYPE_EXIT: return "Exit";
250  case CONN_TYPE_AP_LISTENER: return "Socks listener";
252  return "Transparent pf/netfilter listener";
253  case CONN_TYPE_AP_NATD_LISTENER: return "Transparent natd listener";
254  case CONN_TYPE_AP_DNS_LISTENER: return "DNS listener";
255  case CONN_TYPE_AP: return "Socks";
256  case CONN_TYPE_DIR_LISTENER: return "Directory listener";
257  case CONN_TYPE_DIR: return "Directory";
258  case CONN_TYPE_CONTROL_LISTENER: return "Control listener";
259  case CONN_TYPE_CONTROL: return "Control";
260  case CONN_TYPE_EXT_OR: return "Extended OR";
261  case CONN_TYPE_EXT_OR_LISTENER: return "Extended OR listener";
262  case CONN_TYPE_AP_HTTP_CONNECT_LISTENER: return "HTTP tunnel listener";
263  default:
264  log_warn(LD_BUG, "unknown connection type %d", type);
265  tor_snprintf(buf, sizeof(buf), "unknown [%d]", type);
266  return buf;
267  }
268 }
269 
270 /**
271  * Return the human-readable name for the connection state <b>state</b>
272  * for the connection type <b>type</b>
273  */
274 const char *
275 conn_state_to_string(int type, int state)
276 {
277  static char buf[96];
278  switch (type) {
279  CASE_ANY_LISTENER_TYPE:
280  if (state == LISTENER_STATE_READY)
281  return "ready";
282  break;
283  case CONN_TYPE_OR:
284  switch (state) {
285  case OR_CONN_STATE_CONNECTING: return "connect()ing";
286  case OR_CONN_STATE_PROXY_HANDSHAKING: return "handshaking (proxy)";
287  case OR_CONN_STATE_TLS_HANDSHAKING: return "handshaking (TLS)";
289  return "renegotiating (TLS, v2 handshake)";
291  return "waiting for renegotiation or V3 handshake";
293  return "handshaking (Tor, v2 handshake)";
295  return "handshaking (Tor, v3 handshake)";
296  case OR_CONN_STATE_OPEN: return "open";
297  }
298  break;
299  case CONN_TYPE_EXT_OR:
300  switch (state) {
302  return "waiting for authentication type";
304  return "waiting for client nonce";
306  return "waiting for client hash";
307  case EXT_OR_CONN_STATE_OPEN: return "open";
308  case EXT_OR_CONN_STATE_FLUSHING: return "flushing final OKAY";
309  }
310  break;
311  case CONN_TYPE_EXIT:
312  switch (state) {
313  case EXIT_CONN_STATE_RESOLVING: return "waiting for dest info";
314  case EXIT_CONN_STATE_CONNECTING: return "connecting";
315  case EXIT_CONN_STATE_OPEN: return "open";
316  case EXIT_CONN_STATE_RESOLVEFAILED: return "resolve failed";
317  }
318  break;
319  case CONN_TYPE_AP:
320  switch (state) {
321  case AP_CONN_STATE_SOCKS_WAIT: return "waiting for socks info";
322  case AP_CONN_STATE_NATD_WAIT: return "waiting for natd dest info";
323  case AP_CONN_STATE_RENDDESC_WAIT: return "waiting for rendezvous desc";
324  case AP_CONN_STATE_CONTROLLER_WAIT: return "waiting for controller";
325  case AP_CONN_STATE_CIRCUIT_WAIT: return "waiting for circuit";
326  case AP_CONN_STATE_CONNECT_WAIT: return "waiting for connect response";
327  case AP_CONN_STATE_RESOLVE_WAIT: return "waiting for resolve response";
328  case AP_CONN_STATE_OPEN: return "open";
329  }
330  break;
331  case CONN_TYPE_DIR:
332  switch (state) {
333  case DIR_CONN_STATE_CONNECTING: return "connecting";
334  case DIR_CONN_STATE_CLIENT_SENDING: return "client sending";
335  case DIR_CONN_STATE_CLIENT_READING: return "client reading";
336  case DIR_CONN_STATE_CLIENT_FINISHED: return "client finished";
337  case DIR_CONN_STATE_SERVER_COMMAND_WAIT: return "waiting for command";
338  case DIR_CONN_STATE_SERVER_WRITING: return "writing";
339  }
340  break;
341  case CONN_TYPE_CONTROL:
342  switch (state) {
343  case CONTROL_CONN_STATE_OPEN: return "open (protocol v1)";
345  return "waiting for authentication (protocol v1)";
346  }
347  break;
348  }
349 
350  log_warn(LD_BUG, "unknown connection state %d (type %d)", state, type);
351  tor_snprintf(buf, sizeof(buf),
352  "unknown state [%d] on unknown [%s] connection",
353  state, conn_type_to_string(type));
354  return buf;
355 }
356 
357 /** Allocate and return a new dir_connection_t, initialized as by
358  * connection_init(). */
360 dir_connection_new(int socket_family)
361 {
362  dir_connection_t *dir_conn = tor_malloc_zero(sizeof(dir_connection_t));
363  connection_init(time(NULL), TO_CONN(dir_conn), CONN_TYPE_DIR, socket_family);
364  return dir_conn;
365 }
366 
367 /** Allocate and return a new or_connection_t, initialized as by
368  * connection_init().
369  *
370  * Initialize active_circuit_pqueue.
371  *
372  * Set active_circuit_pqueue_last_recalibrated to current cell_ewma tick.
373  */
375 or_connection_new(int type, int socket_family)
376 {
377  or_connection_t *or_conn = tor_malloc_zero(sizeof(or_connection_t));
378  time_t now = time(NULL);
379  tor_assert(type == CONN_TYPE_OR || type == CONN_TYPE_EXT_OR);
380  connection_init(now, TO_CONN(or_conn), type, socket_family);
381 
382  connection_or_set_canonical(or_conn, 0);
383 
384  if (type == CONN_TYPE_EXT_OR)
386 
387  return or_conn;
388 }
389 
390 /** Allocate and return a new entry_connection_t, initialized as by
391  * connection_init().
392  *
393  * Allocate space to store the socks_request.
394  */
396 entry_connection_new(int type, int socket_family)
397 {
398  entry_connection_t *entry_conn = tor_malloc_zero(sizeof(entry_connection_t));
399  tor_assert(type == CONN_TYPE_AP);
400  connection_init(time(NULL), ENTRY_TO_CONN(entry_conn), type, socket_family);
401  entry_conn->socks_request = socks_request_new();
402  /* If this is coming from a listener, we'll set it up based on the listener
403  * in a little while. Otherwise, we're doing this as a linked connection
404  * of some kind, and we should set it up here based on the socket family */
405  if (socket_family == AF_INET)
406  entry_conn->entry_cfg.ipv4_traffic = 1;
407  else if (socket_family == AF_INET6)
408  entry_conn->entry_cfg.ipv6_traffic = 1;
409  return entry_conn;
410 }
411 
412 /** Allocate and return a new edge_connection_t, initialized as by
413  * connection_init(). */
415 edge_connection_new(int type, int socket_family)
416 {
417  edge_connection_t *edge_conn = tor_malloc_zero(sizeof(edge_connection_t));
418  tor_assert(type == CONN_TYPE_EXIT);
419  connection_init(time(NULL), TO_CONN(edge_conn), type, socket_family);
420  return edge_conn;
421 }
422 
423 /** Allocate and return a new control_connection_t, initialized as by
424  * connection_init(). */
426 control_connection_new(int socket_family)
427 {
428  control_connection_t *control_conn =
429  tor_malloc_zero(sizeof(control_connection_t));
430  connection_init(time(NULL),
431  TO_CONN(control_conn), CONN_TYPE_CONTROL, socket_family);
432  return control_conn;
433 }
434 
435 /** Allocate and return a new listener_connection_t, initialized as by
436  * connection_init(). */
438 listener_connection_new(int type, int socket_family)
439 {
440  listener_connection_t *listener_conn =
441  tor_malloc_zero(sizeof(listener_connection_t));
442  connection_init(time(NULL), TO_CONN(listener_conn), type, socket_family);
443  return listener_conn;
444 }
445 
446 /** Allocate, initialize, and return a new connection_t subtype of <b>type</b>
447  * to make or receive connections of address family <b>socket_family</b>. The
448  * type should be one of the CONN_TYPE_* constants. */
449 connection_t *
450 connection_new(int type, int socket_family)
451 {
452  switch (type) {
453  case CONN_TYPE_OR:
454  case CONN_TYPE_EXT_OR:
455  return TO_CONN(or_connection_new(type, socket_family));
456 
457  case CONN_TYPE_EXIT:
458  return TO_CONN(edge_connection_new(type, socket_family));
459 
460  case CONN_TYPE_AP:
461  return ENTRY_TO_CONN(entry_connection_new(type, socket_family));
462 
463  case CONN_TYPE_DIR:
464  return TO_CONN(dir_connection_new(socket_family));
465 
466  case CONN_TYPE_CONTROL:
467  return TO_CONN(control_connection_new(socket_family));
468 
469  CASE_ANY_LISTENER_TYPE:
470  return TO_CONN(listener_connection_new(type, socket_family));
471 
472  default: {
473  connection_t *conn = tor_malloc_zero(sizeof(connection_t));
474  connection_init(time(NULL), conn, type, socket_family);
475  return conn;
476  }
477  }
478 }
479 
480 /** Initializes conn. (you must call connection_add() to link it into the main
481  * array).
482  *
483  * Set conn->magic to the correct value.
484  *
485  * Set conn->type to <b>type</b>. Set conn->s and conn->conn_array_index to
486  * -1 to signify they are not yet assigned.
487  *
488  * Initialize conn's timestamps to now.
489  */
490 static void
491 connection_init(time_t now, connection_t *conn, int type, int socket_family)
492 {
493  static uint64_t n_connections_allocated = 1;
494 
495  switch (type) {
496  case CONN_TYPE_OR:
497  case CONN_TYPE_EXT_OR:
498  conn->magic = OR_CONNECTION_MAGIC;
499  break;
500  case CONN_TYPE_EXIT:
501  conn->magic = EDGE_CONNECTION_MAGIC;
502  break;
503  case CONN_TYPE_AP:
504  conn->magic = ENTRY_CONNECTION_MAGIC;
505  break;
506  case CONN_TYPE_DIR:
507  conn->magic = DIR_CONNECTION_MAGIC;
508  break;
509  case CONN_TYPE_CONTROL:
510  conn->magic = CONTROL_CONNECTION_MAGIC;
511  break;
512  CASE_ANY_LISTENER_TYPE:
513  conn->magic = LISTENER_CONNECTION_MAGIC;
514  break;
515  default:
516  conn->magic = BASE_CONNECTION_MAGIC;
517  break;
518  }
519 
520  conn->s = TOR_INVALID_SOCKET; /* give it a default of 'not used' */
521  conn->conn_array_index = -1; /* also default to 'not used' */
522  conn->global_identifier = n_connections_allocated++;
523 
524  conn->type = type;
525  conn->socket_family = socket_family;
526  if (!connection_is_listener(conn)) {
527  /* listeners never use their buf */
528  conn->inbuf = buf_new();
529  conn->outbuf = buf_new();
530  }
531 
532  conn->timestamp_created = now;
533  conn->timestamp_last_read_allowed = now;
534  conn->timestamp_last_write_allowed = now;
535 }
536 
537 /** Create a link between <b>conn_a</b> and <b>conn_b</b>. */
538 void
540 {
541  tor_assert(! SOCKET_OK(conn_a->s));
542  tor_assert(! SOCKET_OK(conn_b->s));
543 
544  conn_a->linked = 1;
545  conn_b->linked = 1;
546  conn_a->linked_conn = conn_b;
547  conn_b->linked_conn = conn_a;
548 }
549 
550 /** Return true iff the provided connection listener type supports AF_UNIX
551  * sockets. */
552 int
554 {
555  /* For now only control ports or SOCKS ports can be Unix domain sockets
556  * and listeners at the same time */
557  switch (type) {
560  return 1;
561  default:
562  return 0;
563  }
564 }
565 
566 /** Deallocate memory used by <b>conn</b>. Deallocate its buffers if
567  * necessary, close its socket if necessary, and mark the directory as dirty
568  * if <b>conn</b> is an OR or OP connection.
569  */
570 STATIC void
572 {
573  void *mem;
574  size_t memlen;
575  if (!conn)
576  return;
577 
578  switch (conn->type) {
579  case CONN_TYPE_OR:
580  case CONN_TYPE_EXT_OR:
581  tor_assert(conn->magic == OR_CONNECTION_MAGIC);
582  mem = TO_OR_CONN(conn);
583  memlen = sizeof(or_connection_t);
584  break;
585  case CONN_TYPE_AP:
586  tor_assert(conn->magic == ENTRY_CONNECTION_MAGIC);
587  mem = TO_ENTRY_CONN(conn);
588  memlen = sizeof(entry_connection_t);
589  break;
590  case CONN_TYPE_EXIT:
591  tor_assert(conn->magic == EDGE_CONNECTION_MAGIC);
592  mem = TO_EDGE_CONN(conn);
593  memlen = sizeof(edge_connection_t);
594  break;
595  case CONN_TYPE_DIR:
596  tor_assert(conn->magic == DIR_CONNECTION_MAGIC);
597  mem = TO_DIR_CONN(conn);
598  memlen = sizeof(dir_connection_t);
599  break;
600  case CONN_TYPE_CONTROL:
601  tor_assert(conn->magic == CONTROL_CONNECTION_MAGIC);
602  mem = TO_CONTROL_CONN(conn);
603  memlen = sizeof(control_connection_t);
604  break;
605  CASE_ANY_LISTENER_TYPE:
606  tor_assert(conn->magic == LISTENER_CONNECTION_MAGIC);
607  mem = TO_LISTENER_CONN(conn);
608  memlen = sizeof(listener_connection_t);
609  break;
610  default:
611  tor_assert(conn->magic == BASE_CONNECTION_MAGIC);
612  mem = conn;
613  memlen = sizeof(connection_t);
614  break;
615  }
616 
617  if (conn->linked) {
618  log_info(LD_GENERAL, "Freeing linked %s connection [%s] with %d "
619  "bytes on inbuf, %d on outbuf.",
620  conn_type_to_string(conn->type),
621  conn_state_to_string(conn->type, conn->state),
622  (int)connection_get_inbuf_len(conn),
623  (int)connection_get_outbuf_len(conn));
624  }
625 
626  if (!connection_is_listener(conn)) {
627  buf_free(conn->inbuf);
628  buf_free(conn->outbuf);
629  } else {
630  if (conn->socket_family == AF_UNIX) {
631  /* For now only control and SOCKS ports can be Unix domain sockets
632  * and listeners at the same time */
634 
635  if (unlink(conn->address) < 0 && errno != ENOENT) {
636  log_warn(LD_NET, "Could not unlink %s: %s", conn->address,
637  strerror(errno));
638  }
639  }
640  }
641 
642  tor_free(conn->address);
643 
644  if (connection_speaks_cells(conn)) {
645  or_connection_t *or_conn = TO_OR_CONN(conn);
646  if (or_conn->tls) {
647  if (! SOCKET_OK(conn->s)) {
648  /* The socket has been closed by somebody else; we must tell the
649  * TLS object not to close it. */
650  tor_tls_release_socket(or_conn->tls);
651  } else {
652  /* The tor_tls_free() call below will close the socket; we must tell
653  * the code below not to close it a second time. */
655  conn->s = TOR_INVALID_SOCKET;
656  }
657  tor_tls_free(or_conn->tls);
658  or_conn->tls = NULL;
659  }
660  or_handshake_state_free(or_conn->handshake_state);
661  or_conn->handshake_state = NULL;
662  tor_free(or_conn->nickname);
663  if (or_conn->chan) {
664  /* Owww, this shouldn't happen, but... */
665  channel_t *base_chan = TLS_CHAN_TO_BASE(or_conn->chan);
666  tor_assert(base_chan);
667  log_info(LD_CHANNEL,
668  "Freeing orconn at %p, saw channel %p with ID "
669  "%"PRIu64 " left un-NULLed",
670  or_conn, base_chan,
671  base_chan->global_identifier);
672  if (!CHANNEL_FINISHED(base_chan)) {
673  channel_close_for_error(base_chan);
674  }
675 
676  or_conn->chan->conn = NULL;
677  or_conn->chan = NULL;
678  }
679  }
680  if (conn->type == CONN_TYPE_AP) {
681  entry_connection_t *entry_conn = TO_ENTRY_CONN(conn);
682  tor_free(entry_conn->chosen_exit_name);
683  tor_free(entry_conn->original_dest_address);
684  if (entry_conn->socks_request)
685  socks_request_free(entry_conn->socks_request);
686  if (entry_conn->pending_optimistic_data) {
687  buf_free(entry_conn->pending_optimistic_data);
688  }
689  if (entry_conn->sending_optimistic_data) {
690  buf_free(entry_conn->sending_optimistic_data);
691  }
692  }
693  if (CONN_IS_EDGE(conn)) {
694  rend_data_free(TO_EDGE_CONN(conn)->rend_data);
695  hs_ident_edge_conn_free(TO_EDGE_CONN(conn)->hs_ident);
696  }
697  if (conn->type == CONN_TYPE_CONTROL) {
698  control_connection_t *control_conn = TO_CONTROL_CONN(conn);
699  tor_free(control_conn->safecookie_client_hash);
700  tor_free(control_conn->incoming_cmd);
701  tor_free(control_conn->current_cmd);
702  if (control_conn->ephemeral_onion_services) {
703  SMARTLIST_FOREACH(control_conn->ephemeral_onion_services, char *, cp, {
704  memwipe(cp, 0, strlen(cp));
705  tor_free(cp);
706  });
707  smartlist_free(control_conn->ephemeral_onion_services);
708  }
709  }
710 
711  /* Probably already freed by connection_free. */
712  tor_event_free(conn->read_event);
713  tor_event_free(conn->write_event);
714  conn->read_event = conn->write_event = NULL;
715 
716  if (conn->type == CONN_TYPE_DIR) {
717  dir_connection_t *dir_conn = TO_DIR_CONN(conn);
718  tor_free(dir_conn->requested_resource);
719 
720  tor_compress_free(dir_conn->compress_state);
721  if (dir_conn->spool) {
722  SMARTLIST_FOREACH(dir_conn->spool, spooled_resource_t *, spooled,
723  spooled_resource_free(spooled));
724  smartlist_free(dir_conn->spool);
725  }
726 
727  rend_data_free(dir_conn->rend_data);
728  hs_ident_dir_conn_free(dir_conn->hs_ident);
729  if (dir_conn->guard_state) {
730  /* Cancel before freeing, if it's still there. */
731  entry_guard_cancel(&dir_conn->guard_state);
732  }
733  circuit_guard_state_free(dir_conn->guard_state);
734  }
735 
736  if (SOCKET_OK(conn->s)) {
737  log_debug(LD_NET,"closing fd %d.",(int)conn->s);
738  tor_close_socket(conn->s);
739  conn->s = TOR_INVALID_SOCKET;
740  }
741 
742  if (conn->type == CONN_TYPE_OR &&
743  !tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) {
744  log_warn(LD_BUG, "called on OR conn with non-zeroed identity_digest");
746  }
747  if (conn->type == CONN_TYPE_OR || conn->type == CONN_TYPE_EXT_OR) {
749  tor_free(TO_OR_CONN(conn)->ext_or_conn_id);
750  tor_free(TO_OR_CONN(conn)->ext_or_auth_correct_client_hash);
751  tor_free(TO_OR_CONN(conn)->ext_or_transport);
752  }
753 
754  memwipe(mem, 0xCC, memlen); /* poison memory */
755  tor_free(mem);
756 }
757 
758 /** Make sure <b>conn</b> isn't in any of the global conn lists; then free it.
759  */
760 MOCK_IMPL(void,
762 {
763  if (!conn)
764  return;
767  if (BUG(conn->linked_conn)) {
768  conn->linked_conn->linked_conn = NULL;
769  if (! conn->linked_conn->marked_for_close &&
772  conn->linked_conn = NULL;
773  }
774  if (connection_speaks_cells(conn)) {
775  if (!tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest)) {
777  }
778  }
779  if (conn->type == CONN_TYPE_CONTROL) {
781  }
782 #if 1
783  /* DEBUGGING */
784  if (conn->type == CONN_TYPE_AP) {
785  connection_ap_warn_and_unmark_if_pending_circ(TO_ENTRY_CONN(conn),
786  "connection_free");
787  }
788 #endif /* 1 */
789 
790  /* Notify the circuit creation DoS mitigation subsystem that an OR client
791  * connection has been closed. And only do that if we track it. */
792  if (conn->type == CONN_TYPE_OR) {
793  dos_close_client_conn(TO_OR_CONN(conn));
794  }
795 
798 }
799 
800 /**
801  * Called when we're about to finally unlink and free a connection:
802  * perform necessary accounting and cleanup
803  * - Directory conns that failed to fetch a rendezvous descriptor
804  * need to inform pending rendezvous streams.
805  * - OR conns need to call rep_hist_note_*() to record status.
806  * - AP conns need to send a socks reject if necessary.
807  * - Exit conns need to call connection_dns_remove() if necessary.
808  * - AP and Exit conns need to send an end cell if they can.
809  * - DNS conns need to fail any resolves that are pending on them.
810  * - OR and edge connections need to be unlinked from circuits.
811  */
812 void
814 {
816 
817  switch (conn->type) {
818  case CONN_TYPE_DIR:
820  break;
821  case CONN_TYPE_OR:
822  case CONN_TYPE_EXT_OR:
824  break;
825  case CONN_TYPE_AP:
826  connection_ap_about_to_close(TO_ENTRY_CONN(conn));
827  break;
828  case CONN_TYPE_EXIT:
830  break;
831  }
832 }
833 
834 /** Return true iff connection_close_immediate() has been called on this
835  * connection. */
836 #define CONN_IS_CLOSED(c) \
837  ((c)->linked ? ((c)->linked_conn_is_closed) : (! SOCKET_OK(c->s)))
838 
839 /** Close the underlying socket for <b>conn</b>, so we don't try to
840  * flush it. Must be used in conjunction with (right before)
841  * connection_mark_for_close().
842  */
843 void
845 {
846  assert_connection_ok(conn,0);
847  if (CONN_IS_CLOSED(conn)) {
848  log_err(LD_BUG,"Attempt to close already-closed connection.");
850  return;
851  }
852  if (conn->outbuf_flushlen) {
853  log_info(LD_NET,"fd %d, type %s, state %s, %d bytes on outbuf.",
854  (int)conn->s, conn_type_to_string(conn->type),
855  conn_state_to_string(conn->type, conn->state),
856  (int)conn->outbuf_flushlen);
857  }
858 
860 
861  /* Prevent the event from getting unblocked. */
862  conn->read_blocked_on_bw = 0;
863  conn->write_blocked_on_bw = 0;
864 
865  if (SOCKET_OK(conn->s))
866  tor_close_socket(conn->s);
867  conn->s = TOR_INVALID_SOCKET;
868  if (conn->linked)
869  conn->linked_conn_is_closed = 1;
870  if (conn->outbuf)
871  buf_clear(conn->outbuf);
872  conn->outbuf_flushlen = 0;
873 }
874 
875 /** Mark <b>conn</b> to be closed next time we loop through
876  * conn_close_if_marked() in main.c. */
877 void
878 connection_mark_for_close_(connection_t *conn, int line, const char *file)
879 {
880  assert_connection_ok(conn,0);
881  tor_assert(line);
882  tor_assert(line < 1<<16); /* marked_for_close can only fit a uint16_t. */
883  tor_assert(file);
884 
885  if (conn->type == CONN_TYPE_OR) {
886  /*
887  * An or_connection should have been closed through one of the channel-
888  * aware functions in connection_or.c. We'll assume this is an error
889  * close and do that, and log a bug warning.
890  */
891  log_warn(LD_CHANNEL | LD_BUG,
892  "Something tried to close an or_connection_t without going "
893  "through channels at %s:%d",
894  file, line);
896  } else {
897  /* Pass it down to the real function */
898  connection_mark_for_close_internal_(conn, line, file);
899  }
900 }
901 
902 /** Mark <b>conn</b> to be closed next time we loop through
903  * conn_close_if_marked() in main.c.
904  *
905  * This _internal version bypasses the CONN_TYPE_OR checks; this should be
906  * called when you either are sure that if this is an or_connection_t the
907  * controlling channel has been notified (e.g. with
908  * connection_or_notify_error()), or you actually are the
909  * connection_or_close_for_error() or connection_or_close_normally() function.
910  * For all other cases, use connection_mark_and_flush() which checks for
911  * or_connection_t properly, instead. See below.
912  *
913  * We want to keep this function simple and quick, since it can be called from
914  * quite deep in the call chain, and hence it should avoid having side-effects
915  * that interfere with its callers view of the connection.
916  */
917 MOCK_IMPL(void,
919  int line, const char *file))
920 {
921  assert_connection_ok(conn,0);
922  tor_assert(line);
923  tor_assert(line < 1<<16); /* marked_for_close can only fit a uint16_t. */
924  tor_assert(file);
925 
926  if (conn->marked_for_close) {
927  log_warn(LD_BUG,"Duplicate call to connection_mark_for_close at %s:%d"
928  " (first at %s:%d)", file, line, conn->marked_for_close_file,
929  conn->marked_for_close);
931  return;
932  }
933 
934  if (conn->type == CONN_TYPE_OR) {
935  /*
936  * Bad news if this happens without telling the controlling channel; do
937  * this so we can find things that call this wrongly when the asserts hit.
938  */
939  log_debug(LD_CHANNEL,
940  "Calling connection_mark_for_close_internal_() on an OR conn "
941  "at %s:%d",
942  file, line);
943  }
944 
945  conn->marked_for_close = line;
946  conn->marked_for_close_file = file;
948 
949  /* in case we're going to be held-open-til-flushed, reset
950  * the number of seconds since last successful write, so
951  * we get our whole 15 seconds */
952  conn->timestamp_last_write_allowed = time(NULL);
953 }
954 
955 /** Find each connection that has hold_open_until_flushed set to
956  * 1 but hasn't written in the past 15 seconds, and set
957  * hold_open_until_flushed to 0. This means it will get cleaned
958  * up in the next loop through close_if_marked() in main.c.
959  */
960 void
962 {
963  time_t now;
965 
966  now = time(NULL);
967 
968  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
969  /* If we've been holding the connection open, but we haven't written
970  * for 15 seconds...
971  */
972  if (conn->hold_open_until_flushed) {
974  if (now - conn->timestamp_last_write_allowed >= 15) {
975  int severity;
976  if (conn->type == CONN_TYPE_EXIT ||
977  (conn->type == CONN_TYPE_DIR &&
978  conn->purpose == DIR_PURPOSE_SERVER))
979  severity = LOG_INFO;
980  else
981  severity = LOG_NOTICE;
982  log_fn(severity, LD_NET,
983  "Giving up on marked_for_close conn that's been flushing "
984  "for 15s (fd %d, type %s, state %s).",
985  (int)conn->s, conn_type_to_string(conn->type),
986  conn_state_to_string(conn->type, conn->state));
987  conn->hold_open_until_flushed = 0;
988  }
989  }
990  } SMARTLIST_FOREACH_END(conn);
991 }
992 
993 #if defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN)
994 /** Create an AF_UNIX listenaddr struct.
995  * <b>listenaddress</b> provides the path to the Unix socket.
996  *
997  * Eventually <b>listenaddress</b> will also optionally contain user, group,
998  * and file permissions for the new socket. But not yet. XXX
999  * Also, since we do not create the socket here the information doesn't help
1000  * here.
1001  *
1002  * If not NULL <b>readable_address</b> will contain a copy of the path part of
1003  * <b>listenaddress</b>.
1004  *
1005  * The listenaddr struct has to be freed by the caller.
1006  */
1007 static struct sockaddr_un *
1008 create_unix_sockaddr(const char *listenaddress, char **readable_address,
1009  socklen_t *len_out)
1010 {
1011  struct sockaddr_un *sockaddr = NULL;
1012 
1013  sockaddr = tor_malloc_zero(sizeof(struct sockaddr_un));
1014  sockaddr->sun_family = AF_UNIX;
1015  if (strlcpy(sockaddr->sun_path, listenaddress, sizeof(sockaddr->sun_path))
1016  >= sizeof(sockaddr->sun_path)) {
1017  log_warn(LD_CONFIG, "Unix socket path '%s' is too long to fit.",
1018  escaped(listenaddress));
1019  tor_free(sockaddr);
1020  return NULL;
1021  }
1022 
1023  if (readable_address)
1024  *readable_address = tor_strdup(listenaddress);
1025 
1026  *len_out = sizeof(struct sockaddr_un);
1027  return sockaddr;
1028 }
1029 #else /* !(defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN)) */
1030 static struct sockaddr *
1031 create_unix_sockaddr(const char *listenaddress, char **readable_address,
1032  socklen_t *len_out)
1033 {
1034  (void)listenaddress;
1035  (void)readable_address;
1037  "Unix domain sockets not supported, yet we tried to create one.");
1038  *len_out = 0;
1040  return NULL;
1041 }
1042 #endif /* defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN) */
1043 
1044 /** Warn that an accept or a connect has failed because we're running out of
1045  * TCP sockets we can use on current system. Rate-limit these warnings so
1046  * that we don't spam the log. */
1047 static void
1049 {
1050 #define WARN_TOO_MANY_CONNS_INTERVAL (6*60*60)
1051  static ratelim_t last_warned = RATELIM_INIT(WARN_TOO_MANY_CONNS_INTERVAL);
1052  char *m;
1053  if ((m = rate_limit_log(&last_warned, approx_time()))) {
1054  int n_conns = get_n_open_sockets();
1055  log_warn(LD_NET,"Failing because we have %d connections already. Please "
1056  "read doc/TUNING for guidance.%s", n_conns, m);
1057  tor_free(m);
1058  control_event_general_status(LOG_WARN, "TOO_MANY_CONNECTIONS CURRENT=%d",
1059  n_conns);
1060  }
1061 }
1062 
1063 #ifdef HAVE_SYS_UN_H
1064 
1065 #define UNIX_SOCKET_PURPOSE_CONTROL_SOCKET 0
1066 #define UNIX_SOCKET_PURPOSE_SOCKS_SOCKET 1
1067 
1068 /** Check if the purpose isn't one of the ones we know what to do with */
1069 
1070 static int
1071 is_valid_unix_socket_purpose(int purpose)
1072 {
1073  int valid = 0;
1074 
1075  switch (purpose) {
1076  case UNIX_SOCKET_PURPOSE_CONTROL_SOCKET:
1077  case UNIX_SOCKET_PURPOSE_SOCKS_SOCKET:
1078  valid = 1;
1079  break;
1080  }
1081 
1082  return valid;
1083 }
1084 
1085 /** Return a string description of a unix socket purpose */
1086 static const char *
1087 unix_socket_purpose_to_string(int purpose)
1088 {
1089  const char *s = "unknown-purpose socket";
1090 
1091  switch (purpose) {
1092  case UNIX_SOCKET_PURPOSE_CONTROL_SOCKET:
1093  s = "control socket";
1094  break;
1095  case UNIX_SOCKET_PURPOSE_SOCKS_SOCKET:
1096  s = "SOCKS socket";
1097  break;
1098  }
1099 
1100  return s;
1101 }
1102 
1103 /** Check whether we should be willing to open an AF_UNIX socket in
1104  * <b>path</b>. Return 0 if we should go ahead and -1 if we shouldn't. */
1105 static int
1106 check_location_for_unix_socket(const or_options_t *options, const char *path,
1107  int purpose, const port_cfg_t *port)
1108 {
1109  int r = -1;
1110  char *p = NULL;
1111 
1112  tor_assert(is_valid_unix_socket_purpose(purpose));
1113 
1114  p = tor_strdup(path);
1115  cpd_check_t flags = CPD_CHECK_MODE_ONLY;
1116  if (get_parent_directory(p)<0 || p[0] != '/') {
1117  log_warn(LD_GENERAL, "Bad unix socket address '%s'. Tor does not support "
1118  "relative paths for unix sockets.", path);
1119  goto done;
1120  }
1121 
1122  if (port->is_world_writable) {
1123  /* World-writable sockets can go anywhere. */
1124  r = 0;
1125  goto done;
1126  }
1127 
1128  if (port->is_group_writable) {
1129  flags |= CPD_GROUP_OK;
1130  }
1131 
1132  if (port->relax_dirmode_check) {
1133  flags |= CPD_RELAX_DIRMODE_CHECK;
1134  }
1135 
1136  if (check_private_dir(p, flags, options->User) < 0) {
1137  char *escpath, *escdir;
1138  escpath = esc_for_log(path);
1139  escdir = esc_for_log(p);
1140  log_warn(LD_GENERAL, "Before Tor can create a %s in %s, the directory "
1141  "%s needs to exist, and to be accessible only by the user%s "
1142  "account that is running Tor. (On some Unix systems, anybody "
1143  "who can list a socket can connect to it, so Tor is being "
1144  "careful.)",
1145  unix_socket_purpose_to_string(purpose), escpath, escdir,
1146  port->is_group_writable ? " and group" : "");
1147  tor_free(escpath);
1148  tor_free(escdir);
1149  goto done;
1150  }
1151 
1152  r = 0;
1153  done:
1154  tor_free(p);
1155  return r;
1156 }
1157 #endif /* defined(HAVE_SYS_UN_H) */
1158 
1159 /** Tell the TCP stack that it shouldn't wait for a long time after
1160  * <b>sock</b> has closed before reusing its port. Return 0 on success,
1161  * -1 on failure. */
1162 static int
1164 {
1165 #ifdef _WIN32
1166  (void) sock;
1167  return 0;
1168 #else
1169  int one=1;
1170 
1171  /* REUSEADDR on normal places means you can rebind to the port
1172  * right after somebody else has let it go. But REUSEADDR on win32
1173  * means you can bind to the port _even when somebody else
1174  * already has it bound_. So, don't do that on Win32. */
1175  if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void*) &one,
1176  (socklen_t)sizeof(one)) == -1) {
1177  return -1;
1178  }
1179  return 0;
1180 #endif /* defined(_WIN32) */
1181 }
1182 
1183 #ifdef _WIN32
1184 /** Tell the Windows TCP stack to prevent other applications from receiving
1185  * traffic from tor's open ports. Return 0 on success, -1 on failure. */
1186 static int
1187 make_win32_socket_exclusive(tor_socket_t sock)
1188 {
1189 #ifdef SO_EXCLUSIVEADDRUSE
1190  int one=1;
1191 
1192  /* Any socket that sets REUSEADDR on win32 can bind to a port _even when
1193  * somebody else already has it bound_, and _even if the original socket
1194  * didn't set REUSEADDR_. Use EXCLUSIVEADDRUSE to prevent this port-stealing
1195  * on win32. */
1196  if (setsockopt(sock, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, (void*) &one,
1197  (socklen_t)sizeof(one))) {
1198  return -1;
1199  }
1200  return 0;
1201 #else /* !defined(SO_EXCLUSIVEADDRUSE) */
1202  (void) sock;
1203  return 0;
1204 #endif /* defined(SO_EXCLUSIVEADDRUSE) */
1205 }
1206 #endif /* defined(_WIN32) */
1207 
1208 /** Max backlog to pass to listen. We start at */
1209 static int listen_limit = INT_MAX;
1210 
1211 /* Listen on <b>fd</b> with appropriate backlog. Return as for listen. */
1212 static int
1213 tor_listen(tor_socket_t fd)
1214 {
1215  int r;
1216 
1217  if ((r = listen(fd, listen_limit)) < 0) {
1218  if (listen_limit == SOMAXCONN)
1219  return r;
1220  if ((r = listen(fd, SOMAXCONN)) == 0) {
1221  listen_limit = SOMAXCONN;
1222  log_warn(LD_NET, "Setting listen backlog to INT_MAX connections "
1223  "didn't work, but SOMAXCONN did. Lowering backlog limit.");
1224  }
1225  }
1226  return r;
1227 }
1228 
1229 /** Bind a new non-blocking socket listening to the socket described
1230  * by <b>listensockaddr</b>.
1231  *
1232  * <b>address</b> is only used for logging purposes and to add the information
1233  * to the conn.
1234  *
1235  * Set <b>addr_in_use</b> to true in case socket binding fails with
1236  * EADDRINUSE.
1237  */
1238 static connection_t *
1239 connection_listener_new(const struct sockaddr *listensockaddr,
1240  socklen_t socklen,
1241  int type, const char *address,
1242  const port_cfg_t *port_cfg,
1243  int *addr_in_use)
1244 {
1245  listener_connection_t *lis_conn;
1246  connection_t *conn = NULL;
1247  tor_socket_t s = TOR_INVALID_SOCKET; /* the socket we're going to make */
1248  or_options_t const *options = get_options();
1249  (void) options; /* Windows doesn't use this. */
1250 #if defined(HAVE_PWD_H) && defined(HAVE_SYS_UN_H)
1251  const struct passwd *pw = NULL;
1252 #endif
1253  uint16_t usePort = 0, gotPort = 0;
1254  int start_reading = 0;
1255  static int global_next_session_group = SESSION_GROUP_FIRST_AUTO;
1256  tor_addr_t addr;
1257  int exhaustion = 0;
1258 
1259  if (addr_in_use)
1260  *addr_in_use = 0;
1261 
1262  if (listensockaddr->sa_family == AF_INET ||
1263  listensockaddr->sa_family == AF_INET6) {
1264  int is_stream = (type != CONN_TYPE_AP_DNS_LISTENER);
1265  if (is_stream)
1266  start_reading = 1;
1267 
1268  tor_addr_from_sockaddr(&addr, listensockaddr, &usePort);
1269  log_notice(LD_NET, "Opening %s on %s",
1270  conn_type_to_string(type), fmt_addrport(&addr, usePort));
1271 
1273  is_stream ? SOCK_STREAM : SOCK_DGRAM,
1274  is_stream ? IPPROTO_TCP: IPPROTO_UDP);
1275  if (!SOCKET_OK(s)) {
1276  int e = tor_socket_errno(s);
1277  if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1279  /*
1280  * We'll call the OOS handler at the error exit, so set the
1281  * exhaustion flag for it.
1282  */
1283  exhaustion = 1;
1284  } else {
1285  log_warn(LD_NET, "Socket creation failed: %s",
1286  tor_socket_strerror(e));
1287  }
1288  goto err;
1289  }
1290 
1291  if (make_socket_reuseable(s) < 0) {
1292  log_warn(LD_NET, "Error setting SO_REUSEADDR flag on %s: %s",
1293  conn_type_to_string(type),
1294  tor_socket_strerror(errno));
1295  }
1296 
1297 #ifdef _WIN32
1298  if (make_win32_socket_exclusive(s) < 0) {
1299  log_warn(LD_NET, "Error setting SO_EXCLUSIVEADDRUSE flag on %s: %s",
1300  conn_type_to_string(type),
1301  tor_socket_strerror(errno));
1302  }
1303 #endif /* defined(_WIN32) */
1304 
1305 #if defined(USE_TRANSPARENT) && defined(IP_TRANSPARENT)
1306  if (options->TransProxyType_parsed == TPT_TPROXY &&
1307  type == CONN_TYPE_AP_TRANS_LISTENER) {
1308  int one = 1;
1309  if (setsockopt(s, SOL_IP, IP_TRANSPARENT, (void*)&one,
1310  (socklen_t)sizeof(one)) < 0) {
1311  const char *extra = "";
1312  int e = tor_socket_errno(s);
1313  if (e == EPERM)
1314  extra = "TransTPROXY requires root privileges or similar"
1315  " capabilities.";
1316  log_warn(LD_NET, "Error setting IP_TRANSPARENT flag: %s.%s",
1317  tor_socket_strerror(e), extra);
1318  }
1319  }
1320 #endif /* defined(USE_TRANSPARENT) && defined(IP_TRANSPARENT) */
1321 
1322 #ifdef IPV6_V6ONLY
1323  if (listensockaddr->sa_family == AF_INET6) {
1324  int one = 1;
1325  /* We need to set IPV6_V6ONLY so that this socket can't get used for
1326  * IPv4 connections. */
1327  if (setsockopt(s,IPPROTO_IPV6, IPV6_V6ONLY,
1328  (void*)&one, (socklen_t)sizeof(one)) < 0) {
1329  int e = tor_socket_errno(s);
1330  log_warn(LD_NET, "Error setting IPV6_V6ONLY flag: %s",
1331  tor_socket_strerror(e));
1332  /* Keep going; probably not harmful. */
1333  }
1334  }
1335 #endif /* defined(IPV6_V6ONLY) */
1336 
1337  if (bind(s,listensockaddr,socklen) < 0) {
1338  const char *helpfulhint = "";
1339  int e = tor_socket_errno(s);
1340  if (ERRNO_IS_EADDRINUSE(e)) {
1341  helpfulhint = ". Is Tor already running?";
1342  if (addr_in_use)
1343  *addr_in_use = 1;
1344  }
1345  log_warn(LD_NET, "Could not bind to %s:%u: %s%s", address, usePort,
1346  tor_socket_strerror(e), helpfulhint);
1347  goto err;
1348  }
1349 
1350  if (is_stream) {
1351  if (tor_listen(s) < 0) {
1352  log_warn(LD_NET, "Could not listen on %s:%u: %s", address, usePort,
1353  tor_socket_strerror(tor_socket_errno(s)));
1354  goto err;
1355  }
1356  }
1357 
1358  if (usePort != 0) {
1359  gotPort = usePort;
1360  } else {
1361  tor_addr_t addr2;
1362  struct sockaddr_storage ss;
1363  socklen_t ss_len=sizeof(ss);
1364  if (getsockname(s, (struct sockaddr*)&ss, &ss_len)<0) {
1365  log_warn(LD_NET, "getsockname() couldn't learn address for %s: %s",
1366  conn_type_to_string(type),
1367  tor_socket_strerror(tor_socket_errno(s)));
1368  gotPort = 0;
1369  }
1370  tor_addr_from_sockaddr(&addr2, (struct sockaddr*)&ss, &gotPort);
1371  }
1372 #ifdef HAVE_SYS_UN_H
1373  /*
1374  * AF_UNIX generic setup stuff
1375  */
1376  } else if (listensockaddr->sa_family == AF_UNIX) {
1377  /* We want to start reading for both AF_UNIX cases */
1378  start_reading = 1;
1379 
1381 
1382  if (check_location_for_unix_socket(options, address,
1383  (type == CONN_TYPE_CONTROL_LISTENER) ?
1384  UNIX_SOCKET_PURPOSE_CONTROL_SOCKET :
1385  UNIX_SOCKET_PURPOSE_SOCKS_SOCKET, port_cfg) < 0) {
1386  goto err;
1387  }
1388 
1389  log_notice(LD_NET, "Opening %s on %s",
1390  conn_type_to_string(type), address);
1391 
1392  tor_addr_make_unspec(&addr);
1393 
1394  if (unlink(address) < 0 && errno != ENOENT) {
1395  log_warn(LD_NET, "Could not unlink %s: %s", address,
1396  strerror(errno));
1397  goto err;
1398  }
1399 
1400  s = tor_open_socket_nonblocking(AF_UNIX, SOCK_STREAM, 0);
1401  if (! SOCKET_OK(s)) {
1402  int e = tor_socket_errno(s);
1403  if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1405  /*
1406  * We'll call the OOS handler at the error exit, so set the
1407  * exhaustion flag for it.
1408  */
1409  exhaustion = 1;
1410  } else {
1411  log_warn(LD_NET,"Socket creation failed: %s.", strerror(e));
1412  }
1413  goto err;
1414  }
1415 
1416  if (bind(s, listensockaddr,
1417  (socklen_t)sizeof(struct sockaddr_un)) == -1) {
1418  log_warn(LD_NET,"Bind to %s failed: %s.", address,
1419  tor_socket_strerror(tor_socket_errno(s)));
1420  goto err;
1421  }
1422 
1423 #ifdef HAVE_PWD_H
1424  if (options->User) {
1425  pw = tor_getpwnam(options->User);
1426  struct stat st;
1427  if (pw == NULL) {
1428  log_warn(LD_NET,"Unable to chown() %s socket: user %s not found.",
1429  address, options->User);
1430  goto err;
1431  } else if (fstat(s, &st) == 0 &&
1432  st.st_uid == pw->pw_uid && st.st_gid == pw->pw_gid) {
1433  /* No change needed */
1434  } else if (chown(sandbox_intern_string(address),
1435  pw->pw_uid, pw->pw_gid) < 0) {
1436  log_warn(LD_NET,"Unable to chown() %s socket: %s.",
1437  address, strerror(errno));
1438  goto err;
1439  }
1440  }
1441 #endif /* defined(HAVE_PWD_H) */
1442 
1443  {
1444  unsigned mode;
1445  const char *status;
1446  struct stat st;
1447  if (port_cfg->is_world_writable) {
1448  mode = 0666;
1449  status = "world-writable";
1450  } else if (port_cfg->is_group_writable) {
1451  mode = 0660;
1452  status = "group-writable";
1453  } else {
1454  mode = 0600;
1455  status = "private";
1456  }
1457  /* We need to use chmod; fchmod doesn't work on sockets on all
1458  * platforms. */
1459  if (fstat(s, &st) == 0 && (st.st_mode & 0777) == mode) {
1460  /* no change needed */
1461  } else if (chmod(sandbox_intern_string(address), mode) < 0) {
1462  log_warn(LD_FS,"Unable to make %s %s.", address, status);
1463  goto err;
1464  }
1465  }
1466 
1467  if (listen(s, SOMAXCONN) < 0) {
1468  log_warn(LD_NET, "Could not listen on %s: %s", address,
1469  tor_socket_strerror(tor_socket_errno(s)));
1470  goto err;
1471  }
1472 
1473 #ifndef __APPLE__
1474  /* This code was introduced to help debug #28229. */
1475  int value;
1476  socklen_t len = sizeof(value);
1477 
1478  if (!getsockopt(s, SOL_SOCKET, SO_ACCEPTCONN, &value, &len)) {
1479  if (value == 0) {
1480  log_err(LD_NET, "Could not listen on %s - "
1481  "getsockopt(.,SO_ACCEPTCONN,.) yields 0.", address);
1482  goto err;
1483  }
1484  }
1485 #endif /* !defined(__APPLE__) */
1486 #endif /* defined(HAVE_SYS_UN_H) */
1487  } else {
1488  log_err(LD_BUG, "Got unexpected address family %d.",
1489  listensockaddr->sa_family);
1490  tor_assert(0);
1491  }
1492 
1493  lis_conn = listener_connection_new(type, listensockaddr->sa_family);
1494  conn = TO_CONN(lis_conn);
1495  conn->socket_family = listensockaddr->sa_family;
1496  conn->s = s;
1497  s = TOR_INVALID_SOCKET; /* Prevent double-close */
1498  conn->address = tor_strdup(address);
1499  conn->port = gotPort;
1500  tor_addr_copy(&conn->addr, &addr);
1501 
1502  memcpy(&lis_conn->entry_cfg, &port_cfg->entry_cfg, sizeof(entry_port_cfg_t));
1503 
1504  if (port_cfg->entry_cfg.isolation_flags) {
1505  lis_conn->entry_cfg.isolation_flags = port_cfg->entry_cfg.isolation_flags;
1506  if (port_cfg->entry_cfg.session_group >= 0) {
1507  lis_conn->entry_cfg.session_group = port_cfg->entry_cfg.session_group;
1508  } else {
1509  /* This can wrap after around INT_MAX listeners are opened. But I don't
1510  * believe that matters, since you would need to open a ridiculous
1511  * number of listeners while keeping the early ones open before you ever
1512  * hit this. An OR with a dozen ports open, for example, would have to
1513  * close and re-open its listeners every second for 4 years nonstop.
1514  */
1515  lis_conn->entry_cfg.session_group = global_next_session_group--;
1516  }
1517  }
1518 
1519  if (type != CONN_TYPE_AP_LISTENER) {
1520  lis_conn->entry_cfg.ipv4_traffic = 1;
1521  lis_conn->entry_cfg.ipv6_traffic = 1;
1522  lis_conn->entry_cfg.prefer_ipv6 = 0;
1523  }
1524 
1525  if (connection_add(conn) < 0) { /* no space, forget it */
1526  log_warn(LD_NET,"connection_add for listener failed. Giving up.");
1527  goto err;
1528  }
1529 
1530  log_fn(usePort==gotPort ? LOG_DEBUG : LOG_NOTICE, LD_NET,
1531  "%s listening on port %u.",
1532  conn_type_to_string(type), gotPort);
1533 
1534  conn->state = LISTENER_STATE_READY;
1535  if (start_reading) {
1537  } else {
1540  }
1541 
1542  /*
1543  * Normal exit; call the OOS handler since connection count just changed;
1544  * the exhaustion flag will always be zero here though.
1545  */
1547 
1548  if (conn->socket_family == AF_UNIX) {
1549  log_notice(LD_NET, "Opened %s on %s",
1550  conn_type_to_string(type), conn->address);
1551  } else {
1552  log_notice(LD_NET, "Opened %s on %s",
1553  conn_type_to_string(type), fmt_addrport(&addr, gotPort));
1554  }
1555  return conn;
1556 
1557  err:
1558  if (SOCKET_OK(s))
1559  tor_close_socket(s);
1560  if (conn)
1561  connection_free(conn);
1562 
1563  /* Call the OOS handler, indicate if we saw an exhaustion-related error */
1565 
1566  return NULL;
1567 }
1568 
1569 /**
1570  * Create a new listener connection for a given <b>port</b>. In case we
1571  * for a reason that is not an error condition, set <b>defer</b>
1572  * to true. If we cannot bind listening socket because address is already
1573  * in use, set <b>addr_in_use</b> to true.
1574  */
1575 static connection_t *
1577  int *defer, int *addr_in_use)
1578 {
1579  connection_t *conn;
1580  struct sockaddr *listensockaddr;
1581  socklen_t listensocklen = 0;
1582  char *address=NULL;
1583  int real_port = port->port == CFG_AUTO_PORT ? 0 : port->port;
1584  tor_assert(real_port <= UINT16_MAX);
1585 
1586  if (defer)
1587  *defer = 0;
1588 
1589  if (port->server_cfg.no_listen) {
1590  if (defer)
1591  *defer = 1;
1592  return NULL;
1593  }
1594 
1595 #ifndef _WIN32
1596  /* We don't need to be root to create a UNIX socket, so defer until after
1597  * setuid. */
1598  const or_options_t *options = get_options();
1599  if (port->is_unix_addr && !geteuid() && (options->User) &&
1600  strcmp(options->User, "root")) {
1601  if (defer)
1602  *defer = 1;
1603  return NULL;
1604  }
1605 #endif /* !defined(_WIN32) */
1606 
1607  if (port->is_unix_addr) {
1608  listensockaddr = (struct sockaddr *)
1609  create_unix_sockaddr(port->unix_addr,
1610  &address, &listensocklen);
1611  } else {
1612  listensockaddr = tor_malloc(sizeof(struct sockaddr_storage));
1613  listensocklen = tor_addr_to_sockaddr(&port->addr,
1614  real_port,
1615  listensockaddr,
1616  sizeof(struct sockaddr_storage));
1617  address = tor_addr_to_str_dup(&port->addr);
1618  }
1619 
1620  if (listensockaddr) {
1621  conn = connection_listener_new(listensockaddr, listensocklen,
1622  port->type, address, port,
1623  addr_in_use);
1624  tor_free(listensockaddr);
1625  tor_free(address);
1626  } else {
1627  conn = NULL;
1628  }
1629 
1630  return conn;
1631 }
1632 
1633 /** Do basic sanity checking on a newly received socket. Return 0
1634  * if it looks ok, else return -1.
1635  *
1636  * Notably, some TCP stacks can erroneously have accept() return successfully
1637  * with socklen 0, when the client sends an RST before the accept call (as
1638  * nmap does). We want to detect that, and not go on with the connection.
1639  */
1640 static int
1641 check_sockaddr(const struct sockaddr *sa, int len, int level)
1642 {
1643  int ok = 1;
1644 
1645  if (sa->sa_family == AF_INET) {
1646  struct sockaddr_in *sin=(struct sockaddr_in*)sa;
1647  if (len != sizeof(struct sockaddr_in)) {
1648  log_fn(level, LD_NET, "Length of address not as expected: %d vs %d",
1649  len,(int)sizeof(struct sockaddr_in));
1650  ok = 0;
1651  }
1652  if (sin->sin_addr.s_addr == 0 || sin->sin_port == 0) {
1653  log_fn(level, LD_NET,
1654  "Address for new connection has address/port equal to zero.");
1655  ok = 0;
1656  }
1657  } else if (sa->sa_family == AF_INET6) {
1658  struct sockaddr_in6 *sin6=(struct sockaddr_in6*)sa;
1659  if (len != sizeof(struct sockaddr_in6)) {
1660  log_fn(level, LD_NET, "Length of address not as expected: %d vs %d",
1661  len,(int)sizeof(struct sockaddr_in6));
1662  ok = 0;
1663  }
1664  if (fast_mem_is_zero((void*)sin6->sin6_addr.s6_addr, 16) ||
1665  sin6->sin6_port == 0) {
1666  log_fn(level, LD_NET,
1667  "Address for new connection has address/port equal to zero.");
1668  ok = 0;
1669  }
1670  } else if (sa->sa_family == AF_UNIX) {
1671  ok = 1;
1672  } else {
1673  ok = 0;
1674  }
1675  return ok ? 0 : -1;
1676 }
1677 
1678 /** Check whether the socket family from an accepted socket <b>got</b> is the
1679  * same as the one that <b>listener</b> is waiting for. If it isn't, log
1680  * a useful message and return -1. Else return 0.
1681  *
1682  * This is annoying, but can apparently happen on some Darwins. */
1683 static int
1685 {
1686  if (got != listener->socket_family) {
1687  log_info(LD_BUG, "A listener connection returned a socket with a "
1688  "mismatched family. %s for addr_family %d gave us a socket "
1689  "with address family %d. Dropping.",
1690  conn_type_to_string(listener->type),
1691  (int)listener->socket_family,
1692  (int)got);
1693  return -1;
1694  }
1695  return 0;
1696 }
1697 
1698 /** The listener connection <b>conn</b> told poll() it wanted to read.
1699  * Call accept() on conn->s, and add the new connection if necessary.
1700  */
1701 static int
1703 {
1704  tor_socket_t news; /* the new socket */
1705  connection_t *newconn = 0;
1706  /* information about the remote peer when connecting to other routers */
1707  struct sockaddr_storage addrbuf;
1708  struct sockaddr *remote = (struct sockaddr*)&addrbuf;
1709  /* length of the remote address. Must be whatever accept() needs. */
1710  socklen_t remotelen = (socklen_t)sizeof(addrbuf);
1711  const or_options_t *options = get_options();
1712 
1713  tor_assert((size_t)remotelen >= sizeof(struct sockaddr_in));
1714  memset(&addrbuf, 0, sizeof(addrbuf));
1715 
1716  news = tor_accept_socket_nonblocking(conn->s,remote,&remotelen);
1717  if (!SOCKET_OK(news)) { /* accept() error */
1718  int e = tor_socket_errno(conn->s);
1719  if (ERRNO_IS_ACCEPT_EAGAIN(e)) {
1720  /*
1721  * they hung up before we could accept(). that's fine.
1722  *
1723  * give the OOS handler a chance to run though
1724  */
1726  return 0;
1727  } else if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1729  /* Exhaustion; tell the OOS handler */
1731  return 0;
1732  }
1733  /* else there was a real error. */
1734  log_warn(LD_NET,"accept() failed: %s. Closing listener.",
1735  tor_socket_strerror(e));
1736  connection_mark_for_close(conn);
1737  /* Tell the OOS handler about this too */
1739  return -1;
1740  }
1741  log_debug(LD_NET,
1742  "Connection accepted on socket %d (child of fd %d).",
1743  (int)news,(int)conn->s);
1744 
1745  /* We accepted a new conn; run OOS handler */
1747 
1748  if (make_socket_reuseable(news) < 0) {
1749  if (tor_socket_errno(news) == EINVAL) {
1750  /* This can happen on OSX if we get a badly timed shutdown. */
1751  log_debug(LD_NET, "make_socket_reuseable returned EINVAL");
1752  } else {
1753  log_warn(LD_NET, "Error setting SO_REUSEADDR flag on %s: %s",
1754  conn_type_to_string(new_type),
1755  tor_socket_strerror(errno));
1756  }
1757  tor_close_socket(news);
1758  return 0;
1759  }
1760 
1761  if (options->ConstrainedSockets)
1763 
1764  if (check_sockaddr_family_match(remote->sa_family, conn) < 0) {
1765  tor_close_socket(news);
1766  return 0;
1767  }
1768 
1769  if (conn->socket_family == AF_INET || conn->socket_family == AF_INET6 ||
1770  (conn->socket_family == AF_UNIX && new_type == CONN_TYPE_AP)) {
1771  tor_addr_t addr;
1772  uint16_t port;
1773  if (check_sockaddr(remote, remotelen, LOG_INFO)<0) {
1774  log_info(LD_NET,
1775  "accept() returned a strange address; closing connection.");
1776  tor_close_socket(news);
1777  return 0;
1778  }
1779 
1780  tor_addr_from_sockaddr(&addr, remote, &port);
1781 
1782  /* process entrance policies here, before we even create the connection */
1783  if (new_type == CONN_TYPE_AP) {
1784  /* check sockspolicy to see if we should accept it */
1785  if (socks_policy_permits_address(&addr) == 0) {
1786  log_notice(LD_APP,
1787  "Denying socks connection from untrusted address %s.",
1788  fmt_and_decorate_addr(&addr));
1789  tor_close_socket(news);
1790  return 0;
1791  }
1792  }
1793  if (new_type == CONN_TYPE_DIR) {
1794  /* check dirpolicy to see if we should accept it */
1795  if (dir_policy_permits_address(&addr) == 0) {
1796  log_notice(LD_DIRSERV,"Denying dir connection from address %s.",
1797  fmt_and_decorate_addr(&addr));
1798  tor_close_socket(news);
1799  return 0;
1800  }
1801  }
1802  if (new_type == CONN_TYPE_OR) {
1803  /* Assess with the connection DoS mitigation subsystem if this address
1804  * can open a new connection. */
1805  if (dos_conn_addr_get_defense_type(&addr) == DOS_CONN_DEFENSE_CLOSE) {
1806  tor_close_socket(news);
1807  return 0;
1808  }
1809  }
1810 
1811  newconn = connection_new(new_type, conn->socket_family);
1812  newconn->s = news;
1813 
1814  /* remember the remote address */
1815  tor_addr_copy(&newconn->addr, &addr);
1816  if (new_type == CONN_TYPE_AP && conn->socket_family == AF_UNIX) {
1817  newconn->port = 0;
1818  newconn->address = tor_strdup(conn->address);
1819  } else {
1820  newconn->port = port;
1821  newconn->address = tor_addr_to_str_dup(&addr);
1822  }
1823 
1824  if (new_type == CONN_TYPE_AP && conn->socket_family != AF_UNIX) {
1825  log_info(LD_NET, "New SOCKS connection opened from %s.",
1826  fmt_and_decorate_addr(&addr));
1827  }
1828  if (new_type == CONN_TYPE_AP && conn->socket_family == AF_UNIX) {
1829  log_info(LD_NET, "New SOCKS AF_UNIX connection opened");
1830  }
1831  if (new_type == CONN_TYPE_CONTROL) {
1832  log_notice(LD_CONTROL, "New control connection opened from %s.",
1833  fmt_and_decorate_addr(&addr));
1834  }
1835 
1836  } else if (conn->socket_family == AF_UNIX && conn->type != CONN_TYPE_AP) {
1838  tor_assert(new_type == CONN_TYPE_CONTROL);
1839  log_notice(LD_CONTROL, "New control connection opened.");
1840 
1841  newconn = connection_new(new_type, conn->socket_family);
1842  newconn->s = news;
1843 
1844  /* remember the remote address -- do we have anything sane to put here? */
1845  tor_addr_make_unspec(&newconn->addr);
1846  newconn->port = 1;
1847  newconn->address = tor_strdup(conn->address);
1848  } else {
1849  tor_assert(0);
1850  };
1851 
1852  if (connection_add(newconn) < 0) { /* no space, forget it */
1853  connection_free(newconn);
1854  return 0; /* no need to tear down the parent */
1855  }
1856 
1857  if (connection_init_accepted_conn(newconn, TO_LISTENER_CONN(conn)) < 0) {
1858  if (! newconn->marked_for_close)
1859  connection_mark_for_close(newconn);
1860  return 0;
1861  }
1862  return 0;
1863 }
1864 
1865 /** Initialize states for newly accepted connection <b>conn</b>.
1866  *
1867  * If conn is an OR, start the TLS handshake.
1868  *
1869  * If conn is a transparent AP, get its original destination
1870  * and place it in circuit_wait.
1871  *
1872  * The <b>listener</b> parameter is only used for AP connections.
1873  */
1874 int
1876  const listener_connection_t *listener)
1877 {
1878  int rv;
1879 
1881 
1882  switch (conn->type) {
1883  case CONN_TYPE_EXT_OR:
1884  /* Initiate Extended ORPort authentication. */
1886  case CONN_TYPE_OR:
1887  connection_or_event_status(TO_OR_CONN(conn), OR_CONN_EVENT_NEW, 0);
1889  if (rv < 0) {
1891  }
1892  return rv;
1893  break;
1894  case CONN_TYPE_AP:
1895  memcpy(&TO_ENTRY_CONN(conn)->entry_cfg, &listener->entry_cfg,
1896  sizeof(entry_port_cfg_t));
1897  TO_ENTRY_CONN(conn)->nym_epoch = get_signewnym_epoch();
1898  TO_ENTRY_CONN(conn)->socks_request->listener_type = listener->base_.type;
1899 
1900  /* Any incoming connection on an entry port counts as user activity. */
1902 
1903  switch (TO_CONN(listener)->type) {
1904  case CONN_TYPE_AP_LISTENER:
1906  TO_ENTRY_CONN(conn)->socks_request->socks_prefer_no_auth =
1907  listener->entry_cfg.socks_prefer_no_auth;
1908  break;
1910  TO_ENTRY_CONN(conn)->is_transparent_ap = 1;
1911  /* XXXX028 -- is this correct still, with the addition of
1912  * pending_entry_connections ? */
1914  return connection_ap_process_transparent(TO_ENTRY_CONN(conn));
1916  TO_ENTRY_CONN(conn)->is_transparent_ap = 1;
1918  break;
1921  }
1922  break;
1923  case CONN_TYPE_DIR:
1924  conn->purpose = DIR_PURPOSE_SERVER;
1926  break;
1927  case CONN_TYPE_CONTROL:
1929  break;
1930  }
1931  return 0;
1932 }
1933 
1934 /** Take conn, make a nonblocking socket; try to connect to
1935  * sa, binding to bindaddr if sa is not localhost. If fail, return -1 and if
1936  * applicable put your best guess about errno into *<b>socket_error</b>.
1937  * If connected return 1, if EAGAIN return 0.
1938  */
1939 MOCK_IMPL(STATIC int,
1941  const struct sockaddr *sa,
1942  socklen_t sa_len,
1943  const struct sockaddr *bindaddr,
1944  socklen_t bindaddr_len,
1945  int *socket_error))
1946 {
1947  tor_socket_t s;
1948  int inprogress = 0;
1949  const or_options_t *options = get_options();
1950 
1951  tor_assert(conn);
1952  tor_assert(sa);
1953  tor_assert(socket_error);
1954 
1956  /* We should never even try to connect anyplace if the network is
1957  * completely shut off.
1958  *
1959  * (We don't check net_is_disabled() here, since we still sometimes
1960  * want to open connections when we're in soft hibernation.)
1961  */
1962  static ratelim_t disablenet_violated = RATELIM_INIT(30*60);
1963  *socket_error = SOCK_ERRNO(ENETUNREACH);
1964  log_fn_ratelim(&disablenet_violated, LOG_WARN, LD_BUG,
1965  "Tried to open a socket with DisableNetwork set.");
1967  return -1;
1968  }
1969 
1970  const int protocol_family = sa->sa_family;
1971  const int proto = (sa->sa_family == AF_INET6 ||
1972  sa->sa_family == AF_INET) ? IPPROTO_TCP : 0;
1973 
1974  s = tor_open_socket_nonblocking(protocol_family, SOCK_STREAM, proto);
1975  if (! SOCKET_OK(s)) {
1976  /*
1977  * Early OOS handler calls; it matters if it's an exhaustion-related
1978  * error or not.
1979  */
1980  *socket_error = tor_socket_errno(s);
1981  if (ERRNO_IS_RESOURCE_LIMIT(*socket_error)) {
1984  } else {
1985  log_warn(LD_NET,"Error creating network socket: %s",
1986  tor_socket_strerror(*socket_error));
1988  }
1989  return -1;
1990  }
1991 
1992  if (make_socket_reuseable(s) < 0) {
1993  log_warn(LD_NET, "Error setting SO_REUSEADDR flag on new connection: %s",
1994  tor_socket_strerror(errno));
1995  }
1996 
1997  /*
1998  * We've got the socket open; give the OOS handler a chance to check
1999  * against configured maximum socket number, but tell it no exhaustion
2000  * failure.
2001  */
2003 
2004  if (bindaddr && bind(s, bindaddr, bindaddr_len) < 0) {
2005  *socket_error = tor_socket_errno(s);
2006  log_warn(LD_NET,"Error binding network socket: %s",
2007  tor_socket_strerror(*socket_error));
2008  tor_close_socket(s);
2009  return -1;
2010  }
2011 
2012  tor_assert(options);
2013  if (options->ConstrainedSockets)
2015 
2016  if (connect(s, sa, sa_len) < 0) {
2017  int e = tor_socket_errno(s);
2018  if (!ERRNO_IS_CONN_EINPROGRESS(e)) {
2019  /* yuck. kill it. */
2020  *socket_error = e;
2021  log_info(LD_NET,
2022  "connect() to socket failed: %s",
2023  tor_socket_strerror(e));
2024  tor_close_socket(s);
2025  return -1;
2026  } else {
2027  inprogress = 1;
2028  }
2029  }
2030 
2031  /* it succeeded. we're connected. */
2032  log_fn(inprogress ? LOG_DEBUG : LOG_INFO, LD_NET,
2033  "Connection to socket %s (sock "TOR_SOCKET_T_FORMAT").",
2034  inprogress ? "in progress" : "established", s);
2035  conn->s = s;
2036  if (connection_add_connecting(conn) < 0) {
2037  /* no space, forget it */
2038  *socket_error = SOCK_ERRNO(ENOBUFS);
2039  return -1;
2040  }
2041 
2042  return inprogress ? 0 : 1;
2043 }
2044 
2045 /* Log a message if connection attempt is made when IPv4 or IPv6 is disabled.
2046  * Log a less severe message if we couldn't conform to ClientPreferIPv6ORPort
2047  * or ClientPreferIPv6ORPort. */
2048 static void
2049 connection_connect_log_client_use_ip_version(const connection_t *conn)
2050 {
2051  const or_options_t *options = get_options();
2052 
2053  /* Only clients care about ClientUseIPv4/6, bail out early on servers, and
2054  * on connections we don't care about */
2055  if (server_mode(options) || !conn || conn->type == CONN_TYPE_EXIT) {
2056  return;
2057  }
2058 
2059  /* We're only prepared to log OR and DIR connections here */
2060  if (conn->type != CONN_TYPE_OR && conn->type != CONN_TYPE_DIR) {
2061  return;
2062  }
2063 
2064  const int must_ipv4 = !fascist_firewall_use_ipv6(options);
2065  const int must_ipv6 = (options->ClientUseIPv4 == 0);
2066  const int pref_ipv6 = (conn->type == CONN_TYPE_OR
2069  tor_addr_t real_addr;
2070  tor_addr_make_null(&real_addr, AF_UNSPEC);
2071 
2072  /* OR conns keep the original address in real_addr, as addr gets overwritten
2073  * with the descriptor address */
2074  if (conn->type == CONN_TYPE_OR) {
2075  const or_connection_t *or_conn = TO_OR_CONN((connection_t *)conn);
2076  tor_addr_copy(&real_addr, &or_conn->real_addr);
2077  } else if (conn->type == CONN_TYPE_DIR) {
2078  tor_addr_copy(&real_addr, &conn->addr);
2079  }
2080 
2081  /* Check if we broke a mandatory address family restriction */
2082  if ((must_ipv4 && tor_addr_family(&real_addr) == AF_INET6)
2083  || (must_ipv6 && tor_addr_family(&real_addr) == AF_INET)) {
2084  static int logged_backtrace = 0;
2085  log_info(LD_BUG, "Outgoing %s connection to %s violated ClientUseIPv%s 0.",
2086  conn->type == CONN_TYPE_OR ? "OR" : "Dir",
2087  fmt_addr(&real_addr),
2088  options->ClientUseIPv4 == 0 ? "4" : "6");
2089  if (!logged_backtrace) {
2090  log_backtrace(LOG_INFO, LD_BUG, "Address came from");
2091  logged_backtrace = 1;
2092  }
2093  }
2094 
2095  /* Bridges are allowed to break IPv4/IPv6 ORPort preferences to connect to
2096  * the node's configured address when ClientPreferIPv6ORPort is auto */
2097  if (options->UseBridges && conn->type == CONN_TYPE_OR
2098  && options->ClientPreferIPv6ORPort == -1) {
2099  return;
2100  }
2101 
2102  if (fascist_firewall_use_ipv6(options)) {
2103  log_info(LD_NET, "Our outgoing connection is using IPv%d.",
2104  tor_addr_family(&real_addr) == AF_INET6 ? 6 : 4);
2105  }
2106 
2107  /* Check if we couldn't satisfy an address family preference */
2108  if ((!pref_ipv6 && tor_addr_family(&real_addr) == AF_INET6)
2109  || (pref_ipv6 && tor_addr_family(&real_addr) == AF_INET)) {
2110  log_info(LD_NET, "Outgoing connection to %s doesn't satisfy "
2111  "ClientPreferIPv6%sPort %d, with ClientUseIPv4 %d, and "
2112  "fascist_firewall_use_ipv6 %d (ClientUseIPv6 %d and UseBridges "
2113  "%d).",
2114  fmt_addr(&real_addr),
2115  conn->type == CONN_TYPE_OR ? "OR" : "Dir",
2116  conn->type == CONN_TYPE_OR ? options->ClientPreferIPv6ORPort
2117  : options->ClientPreferIPv6DirPort,
2118  options->ClientUseIPv4, fascist_firewall_use_ipv6(options),
2119  options->ClientUseIPv6, options->UseBridges);
2120  }
2121 }
2122 
2123 /** Retrieve the outbound address depending on the protocol (IPv4 or IPv6)
2124  * and the connection type (relay, exit, ...)
2125  * Return a socket address or NULL in case nothing is configured.
2126  **/
2127 const tor_addr_t *
2129  const or_options_t *options, unsigned int conn_type)
2130 {
2131  const tor_addr_t *ext_addr = NULL;
2132 
2133  int fam_index;
2134  switch (family) {
2135  case AF_INET:
2136  fam_index = 0;
2137  break;
2138  case AF_INET6:
2139  fam_index = 1;
2140  break;
2141  default:
2142  return NULL;
2143  }
2144 
2145  // If an exit connection, use the exit address (if present)
2146  if (conn_type == CONN_TYPE_EXIT) {
2147  if (!tor_addr_is_null(
2148  &options->OutboundBindAddresses[OUTBOUND_ADDR_EXIT][fam_index])) {
2149  ext_addr = &options->OutboundBindAddresses[OUTBOUND_ADDR_EXIT]
2150  [fam_index];
2151  } else if (!tor_addr_is_null(
2152  &options->OutboundBindAddresses[OUTBOUND_ADDR_EXIT_AND_OR]
2153  [fam_index])) {
2154  ext_addr = &options->OutboundBindAddresses[OUTBOUND_ADDR_EXIT_AND_OR]
2155  [fam_index];
2156  }
2157  } else { // All non-exit connections
2158  if (!tor_addr_is_null(
2159  &options->OutboundBindAddresses[OUTBOUND_ADDR_OR][fam_index])) {
2160  ext_addr = &options->OutboundBindAddresses[OUTBOUND_ADDR_OR]
2161  [fam_index];
2162  } else if (!tor_addr_is_null(
2163  &options->OutboundBindAddresses[OUTBOUND_ADDR_EXIT_AND_OR]
2164  [fam_index])) {
2165  ext_addr = &options->OutboundBindAddresses[OUTBOUND_ADDR_EXIT_AND_OR]
2166  [fam_index];
2167  }
2168  }
2169  return ext_addr;
2170 }
2171 
2172 /** Take conn, make a nonblocking socket; try to connect to
2173  * addr:port (port arrives in *host order*). If fail, return -1 and if
2174  * applicable put your best guess about errno into *<b>socket_error</b>.
2175  * Else assign s to conn->s: if connected return 1, if EAGAIN return 0.
2176  *
2177  * addr:port can be different to conn->addr:conn->port if connecting through
2178  * a proxy.
2179  *
2180  * address is used to make the logs useful.
2181  *
2182  * On success, add conn to the list of polled connections.
2183  */
2184 int
2185 connection_connect(connection_t *conn, const char *address,
2186  const tor_addr_t *addr, uint16_t port, int *socket_error)
2187 {
2188  struct sockaddr_storage addrbuf;
2189  struct sockaddr_storage bind_addr_ss;
2190  struct sockaddr *bind_addr = NULL;
2191  struct sockaddr *dest_addr;
2192  int dest_addr_len, bind_addr_len = 0;
2193 
2194  /* Log if we didn't stick to ClientUseIPv4/6 or ClientPreferIPv6OR/DirPort
2195  */
2196  connection_connect_log_client_use_ip_version(conn);
2197 
2198  if (!tor_addr_is_loopback(addr)) {
2199  const tor_addr_t *ext_addr = NULL;
2201  conn->type);
2202  if (ext_addr) {
2203  memset(&bind_addr_ss, 0, sizeof(bind_addr_ss));
2204  bind_addr_len = tor_addr_to_sockaddr(ext_addr, 0,
2205  (struct sockaddr *) &bind_addr_ss,
2206  sizeof(bind_addr_ss));
2207  if (bind_addr_len == 0) {
2208  log_warn(LD_NET,
2209  "Error converting OutboundBindAddress %s into sockaddr. "
2210  "Ignoring.", fmt_and_decorate_addr(ext_addr));
2211  } else {
2212  bind_addr = (struct sockaddr *)&bind_addr_ss;
2213  }
2214  }
2215  }
2216 
2217  memset(&addrbuf,0,sizeof(addrbuf));
2218  dest_addr = (struct sockaddr*) &addrbuf;
2219  dest_addr_len = tor_addr_to_sockaddr(addr, port, dest_addr, sizeof(addrbuf));
2220  tor_assert(dest_addr_len > 0);
2221 
2222  log_debug(LD_NET, "Connecting to %s:%u.",
2223  escaped_safe_str_client(address), port);
2224 
2225  return connection_connect_sockaddr(conn, dest_addr, dest_addr_len,
2226  bind_addr, bind_addr_len, socket_error);
2227 }
2228 
2229 #ifdef HAVE_SYS_UN_H
2230 
2231 /** Take conn, make a nonblocking socket; try to connect to
2232  * an AF_UNIX socket at socket_path. If fail, return -1 and if applicable
2233  * put your best guess about errno into *<b>socket_error</b>. Else assign s
2234  * to conn->s: if connected return 1, if EAGAIN return 0.
2235  *
2236  * On success, add conn to the list of polled connections.
2237  */
2238 int
2239 connection_connect_unix(connection_t *conn, const char *socket_path,
2240  int *socket_error)
2241 {
2242  struct sockaddr_un dest_addr;
2243 
2244  tor_assert(socket_path);
2245 
2246  /* Check that we'll be able to fit it into dest_addr later */
2247  if (strlen(socket_path) + 1 > sizeof(dest_addr.sun_path)) {
2248  log_warn(LD_NET,
2249  "Path %s is too long for an AF_UNIX socket\n",
2250  escaped_safe_str_client(socket_path));
2251  *socket_error = SOCK_ERRNO(ENAMETOOLONG);
2252  return -1;
2253  }
2254 
2255  memset(&dest_addr, 0, sizeof(dest_addr));
2256  dest_addr.sun_family = AF_UNIX;
2257  strlcpy(dest_addr.sun_path, socket_path, sizeof(dest_addr.sun_path));
2258 
2259  log_debug(LD_NET,
2260  "Connecting to AF_UNIX socket at %s.",
2261  escaped_safe_str_client(socket_path));
2262 
2263  return connection_connect_sockaddr(conn,
2264  (struct sockaddr *)&dest_addr, sizeof(dest_addr),
2265  NULL, 0, socket_error);
2266 }
2267 
2268 #endif /* defined(HAVE_SYS_UN_H) */
2269 
2270 /** Convert state number to string representation for logging purposes.
2271  */
2272 static const char *
2274 {
2275  static const char *unknown = "???";
2276  static const char *states[] = {
2277  "PROXY_NONE",
2278  "PROXY_INFANT",
2279  "PROXY_HTTPS_WANT_CONNECT_OK",
2280  "PROXY_SOCKS4_WANT_CONNECT_OK",
2281  "PROXY_SOCKS5_WANT_AUTH_METHOD_NONE",
2282  "PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929",
2283  "PROXY_SOCKS5_WANT_AUTH_RFC1929_OK",
2284  "PROXY_SOCKS5_WANT_CONNECT_OK",
2285  "PROXY_CONNECTED",
2286  };
2287 
2288  if (state < PROXY_NONE || state > PROXY_CONNECTED)
2289  return unknown;
2290 
2291  return states[state];
2292 }
2293 
2294 /** Returns the proxy type used by tor for a single connection, for
2295  * logging or high-level purposes. Don't use it to fill the
2296  * <b>proxy_type</b> field of or_connection_t; use the actual proxy
2297  * protocol instead.*/
2298 static int
2300 {
2301  const or_options_t *options = get_options();
2302 
2303  if (options->ClientTransportPlugin) {
2304  /* If we have plugins configured *and* this addr/port is a known bridge
2305  * with a transport, then we should be PROXY_PLUGGABLE. */
2306  const transport_t *transport = NULL;
2307  int r;
2308  r = get_transport_by_bridge_addrport(&conn->addr, conn->port, &transport);
2309  if (r == 0 && transport)
2310  return PROXY_PLUGGABLE;
2311  }
2312 
2313  /* In all other cases, we're using a global proxy. */
2314  if (options->HTTPSProxy)
2315  return PROXY_CONNECT;
2316  else if (options->Socks4Proxy)
2317  return PROXY_SOCKS4;
2318  else if (options->Socks5Proxy)
2319  return PROXY_SOCKS5;
2320  else
2321  return PROXY_NONE;
2322 }
2323 
2324 /* One byte for the version, one for the command, two for the
2325  port, and four for the addr... and, one more for the
2326  username NUL: */
2327 #define SOCKS4_STANDARD_BUFFER_SIZE (1 + 1 + 2 + 4 + 1)
2328 
2329 /** Write a proxy request of <b>type</b> (socks4, socks5, https) to conn
2330  * for conn->addr:conn->port, authenticating with the auth details given
2331  * in the configuration (if available). SOCKS 5 and HTTP CONNECT proxies
2332  * support authentication.
2333  *
2334  * Returns -1 if conn->addr is incompatible with the proxy protocol, and
2335  * 0 otherwise.
2336  *
2337  * Use connection_read_proxy_handshake() to complete the handshake.
2338  */
2339 int
2341 {
2342  const or_options_t *options;
2343 
2344  tor_assert(conn);
2345 
2346  options = get_options();
2347 
2348  switch (type) {
2349  case PROXY_CONNECT: {
2350  char buf[1024];
2351  char *base64_authenticator=NULL;
2352  const char *authenticator = options->HTTPSProxyAuthenticator;
2353 
2354  /* Send HTTP CONNECT and authentication (if available) in
2355  * one request */
2356 
2357  if (authenticator) {
2358  base64_authenticator = alloc_http_authenticator(authenticator);
2359  if (!base64_authenticator)
2360  log_warn(LD_OR, "Encoding https authenticator failed");
2361  }
2362 
2363  if (base64_authenticator) {
2364  const char *addrport = fmt_addrport(&conn->addr, conn->port);
2365  tor_snprintf(buf, sizeof(buf), "CONNECT %s HTTP/1.1\r\n"
2366  "Host: %s\r\n"
2367  "Proxy-Authorization: Basic %s\r\n\r\n",
2368  addrport,
2369  addrport,
2370  base64_authenticator);
2371  tor_free(base64_authenticator);
2372  } else {
2373  tor_snprintf(buf, sizeof(buf), "CONNECT %s HTTP/1.0\r\n\r\n",
2374  fmt_addrport(&conn->addr, conn->port));
2375  }
2376 
2377  connection_buf_add(buf, strlen(buf), conn);
2378  conn->proxy_state = PROXY_HTTPS_WANT_CONNECT_OK;
2379  break;
2380  }
2381 
2382  case PROXY_SOCKS4: {
2383  unsigned char *buf;
2384  uint16_t portn;
2385  uint32_t ip4addr;
2386  size_t buf_size = 0;
2387  char *socks_args_string = NULL;
2388 
2389  /* Send a SOCKS4 connect request */
2390 
2391  if (tor_addr_family(&conn->addr) != AF_INET) {
2392  log_warn(LD_NET, "SOCKS4 client is incompatible with IPv6");
2393  return -1;
2394  }
2395 
2396  { /* If we are here because we are trying to connect to a
2397  pluggable transport proxy, check if we have any SOCKS
2398  arguments to transmit. If we do, compress all arguments to
2399  a single string in 'socks_args_string': */
2400 
2401  if (conn_get_proxy_type(conn) == PROXY_PLUGGABLE) {
2402  socks_args_string =
2404  if (socks_args_string)
2405  log_debug(LD_NET, "Sending out '%s' as our SOCKS argument string.",
2406  socks_args_string);
2407  }
2408  }
2409 
2410  { /* Figure out the buffer size we need for the SOCKS message: */
2411 
2412  buf_size = SOCKS4_STANDARD_BUFFER_SIZE;
2413 
2414  /* If we have a SOCKS argument string, consider its size when
2415  calculating the buffer size: */
2416  if (socks_args_string)
2417  buf_size += strlen(socks_args_string);
2418  }
2419 
2420  buf = tor_malloc_zero(buf_size);
2421 
2422  ip4addr = tor_addr_to_ipv4n(&conn->addr);
2423  portn = htons(conn->port);
2424 
2425  buf[0] = 4; /* version */
2426  buf[1] = SOCKS_COMMAND_CONNECT; /* command */
2427  memcpy(buf + 2, &portn, 2); /* port */
2428  memcpy(buf + 4, &ip4addr, 4); /* addr */
2429 
2430  /* Next packet field is the userid. If we have pluggable
2431  transport SOCKS arguments, we have to embed them
2432  there. Otherwise, we use an empty userid. */
2433  if (socks_args_string) { /* place the SOCKS args string: */
2434  tor_assert(strlen(socks_args_string) > 0);
2435  tor_assert(buf_size >=
2436  SOCKS4_STANDARD_BUFFER_SIZE + strlen(socks_args_string));
2437  strlcpy((char *)buf + 8, socks_args_string, buf_size - 8);
2438  tor_free(socks_args_string);
2439  } else {
2440  buf[8] = 0; /* no userid */
2441  }
2442 
2443  connection_buf_add((char *)buf, buf_size, conn);
2444  tor_free(buf);
2445 
2446  conn->proxy_state = PROXY_SOCKS4_WANT_CONNECT_OK;
2447  break;
2448  }
2449 
2450  case PROXY_SOCKS5: {
2451  unsigned char buf[4]; /* fields: vers, num methods, method list */
2452 
2453  /* Send a SOCKS5 greeting (connect request must wait) */
2454 
2455  buf[0] = 5; /* version */
2456 
2457  /* We have to use SOCKS5 authentication, if we have a
2458  Socks5ProxyUsername or if we want to pass arguments to our
2459  pluggable transport proxy: */
2460  if ((options->Socks5ProxyUsername) ||
2461  (conn_get_proxy_type(conn) == PROXY_PLUGGABLE &&
2462  (get_socks_args_by_bridge_addrport(&conn->addr, conn->port)))) {
2463  /* number of auth methods */
2464  buf[1] = 2;
2465  buf[2] = 0x00; /* no authentication */
2466  buf[3] = 0x02; /* rfc1929 Username/Passwd auth */
2467  conn->proxy_state = PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929;
2468  } else {
2469  buf[1] = 1;
2470  buf[2] = 0x00; /* no authentication */
2471  conn->proxy_state = PROXY_SOCKS5_WANT_AUTH_METHOD_NONE;
2472  }
2473 
2474  connection_buf_add((char *)buf, 2 + buf[1], conn);
2475  break;
2476  }
2477 
2478  default:
2479  log_err(LD_BUG, "Invalid proxy protocol, %d", type);
2481  return -1;
2482  }
2483 
2484  log_debug(LD_NET, "set state %s",
2486 
2487  return 0;
2488 }
2489 
2490 /** Read conn's inbuf. If the http response from the proxy is all
2491  * here, make sure it's good news, then return 1. If it's bad news,
2492  * return -1. Else return 0 and hope for better luck next time.
2493  */
2494 static int
2496 {
2497  char *headers;
2498  char *reason=NULL;
2499  int status_code;
2500  time_t date_header;
2501 
2502  switch (fetch_from_buf_http(conn->inbuf,
2503  &headers, MAX_HEADERS_SIZE,
2504  NULL, NULL, 10000, 0)) {
2505  case -1: /* overflow */
2506  log_warn(LD_PROTOCOL,
2507  "Your https proxy sent back an oversized response. Closing.");
2508  return -1;
2509  case 0:
2510  log_info(LD_NET,"https proxy response not all here yet. Waiting.");
2511  return 0;
2512  /* case 1, fall through */
2513  }
2514 
2515  if (parse_http_response(headers, &status_code, &date_header,
2516  NULL, &reason) < 0) {
2517  log_warn(LD_NET,
2518  "Unparseable headers from proxy (connecting to '%s'). Closing.",
2519  conn->address);
2520  tor_free(headers);
2521  return -1;
2522  }
2523  tor_free(headers);
2524  if (!reason) reason = tor_strdup("[no reason given]");
2525 
2526  if (status_code == 200) {
2527  log_info(LD_NET,
2528  "HTTPS connect to '%s' successful! (200 %s) Starting TLS.",
2529  conn->address, escaped(reason));
2530  tor_free(reason);
2531  return 1;
2532  }
2533  /* else, bad news on the status code */
2534  switch (status_code) {
2535  case 403:
2536  log_warn(LD_NET,
2537  "The https proxy refused to allow connection to %s "
2538  "(status code %d, %s). Closing.",
2539  conn->address, status_code, escaped(reason));
2540  break;
2541  default:
2542  log_warn(LD_NET,
2543  "The https proxy sent back an unexpected status code %d (%s). "
2544  "Closing.",
2545  status_code, escaped(reason));
2546  break;
2547  }
2548  tor_free(reason);
2549  return -1;
2550 }
2551 
2552 /** Send SOCKS5 CONNECT command to <b>conn</b>, copying <b>conn->addr</b>
2553  * and <b>conn->port</b> into the request.
2554  */
2555 static void
2557 {
2558  unsigned char buf[1024];
2559  size_t reqsize = 6;
2560  uint16_t port = htons(conn->port);
2561 
2562  buf[0] = 5; /* version */
2563  buf[1] = SOCKS_COMMAND_CONNECT; /* command */
2564  buf[2] = 0; /* reserved */
2565 
2566  if (tor_addr_family(&conn->addr) == AF_INET) {
2567  uint32_t addr = tor_addr_to_ipv4n(&conn->addr);
2568 
2569  buf[3] = 1;
2570  reqsize += 4;
2571  memcpy(buf + 4, &addr, 4);
2572  memcpy(buf + 8, &port, 2);
2573  } else { /* AF_INET6 */
2574  buf[3] = 4;
2575  reqsize += 16;
2576  memcpy(buf + 4, tor_addr_to_in6_addr8(&conn->addr), 16);
2577  memcpy(buf + 20, &port, 2);
2578  }
2579 
2580  connection_buf_add((char *)buf, reqsize, conn);
2581 
2582  conn->proxy_state = PROXY_SOCKS5_WANT_CONNECT_OK;
2583 }
2584 
2585 /** Wrapper around fetch_from_buf_socks_client: see that functions
2586  * for documentation of its behavior. */
2587 static int
2589  int state, char **reason)
2590 {
2591  return fetch_from_buf_socks_client(conn->inbuf, state, reason);
2592 }
2593 
2594 /** Call this from connection_*_process_inbuf() to advance the proxy
2595  * handshake.
2596  *
2597  * No matter what proxy protocol is used, if this function returns 1, the
2598  * handshake is complete, and the data remaining on inbuf may contain the
2599  * start of the communication with the requested server.
2600  *
2601  * Returns 0 if the current buffer contains an incomplete response, and -1
2602  * on error.
2603  */
2604 int
2606 {
2607  int ret = 0;
2608  char *reason = NULL;
2609 
2610  log_debug(LD_NET, "enter state %s",
2612 
2613  switch (conn->proxy_state) {
2614  case PROXY_HTTPS_WANT_CONNECT_OK:
2616  if (ret == 1)
2617  conn->proxy_state = PROXY_CONNECTED;
2618  break;
2619 
2620  case PROXY_SOCKS4_WANT_CONNECT_OK:
2622  conn->proxy_state,
2623  &reason);
2624  if (ret == 1)
2625  conn->proxy_state = PROXY_CONNECTED;
2626  break;
2627 
2628  case PROXY_SOCKS5_WANT_AUTH_METHOD_NONE:
2630  conn->proxy_state,
2631  &reason);
2632  /* no auth needed, do connect */
2633  if (ret == 1) {
2635  ret = 0;
2636  }
2637  break;
2638 
2639  case PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929:
2641  conn->proxy_state,
2642  &reason);
2643 
2644  /* send auth if needed, otherwise do connect */
2645  if (ret == 1) {
2647  ret = 0;
2648  } else if (ret == 2) {
2649  unsigned char buf[1024];
2650  size_t reqsize, usize, psize;
2651  const char *user, *pass;
2652  char *socks_args_string = NULL;
2653 
2654  if (conn_get_proxy_type(conn) == PROXY_PLUGGABLE) {
2655  socks_args_string =
2657  if (!socks_args_string) {
2658  log_warn(LD_NET, "Could not create SOCKS args string for PT.");
2659  ret = -1;
2660  break;
2661  }
2662 
2663  log_debug(LD_NET, "PT SOCKS5 arguments: %s", socks_args_string);
2664  tor_assert(strlen(socks_args_string) > 0);
2665  tor_assert(strlen(socks_args_string) <= MAX_SOCKS5_AUTH_SIZE_TOTAL);
2666 
2667  if (strlen(socks_args_string) > MAX_SOCKS5_AUTH_FIELD_SIZE) {
2668  user = socks_args_string;
2670  pass = socks_args_string + MAX_SOCKS5_AUTH_FIELD_SIZE;
2671  psize = strlen(socks_args_string) - MAX_SOCKS5_AUTH_FIELD_SIZE;
2672  } else {
2673  user = socks_args_string;
2674  usize = strlen(socks_args_string);
2675  pass = "\0";
2676  psize = 1;
2677  }
2678  } else if (get_options()->Socks5ProxyUsername) {
2679  user = get_options()->Socks5ProxyUsername;
2680  pass = get_options()->Socks5ProxyPassword;
2681  tor_assert(user && pass);
2682  usize = strlen(user);
2683  psize = strlen(pass);
2684  } else {
2685  log_err(LD_BUG, "We entered %s for no reason!", __func__);
2687  ret = -1;
2688  break;
2689  }
2690 
2691  /* Username and password lengths should have been checked
2692  above and during torrc parsing. */
2694  psize <= MAX_SOCKS5_AUTH_FIELD_SIZE);
2695  reqsize = 3 + usize + psize;
2696 
2697  buf[0] = 1; /* negotiation version */
2698  buf[1] = usize;
2699  memcpy(buf + 2, user, usize);
2700  buf[2 + usize] = psize;
2701  memcpy(buf + 3 + usize, pass, psize);
2702 
2703  if (socks_args_string)
2704  tor_free(socks_args_string);
2705 
2706  connection_buf_add((char *)buf, reqsize, conn);
2707 
2708  conn->proxy_state = PROXY_SOCKS5_WANT_AUTH_RFC1929_OK;
2709  ret = 0;
2710  }
2711  break;
2712 
2713  case PROXY_SOCKS5_WANT_AUTH_RFC1929_OK:
2715  conn->proxy_state,
2716  &reason);
2717  /* send the connect request */
2718  if (ret == 1) {
2720  ret = 0;
2721  }
2722  break;
2723 
2724  case PROXY_SOCKS5_WANT_CONNECT_OK:
2726  conn->proxy_state,
2727  &reason);
2728  if (ret == 1)
2729  conn->proxy_state = PROXY_CONNECTED;
2730  break;
2731 
2732  default:
2733  log_err(LD_BUG, "Invalid proxy_state for reading, %d",
2734  conn->proxy_state);
2736  ret = -1;
2737  break;
2738  }
2739 
2740  log_debug(LD_NET, "leaving state %s",
2742 
2743  if (ret < 0) {
2744  if (reason) {
2745  log_warn(LD_NET, "Proxy Client: unable to connect to %s:%d (%s)",
2746  conn->address, conn->port, escaped(reason));
2747  tor_free(reason);
2748  } else {
2749  log_warn(LD_NET, "Proxy Client: unable to connect to %s:%d",
2750  conn->address, conn->port);
2751  }
2752  } else if (ret == 1) {
2753  log_info(LD_NET, "Proxy Client: connection to %s:%d successful",
2754  conn->address, conn->port);
2755  }
2756 
2757  return ret;
2758 }
2759 
2760 /** Given a list of listener connections in <b>old_conns</b>, and list of
2761  * port_cfg_t entries in <b>ports</b>, open a new listener for every port in
2762  * <b>ports</b> that does not already have a listener in <b>old_conns</b>.
2763  *
2764  * Remove from <b>old_conns</b> every connection that has a corresponding
2765  * entry in <b>ports</b>. Add to <b>new_conns</b> new every connection we
2766  * launch. If we may need to perform socket rebind when creating new
2767  * listener that replaces old one, create a <b>listener_replacement_t</b>
2768  * struct for affected pair and add it to <b>replacements</b>.
2769  *
2770  * If <b>control_listeners_only</b> is true, then we only open control
2771  * listeners, and we do not remove any noncontrol listeners from
2772  * old_conns.
2773  *
2774  * Return 0 on success, -1 on failure.
2775  **/
2776 static int
2778  const smartlist_t *ports,
2779  smartlist_t *new_conns,
2780  smartlist_t *replacements,
2781  int control_listeners_only)
2782 {
2783 #ifndef ENABLE_LISTENER_REBIND
2784  (void)replacements;
2785 #endif
2786 
2787  smartlist_t *launch = smartlist_new();
2788  int r = 0;
2789 
2790  if (control_listeners_only) {
2791  SMARTLIST_FOREACH(ports, port_cfg_t *, p, {
2792  if (p->type == CONN_TYPE_CONTROL_LISTENER)
2793  smartlist_add(launch, p);
2794  });
2795  } else {
2796  smartlist_add_all(launch, ports);
2797  }
2798 
2799  /* Iterate through old_conns, comparing it to launch: remove from both lists
2800  * each pair of elements that corresponds to the same port. */
2801  SMARTLIST_FOREACH_BEGIN(old_conns, connection_t *, conn) {
2802  const port_cfg_t *found_port = NULL;
2803 
2804  /* Okay, so this is a listener. Is it configured? */
2805  /* That is, is it either: 1) exact match - address and port
2806  * pair match exactly between old listener and new port; or 2)
2807  * wildcard match - port matches exactly, but *one* of the
2808  * addresses is wildcard (0.0.0.0 or ::)?
2809  */
2810  SMARTLIST_FOREACH_BEGIN(launch, const port_cfg_t *, wanted) {
2811  if (conn->type != wanted->type)
2812  continue;
2813  if ((conn->socket_family != AF_UNIX && wanted->is_unix_addr) ||
2814  (conn->socket_family == AF_UNIX && ! wanted->is_unix_addr))
2815  continue;
2816 
2817  if (wanted->server_cfg.no_listen)
2818  continue; /* We don't want to open a listener for this one */
2819 
2820  if (wanted->is_unix_addr) {
2821  if (conn->socket_family == AF_UNIX &&
2822  !strcmp(wanted->unix_addr, conn->address)) {
2823  found_port = wanted;
2824  break;
2825  }
2826  } else {
2827  /* Numeric values of old and new port match exactly. */
2828  const int port_matches_exact = (wanted->port == conn->port);
2829  /* Ports match semantically - either their specific values
2830  match exactly, or new port is 'auto'.
2831  */
2832  const int port_matches = (wanted->port == CFG_AUTO_PORT ||
2833  port_matches_exact);
2834 
2835  if (port_matches && tor_addr_eq(&wanted->addr, &conn->addr)) {
2836  found_port = wanted;
2837  break;
2838  }
2839 #ifdef ENABLE_LISTENER_REBIND
2840  /* Rebinding may be needed if all of the following are true:
2841  * 1) Address family is the same in old and new listeners.
2842  * 2) Port number matches exactly (numeric value is the same).
2843  * 3) *One* of listeners (either old one or new one) has a
2844  * wildcard IP address (0.0.0.0 or [::]).
2845  *
2846  * These are the exact conditions for a first bind() syscall
2847  * to fail with EADDRINUSE.
2848  */
2849  const int may_need_rebind =
2850  tor_addr_family(&wanted->addr) == tor_addr_family(&conn->addr) &&
2851  port_matches_exact && bool_neq(tor_addr_is_null(&wanted->addr),
2852  tor_addr_is_null(&conn->addr));
2853  if (replacements && may_need_rebind) {
2854  listener_replacement_t *replacement =
2855  tor_malloc(sizeof(listener_replacement_t));
2856 
2857  replacement->old_conn = conn;
2858  replacement->new_port = wanted;
2859  smartlist_add(replacements, replacement);
2860 
2861  SMARTLIST_DEL_CURRENT(launch, wanted);
2862  SMARTLIST_DEL_CURRENT(old_conns, conn);
2863  break;
2864  }
2865 #endif /* defined(ENABLE_LISTENER_REBIND) */
2866  }
2867  } SMARTLIST_FOREACH_END(wanted);
2868 
2869  if (found_port) {
2870  /* This listener is already running; we don't need to launch it. */
2871  //log_debug(LD_NET, "Already have %s on %s:%d",
2872  // conn_type_to_string(found_port->type), conn->address, conn->port);
2873  smartlist_remove(launch, found_port);
2874  /* And we can remove the connection from old_conns too. */
2875  SMARTLIST_DEL_CURRENT(old_conns, conn);
2876  }
2877  } SMARTLIST_FOREACH_END(conn);
2878 
2879  /* Now open all the listeners that are configured but not opened. */
2880  SMARTLIST_FOREACH_BEGIN(launch, const port_cfg_t *, port) {
2881  int skip = 0;
2882  connection_t *conn = connection_listener_new_for_port(port, &skip, NULL);
2883 
2884  if (conn && new_conns)
2885  smartlist_add(new_conns, conn);
2886  else if (!skip)
2887  r = -1;
2888  } SMARTLIST_FOREACH_END(port);
2889 
2890  smartlist_free(launch);
2891 
2892  return r;
2893 }
2894 
2895 /** Launch listeners for each port you should have open. Only launch
2896  * listeners who are not already open, and only close listeners we no longer
2897  * want.
2898  *
2899  * Add all new connections to <b>new_conns</b>.
2900  *
2901  * If <b>close_all_noncontrol</b> is true, then we only open control
2902  * listeners, and we close all other listeners.
2903  */
2904 int
2905 retry_all_listeners(smartlist_t *new_conns, int close_all_noncontrol)
2906 {
2907  smartlist_t *listeners = smartlist_new();
2908  smartlist_t *replacements = smartlist_new();
2909  const or_options_t *options = get_options();
2910  int retval = 0;
2911  const uint16_t old_or_port = router_get_advertised_or_port(options);
2912  const uint16_t old_or_port_ipv6 =
2913  router_get_advertised_or_port_by_af(options,AF_INET6);
2914  const uint16_t old_dir_port = router_get_advertised_dir_port(options, 0);
2915 
2917  if (connection_is_listener(conn) && !conn->marked_for_close)
2918  smartlist_add(listeners, conn);
2919  } SMARTLIST_FOREACH_END(conn);
2920 
2921  if (retry_listener_ports(listeners,
2923  new_conns,
2924  replacements,
2925  close_all_noncontrol) < 0)
2926  retval = -1;
2927 
2928 #ifdef ENABLE_LISTENER_REBIND
2929  if (smartlist_len(replacements))
2930  log_debug(LD_NET, "%d replacements - starting rebinding loop.",
2931  smartlist_len(replacements));
2932 
2933  SMARTLIST_FOREACH_BEGIN(replacements, listener_replacement_t *, r) {
2934  int addr_in_use = 0;
2935  int skip = 0;
2936 
2937  tor_assert(r->new_port);
2938  tor_assert(r->old_conn);
2939 
2940  connection_t *new_conn =
2941  connection_listener_new_for_port(r->new_port, &skip, &addr_in_use);
2942  connection_t *old_conn = r->old_conn;
2943 
2944  if (skip) {
2945  log_debug(LD_NET, "Skipping creating new listener for %s:%d",
2946  old_conn->address, old_conn->port);
2947  continue;
2948  }
2949 
2950  connection_close_immediate(old_conn);
2951  connection_mark_for_close(old_conn);
2952 
2953  if (addr_in_use) {
2954  new_conn = connection_listener_new_for_port(r->new_port,
2955  &skip, &addr_in_use);
2956  }
2957 
2958  tor_assert(new_conn);
2959 
2960  smartlist_add(new_conns, new_conn);
2961 
2962  log_notice(LD_NET, "Closed no-longer-configured %s on %s:%d "
2963  "(replaced by %s:%d)",
2964  conn_type_to_string(old_conn->type), old_conn->address,
2965  old_conn->port, new_conn->address, new_conn->port);
2966  } SMARTLIST_FOREACH_END(r);
2967 #endif /* defined(ENABLE_LISTENER_REBIND) */
2968 
2969  /* Any members that were still in 'listeners' don't correspond to
2970  * any configured port. Kill 'em. */
2971  SMARTLIST_FOREACH_BEGIN(listeners, connection_t *, conn) {
2972  log_notice(LD_NET, "Closing no-longer-configured %s on %s:%d",
2973  conn_type_to_string(conn->type), conn->address, conn->port);
2975  connection_mark_for_close(conn);
2976  } SMARTLIST_FOREACH_END(conn);
2977 
2978  smartlist_free(listeners);
2979  /* Cleanup any remaining listener replacement. */
2980  SMARTLIST_FOREACH(replacements, listener_replacement_t *, r, tor_free(r));
2981  smartlist_free(replacements);
2982 
2983  if (old_or_port != router_get_advertised_or_port(options) ||
2984  old_or_port_ipv6 != router_get_advertised_or_port_by_af(options,
2985  AF_INET6) ||
2986  old_dir_port != router_get_advertised_dir_port(options, 0)) {
2987  /* Our chosen ORPort or DirPort is not what it used to be: the
2988  * descriptor we had (if any) should be regenerated. (We won't
2989  * automatically notice this because of changes in the option,
2990  * since the value could be "auto".) */
2991  mark_my_descriptor_dirty("Chosen Or/DirPort changed");
2992  }
2993 
2994  return retval;
2995 }
2996 
2997 /** Mark every listener of type other than CONTROL_LISTENER to be closed. */
2998 void
3000 {
3002  if (conn->marked_for_close)
3003  continue;
3004  if (conn->type == CONN_TYPE_CONTROL_LISTENER)
3005  continue;
3006  if (connection_is_listener(conn))
3007  connection_mark_for_close(conn);
3008  } SMARTLIST_FOREACH_END(conn);
3009 }
3010 
3011 /** Mark every external connection not used for controllers for close. */
3012 void
3014 {
3016  if (conn->marked_for_close)
3017  continue;
3018  switch (conn->type) {
3020  case CONN_TYPE_CONTROL:
3021  break;
3022  case CONN_TYPE_AP:
3023  connection_mark_unattached_ap(TO_ENTRY_CONN(conn),
3024  END_STREAM_REASON_HIBERNATING);
3025  break;
3026  case CONN_TYPE_OR:
3027  {
3028  or_connection_t *orconn = TO_OR_CONN(conn);
3029  if (orconn->chan) {
3030  connection_or_close_normally(orconn, 0);
3031  } else {
3032  /*
3033  * There should have been one, but mark for close and hope
3034  * for the best..
3035  */
3036  connection_mark_for_close(conn);
3037  }
3038  }
3039  break;
3040  default:
3041  connection_mark_for_close(conn);
3042  break;
3043  }
3044  } SMARTLIST_FOREACH_END(conn);
3045 }
3046 
3047 /** Return 1 if we should apply rate limiting to <b>conn</b>, and 0
3048  * otherwise.
3049  * Right now this just checks if it's an internal IP address or an
3050  * internal connection. We also should, but don't, check if the connection
3051  * uses pluggable transports, since we should then limit it even if it
3052  * comes from an internal IP address. */
3053 static int
3055 {
3056  const or_options_t *options = get_options();
3057  if (conn->linked)
3058  return 0; /* Internal connection */
3059  else if (! options->CountPrivateBandwidth &&
3060  (tor_addr_family(&conn->addr) == AF_UNSPEC || /* no address */
3061  tor_addr_family(&conn->addr) == AF_UNIX || /* no address */
3062  tor_addr_is_internal(&conn->addr, 0)))
3063  return 0; /* Internal address */
3064  else
3065  return 1;
3066 }
3067 
3068 /** When was either global write bucket last empty? If this was recent, then
3069  * we're probably low on bandwidth, and we should be stingy with our bandwidth
3070  * usage. */
3071 static time_t write_buckets_last_empty_at = -100;
3072 
3073 /** How many seconds of no active local circuits will make the
3074  * connection revert to the "relayed" bandwidth class? */
3075 #define CLIENT_IDLE_TIME_FOR_PRIORITY 30
3076 
3077 /** Return 1 if <b>conn</b> should use tokens from the "relayed"
3078  * bandwidth rates, else 0. Currently, only OR conns with bandwidth
3079  * class 1, and directory conns that are serving data out, count.
3080  */
3081 static int
3083 {
3084  if (conn->type == CONN_TYPE_OR &&
3087  return 1;
3088  if (conn->type == CONN_TYPE_DIR && DIR_CONN_IS_SERVER(conn))
3089  return 1;
3090  return 0;
3091 }
3092 
3093 /** Helper function to decide how many bytes out of <b>global_bucket</b>
3094  * we're willing to use for this transaction. <b>base</b> is the size
3095  * of a cell on the network; <b>priority</b> says whether we should
3096  * write many of them or just a few; and <b>conn_bucket</b> (if
3097  * non-negative) provides an upper limit for our answer. */
3098 static ssize_t
3099 connection_bucket_get_share(int base, int priority,
3100  ssize_t global_bucket_val, ssize_t conn_bucket)
3101 {
3102  ssize_t at_most;
3103  ssize_t num_bytes_high = (priority ? 32 : 16) * base;
3104  ssize_t num_bytes_low = (priority ? 4 : 2) * base;
3105 
3106  /* Do a rudimentary limiting so one circuit can't hog a connection.
3107  * Pick at most 32 cells, at least 4 cells if possible, and if we're in
3108  * the middle pick 1/8 of the available bandwidth. */
3109  at_most = global_bucket_val / 8;
3110  at_most -= (at_most % base); /* round down */
3111  if (at_most > num_bytes_high) /* 16 KB, or 8 KB for low-priority */
3112  at_most = num_bytes_high;
3113  else if (at_most < num_bytes_low) /* 2 KB, or 1 KB for low-priority */
3114  at_most = num_bytes_low;
3115 
3116  if (at_most > global_bucket_val)
3117  at_most = global_bucket_val;
3118 
3119  if (conn_bucket >= 0 && at_most > conn_bucket)
3120  at_most = conn_bucket;
3121 
3122  if (at_most < 0)
3123  return 0;
3124  return at_most;
3125 }
3126 
3127 /** How many bytes at most can we read onto this connection? */
3128 static ssize_t
3130 {
3131  int base = RELAY_PAYLOAD_SIZE;
3132  int priority = conn->type != CONN_TYPE_DIR;
3133  ssize_t conn_bucket = -1;
3134  size_t global_bucket_val = token_bucket_rw_get_read(&global_bucket);
3135 
3136  if (connection_speaks_cells(conn)) {
3137  or_connection_t *or_conn = TO_OR_CONN(conn);
3138  if (conn->state == OR_CONN_STATE_OPEN)
3139  conn_bucket = token_bucket_rw_get_read(&or_conn->bucket);
3140  base = get_cell_network_size(or_conn->wide_circ_ids);
3141  }
3142 
3143  if (!connection_is_rate_limited(conn)) {
3144  /* be willing to read on local conns even if our buckets are empty */
3145  return conn_bucket>=0 ? conn_bucket : 1<<14;
3146  }
3147 
3148  if (connection_counts_as_relayed_traffic(conn, now)) {
3149  size_t relayed = token_bucket_rw_get_read(&global_relayed_bucket);
3150  global_bucket_val = MIN(global_bucket_val, relayed);
3151  }
3152 
3153  return connection_bucket_get_share(base, priority,
3154  global_bucket_val, conn_bucket);
3155 }
3156 
3157 /** How many bytes at most can we write onto this connection? */
3158 ssize_t
3160 {
3161  int base = RELAY_PAYLOAD_SIZE;
3162  int priority = conn->type != CONN_TYPE_DIR;
3163  size_t conn_bucket = conn->outbuf_flushlen;
3164  size_t global_bucket_val = token_bucket_rw_get_write(&global_bucket);
3165 
3166  if (!connection_is_rate_limited(conn)) {
3167  /* be willing to write to local conns even if our buckets are empty */
3168  return conn->outbuf_flushlen;
3169  }
3170 
3171  if (connection_speaks_cells(conn)) {
3172  /* use the per-conn write limit if it's lower */
3173  or_connection_t *or_conn = TO_OR_CONN(conn);
3174  if (conn->state == OR_CONN_STATE_OPEN)
3175  conn_bucket = MIN(conn_bucket,
3176  token_bucket_rw_get_write(&or_conn->bucket));
3177  base = get_cell_network_size(or_conn->wide_circ_ids);
3178  }
3179 
3180  if (connection_counts_as_relayed_traffic(conn, now)) {
3181  size_t relayed = token_bucket_rw_get_write(&global_relayed_bucket);
3182  global_bucket_val = MIN(global_bucket_val, relayed);
3183  }
3184 
3185  return connection_bucket_get_share(base, priority,
3186  global_bucket_val, conn_bucket);
3187 }
3188 
3189 /** Return 1 if the global write buckets are low enough that we
3190  * shouldn't send <b>attempt</b> bytes of low-priority directory stuff
3191  * out to <b>conn</b>. Else return 0.
3192 
3193  * Priority was 1 for v1 requests (directories and running-routers),
3194  * and 2 for v2 requests and later (statuses and descriptors).
3195  *
3196  * There are a lot of parameters we could use here:
3197  * - global_relayed_write_bucket. Low is bad.
3198  * - global_write_bucket. Low is bad.
3199  * - bandwidthrate. Low is bad.
3200  * - bandwidthburst. Not a big factor?
3201  * - attempt. High is bad.
3202  * - total bytes queued on outbufs. High is bad. But I'm wary of
3203  * using this, since a few slow-flushing queues will pump up the
3204  * number without meaning what we meant to mean. What we really
3205  * mean is "total directory bytes added to outbufs recently", but
3206  * that's harder to quantify and harder to keep track of.
3207  */
3208 int
3209 global_write_bucket_low(connection_t *conn, size_t attempt, int priority)
3210 {
3211  size_t smaller_bucket =
3212  MIN(token_bucket_rw_get_write(&global_bucket),
3213  token_bucket_rw_get_write(&global_relayed_bucket));
3214  if (authdir_mode(get_options()) && priority>1)
3215  return 0; /* there's always room to answer v2 if we're an auth dir */
3216 
3217  if (!connection_is_rate_limited(conn))
3218  return 0; /* local conns don't get limited */
3219 
3220  if (smaller_bucket < attempt)
3221  return 1; /* not enough space no matter the priority */
3222 
3223  {
3224  const time_t diff = approx_time() - write_buckets_last_empty_at;
3225  if (diff <= 1)
3226  return 1; /* we're already hitting our limits, no more please */
3227  }
3228 
3229  if (priority == 1) { /* old-style v1 query */
3230  /* Could we handle *two* of these requests within the next two seconds? */
3231  const or_options_t *options = get_options();
3232  size_t can_write = (size_t) (smaller_bucket
3233  + 2*(options->RelayBandwidthRate ? options->RelayBandwidthRate :
3234  options->BandwidthRate));
3235  if (can_write < 2*attempt)
3236  return 1;
3237  } else { /* v2 query */
3238  /* no further constraints yet */
3239  }
3240  return 0;
3241 }
3242 
3243 /** When did we last tell the accounting subsystem about transmitted
3244  * bandwidth? */
3246 
3247 /** Helper: adjusts our bandwidth history and informs the controller as
3248  * appropriate, given that we have just read <b>num_read</b> bytes and written
3249  * <b>num_written</b> bytes on <b>conn</b>. */
3250 static void
3252  time_t now, size_t num_read, size_t num_written)
3253 {
3254  /* Count bytes of answering direct and tunneled directory requests */
3255  if (conn->type == CONN_TYPE_DIR && conn->purpose == DIR_PURPOSE_SERVER) {
3256  if (num_read > 0)
3257  rep_hist_note_dir_bytes_read(num_read, now);
3258  if (num_written > 0)
3259  rep_hist_note_dir_bytes_written(num_written, now);
3260  }
3261 
3262  if (!connection_is_rate_limited(conn))
3263  return; /* local IPs are free */
3264 
3265  if (conn->type == CONN_TYPE_OR)
3267  num_written, now);
3268 
3269  if (num_read > 0) {
3270  rep_hist_note_bytes_read(num_read, now);
3271  }
3272  if (num_written > 0) {
3273  rep_hist_note_bytes_written(num_written, now);
3274  }
3275  if (conn->type == CONN_TYPE_EXIT)
3276  rep_hist_note_exit_bytes(conn->port, num_written, num_read);
3277 
3278  /* Remember these bytes towards statistics. */
3279  stats_increment_bytes_read_and_written(num_read, num_written);
3280 
3281  /* Remember these bytes towards accounting. */
3284  accounting_add_bytes(num_read, num_written,
3285  (int)(now - last_recorded_accounting_at));
3286  } else {
3287  accounting_add_bytes(num_read, num_written, 0);
3288  }
3290  }
3291 }
3292 
3293 /** We just read <b>num_read</b> and wrote <b>num_written</b> bytes
3294  * onto <b>conn</b>. Decrement buckets appropriately. */
3295 static void
3297  size_t num_read, size_t num_written)
3298 {
3299  if (num_written >= INT_MAX || num_read >= INT_MAX) {
3300  log_err(LD_BUG, "Value out of range. num_read=%lu, num_written=%lu, "
3301  "connection type=%s, state=%s",
3302  (unsigned long)num_read, (unsigned long)num_written,
3303  conn_type_to_string(conn->type),
3304  conn_state_to_string(conn->type, conn->state));
3305  tor_assert_nonfatal_unreached();
3306  if (num_written >= INT_MAX)
3307  num_written = 1;
3308  if (num_read >= INT_MAX)
3309  num_read = 1;
3310  }
3311 
3312  record_num_bytes_transferred_impl(conn, now, num_read, num_written);
3313 
3314  if (!connection_is_rate_limited(conn))
3315  return; /* local IPs are free */
3316 
3317  unsigned flags = 0;
3318  if (connection_counts_as_relayed_traffic(conn, now)) {
3319  flags = token_bucket_rw_dec(&global_relayed_bucket, num_read, num_written);
3320  }
3321  flags |= token_bucket_rw_dec(&global_bucket, num_read, num_written);
3322 
3323  if (flags & TB_WRITE) {
3325  }
3326  if (connection_speaks_cells(conn) && conn->state == OR_CONN_STATE_OPEN) {
3327  or_connection_t *or_conn = TO_OR_CONN(conn);
3328  token_bucket_rw_dec(&or_conn->bucket, num_read, num_written);
3329  }
3330 }
3331 
3332 /**
3333  * Mark <b>conn</b> as needing to stop reading because bandwidth has been
3334  * exhausted. If <b>is_global_bw</b>, it is closing because global bandwidth
3335  * limit has been exhausted. Otherwise, it is closing because its own
3336  * bandwidth limit has been exhausted.
3337  */
3338 void
3340 {
3341  (void)is_global_bw;
3342  conn->read_blocked_on_bw = 1;
3345 }
3346 
3347 /**
3348  * Mark <b>conn</b> as needing to stop reading because write bandwidth has
3349  * been exhausted. If <b>is_global_bw</b>, it is closing because global
3350  * bandwidth limit has been exhausted. Otherwise, it is closing because its
3351  * own bandwidth limit has been exhausted.
3352 */
3353 void
3355 {
3356  (void)is_global_bw;
3357  conn->write_blocked_on_bw = 1;
3360 }
3361 
3362 /** If we have exhausted our global buckets, or the buckets for conn,
3363  * stop reading. */
3364 void
3366 {
3367  const char *reason;
3368 
3369  if (!connection_is_rate_limited(conn))
3370  return; /* Always okay. */
3371 
3372  int is_global = 1;
3373 
3374  if (token_bucket_rw_get_read(&global_bucket) <= 0) {
3375  reason = "global read bucket exhausted. Pausing.";
3376  } else if (connection_counts_as_relayed_traffic(conn, approx_time()) &&
3377  token_bucket_rw_get_read(&global_relayed_bucket) <= 0) {
3378  reason = "global relayed read bucket exhausted. Pausing.";
3379  } else if (connection_speaks_cells(conn) &&
3380  conn->state == OR_CONN_STATE_OPEN &&
3381  token_bucket_rw_get_read(&TO_OR_CONN(conn)->bucket) <= 0) {
3382  reason = "connection read bucket exhausted. Pausing.";
3383  is_global = false;
3384  } else
3385  return; /* all good, no need to stop it */
3386 
3387  LOG_FN_CONN(conn, (LOG_DEBUG, LD_NET, "%s", reason));
3388  connection_read_bw_exhausted(conn, is_global);
3389 }
3390 
3391 /** If we have exhausted our global buckets, or the buckets for conn,
3392  * stop writing. */
3393 void
3395 {
3396  const char *reason;
3397 
3398  if (!connection_is_rate_limited(conn))
3399  return; /* Always okay. */
3400 
3401  bool is_global = true;
3402  if (token_bucket_rw_get_write(&global_bucket) <= 0) {
3403  reason = "global write bucket exhausted. Pausing.";
3404  } else if (connection_counts_as_relayed_traffic(conn, approx_time()) &&
3405  token_bucket_rw_get_write(&global_relayed_bucket) <= 0) {
3406  reason = "global relayed write bucket exhausted. Pausing.";
3407  } else if (connection_speaks_cells(conn) &&
3408  conn->state == OR_CONN_STATE_OPEN &&
3409  token_bucket_rw_get_write(&TO_OR_CONN(conn)->bucket) <= 0) {
3410  reason = "connection write bucket exhausted. Pausing.";
3411  is_global = false;
3412  } else
3413  return; /* all good, no need to stop it */
3414 
3415  LOG_FN_CONN(conn, (LOG_DEBUG, LD_NET, "%s", reason));
3416  connection_write_bw_exhausted(conn, is_global);
3417 }
3418 
3419 /** Initialize the global buckets to the values configured in the
3420  * options */
3421 void
3423 {
3424  const or_options_t *options = get_options();
3425  const uint32_t now_ts = monotime_coarse_get_stamp();
3426  token_bucket_rw_init(&global_bucket,
3427  (int32_t)options->BandwidthRate,
3428  (int32_t)options->BandwidthBurst,
3429  now_ts);
3430  if (options->RelayBandwidthRate) {
3431  token_bucket_rw_init(&global_relayed_bucket,
3432  (int32_t)options->RelayBandwidthRate,
3433  (int32_t)options->RelayBandwidthBurst,
3434  now_ts);
3435  } else {
3436  token_bucket_rw_init(&global_relayed_bucket,
3437  (int32_t)options->BandwidthRate,
3438  (int32_t)options->BandwidthBurst,
3439  now_ts);
3440  }
3441 
3443 }
3444 
3445 /** Update the global connection bucket settings to a new value. */
3446 void
3448 {
3449  token_bucket_rw_adjust(&global_bucket,
3450  (int32_t)options->BandwidthRate,
3451  (int32_t)options->BandwidthBurst);
3452  if (options->RelayBandwidthRate) {
3453  token_bucket_rw_adjust(&global_relayed_bucket,
3454  (int32_t)options->RelayBandwidthRate,
3455  (int32_t)options->RelayBandwidthBurst);
3456  } else {
3457  token_bucket_rw_adjust(&global_relayed_bucket,
3458  (int32_t)options->BandwidthRate,
3459  (int32_t)options->BandwidthBurst);
3460  }
3461 }
3462 
3463 /**
3464  * Cached value of the last coarse-timestamp when we refilled the
3465  * global buckets.
3466  */
3468 /**
3469  * Refill the token buckets for a single connection <b>conn</b>, and the
3470  * global token buckets as appropriate. Requires that <b>now_ts</b> is
3471  * the time in coarse timestamp units.
3472  */
3473 static void
3475 {
3476  /* Note that we only check for equality here: the underlying
3477  * token bucket functions can handle moving backwards in time if they
3478  * need to. */
3479  if (now_ts != last_refilled_global_buckets_ts) {
3480  token_bucket_rw_refill(&global_bucket, now_ts);
3481  token_bucket_rw_refill(&global_relayed_bucket, now_ts);
3483  }
3484 
3485  if (connection_speaks_cells(conn) && conn->state == OR_CONN_STATE_OPEN) {
3486  or_connection_t *or_conn = TO_OR_CONN(conn);
3487  token_bucket_rw_refill(&or_conn->bucket, now_ts);
3488  }
3489 }
3490 
3491 /**
3492  * Event to re-enable all connections that were previously blocked on read or
3493  * write.
3494  */
3496 
3497 /** True iff reenable_blocked_connections_ev is currently scheduled. */
3499 
3500 /** Delay after which to run reenable_blocked_connections_ev. */
3502 
3503 /**
3504  * Re-enable all connections that were previously blocked on read or write.
3505  * This event is scheduled after enough time has elapsed to be sure
3506  * that the buckets will refill when the connections have something to do.
3507  */
3508 static void
3510 {
3511  (void)ev;
3512  (void)arg;
3514  if (conn->read_blocked_on_bw == 1) {
3516  conn->read_blocked_on_bw = 0;
3517  }
3518  if (conn->write_blocked_on_bw == 1) {
3520  conn->write_blocked_on_bw = 0;
3521  }
3522  } SMARTLIST_FOREACH_END(conn);
3523 
3525 }
3526 
3527 /**
3528  * Initialize the mainloop event that we use to wake up connections that
3529  * find themselves blocked on bandwidth.
3530  */
3531 static void
3533 {
3538  }
3539  time_t sec = options->TokenBucketRefillInterval / 1000;
3540  int msec = (options->TokenBucketRefillInterval % 1000);
3542  reenable_blocked_connections_delay.tv_usec = msec * 1000;
3543 }
3544 
3545 /**
3546  * Called when we have blocked a connection for being low on bandwidth:
3547  * schedule an event to reenable such connections, if it is not already
3548  * scheduled.
3549  */
3550 static void
3552 {
3554  return;
3555  if (BUG(reenable_blocked_connections_ev == NULL)) {
3557  }
3561 }
3562 
3563 /** Read bytes from conn->s and process them.
3564  *
3565  * It calls connection_buf_read_from_socket() to bring in any new bytes,
3566  * and then calls connection_process_inbuf() to process them.
3567  *
3568  * Mark the connection and return -1 if you want to close it, else
3569  * return 0.
3570  */
3571 static int
3573 {
3574  ssize_t max_to_read=-1, try_to_read;
3575  size_t before, n_read = 0;
3576  int socket_error = 0;
3577 
3578  if (conn->marked_for_close)
3579  return 0; /* do nothing */
3580 
3582 
3584 
3585  switch (conn->type) {
3586  case CONN_TYPE_OR_LISTENER:
3590  case CONN_TYPE_AP_LISTENER:
3600  /* This should never happen; eventdns.c handles the reads here. */
3602  return 0;
3603  }
3604 
3605  loop_again:
3606  try_to_read = max_to_read;
3607  tor_assert(!conn->marked_for_close);
3608 
3609  before = buf_datalen(conn->inbuf);
3610  if (connection_buf_read_from_socket(conn, &max_to_read, &socket_error) < 0) {
3611  /* There's a read error; kill the connection.*/
3612  if (conn->type == CONN_TYPE_OR) {
3614  socket_error != 0 ?
3615  errno_to_orconn_end_reason(socket_error) :
3616  END_OR_CONN_REASON_CONNRESET,
3617  socket_error != 0 ?
3618  tor_socket_strerror(socket_error) :
3619  "(unknown, errno was 0)");
3620  }
3621  if (CONN_IS_EDGE(conn)) {
3622  edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
3623  connection_edge_end_errno(edge_conn);
3624  if (conn->type == CONN_TYPE_AP && TO_ENTRY_CONN(conn)->socks_request) {
3625  /* broken, don't send a socks reply back */
3626  TO_ENTRY_CONN(conn)->socks_request->has_finished = 1;
3627  }
3628  }
3629  connection_close_immediate(conn); /* Don't flush; connection is dead. */
3630  /*
3631  * This can bypass normal channel checking since we did
3632  * connection_or_notify_error() above.
3633  */
3634  connection_mark_for_close_internal(conn);
3635  return -1;
3636  }
3637  n_read += buf_datalen(conn->inbuf) - before;
3638  if (CONN_IS_EDGE(conn) && try_to_read != max_to_read) {
3639  /* instruct it not to try to package partial cells. */
3640  if (connection_process_inbuf(conn, 0) < 0) {
3641  return -1;
3642  }
3643  if (!conn->marked_for_close &&
3644  connection_is_reading(conn) &&
3645  !conn->inbuf_reached_eof &&
3646  max_to_read > 0)
3647  goto loop_again; /* try reading again, in case more is here now */
3648  }
3649  /* one last try, packaging partial cells and all. */
3650  if (!conn->marked_for_close &&
3651  connection_process_inbuf(conn, 1) < 0) {
3652  return -1;
3653  }
3654  if (conn->linked_conn) {
3655  /* The other side's handle_write() will never actually get called, so
3656  * we need to invoke the appropriate callbacks ourself. */
3657  connection_t *linked = conn->linked_conn;
3658 
3659  if (n_read) {
3660  /* Probably a no-op, since linked conns typically don't count for
3661  * bandwidth rate limiting. But do it anyway so we can keep stats
3662  * accurately. Note that since we read the bytes from conn, and
3663  * we're writing the bytes onto the linked connection, we count
3664  * these as <i>written</i> bytes. */
3665  connection_buckets_decrement(linked, approx_time(), 0, n_read);
3666 
3667  if (connection_flushed_some(linked) < 0)
3668  connection_mark_for_close(linked);
3669  if (!connection_wants_to_flush(linked))
3671  }
3672 
3673  if (!buf_datalen(linked->outbuf) && conn->active_on_link)
3675  }
3676  /* If we hit the EOF, call connection_reached_eof(). */
3677  if (!conn->marked_for_close &&
3678  conn->inbuf_reached_eof &&
3679  connection_reached_eof(conn) < 0) {
3680  return -1;
3681  }
3682  return 0;
3683 }
3684 
3685 /* DOCDOC connection_handle_read */
3686 int
3687 connection_handle_read(connection_t *conn)
3688 {
3689  int res;
3690  update_current_time(time(NULL));
3691  res = connection_handle_read_impl(conn);
3692  return res;
3693 }
3694 
3695 /** Pull in new bytes from conn->s or conn->linked_conn onto conn->inbuf,
3696  * either directly or via TLS. Reduce the token buckets by the number of bytes
3697  * read.
3698  *
3699  * If *max_to_read is -1, then decide it ourselves, else go with the
3700  * value passed to us. When returning, if it's changed, subtract the
3701  * number of bytes we read from *max_to_read.
3702  *
3703  * Return -1 if we want to break conn, else return 0.
3704  */
3705 static int
3706 connection_buf_read_from_socket(connection_t *conn, ssize_t *max_to_read,
3707  int *socket_error)
3708 {
3709  int result;
3710  ssize_t at_most = *max_to_read;
3711  size_t slack_in_buf, more_to_read;
3712  size_t n_read = 0, n_written = 0;
3713 
3714  if (at_most == -1) { /* we need to initialize it */
3715  /* how many bytes are we allowed to read? */
3716  at_most = connection_bucket_read_limit(conn, approx_time());
3717  }
3718 
3719  slack_in_buf = buf_slack(conn->inbuf);
3720  again:
3721  if ((size_t)at_most > slack_in_buf && slack_in_buf >= 1024) {
3722  more_to_read = at_most - slack_in_buf;
3723  at_most = slack_in_buf;
3724  } else {
3725  more_to_read = 0;
3726  }
3727 
3728  if (connection_speaks_cells(conn) &&
3730  int pending;
3731  or_connection_t *or_conn = TO_OR_CONN(conn);
3732  size_t initial_size;
3733  if (conn->state == OR_CONN_STATE_TLS_HANDSHAKING ||
3735  /* continue handshaking even if global token bucket is empty */
3736  return connection_tls_continue_handshake(or_conn);
3737  }
3738 
3739  log_debug(LD_NET,
3740  "%d: starting, inbuf_datalen %ld (%d pending in tls object)."
3741  " at_most %ld.",
3742  (int)conn->s,(long)buf_datalen(conn->inbuf),
3743  tor_tls_get_pending_bytes(or_conn->tls), (long)at_most);
3744 
3745  initial_size = buf_datalen(conn->inbuf);
3746  /* else open, or closing */
3747  result = buf_read_from_tls(conn->inbuf, or_conn->tls, at_most);
3748  if (TOR_TLS_IS_ERROR(result) || result == TOR_TLS_CLOSE)
3749  or_conn->tls_error = result;
3750  else
3751  or_conn->tls_error = 0;
3752 
3753  switch (result) {
3754  case TOR_TLS_CLOSE:
3755  case TOR_TLS_ERROR_IO:
3756  log_debug(LD_NET,"TLS connection closed %son read. Closing. "
3757  "(Nickname %s, address %s)",
3758  result == TOR_TLS_CLOSE ? "cleanly " : "",
3759  or_conn->nickname ? or_conn->nickname : "not set",
3760  conn->address);
3761  return result;
3763  log_debug(LD_NET,"tls error [%s]. breaking (nickname %s, address %s).",
3764  tor_tls_err_to_string(result),
3765  or_conn->nickname ? or_conn->nickname : "not set",
3766  conn->address);
3767  return result;
3768  case TOR_TLS_WANTWRITE:
3770  return 0;
3771  case TOR_TLS_WANTREAD:
3772  if (conn->in_connection_handle_write) {
3773  /* We've been invoked from connection_handle_write, because we're
3774  * waiting for a TLS renegotiation, the renegotiation started, and
3775  * SSL_read returned WANTWRITE. But now SSL_read is saying WANTREAD
3776  * again. Stop waiting for write events now, or else we'll
3777  * busy-loop until data arrives for us to read.
3778  * XXX: remove this when v2 handshakes support is dropped. */
3780  if (!connection_is_reading(conn))
3782  }
3783  /* we're already reading, one hopes */
3784  break;
3785  case TOR_TLS_DONE: /* no data read, so nothing to process */
3786  break; /* so we call bucket_decrement below */
3787  default:
3788  break;
3789  }
3790  pending = tor_tls_get_pending_bytes(or_conn->tls);
3791  if (pending) {
3792  /* If we have any pending bytes, we read them now. This *can*
3793  * take us over our read allotment, but really we shouldn't be
3794  * believing that SSL bytes are the same as TCP bytes anyway. */
3795  int r2 = buf_read_from_tls(conn->inbuf, or_conn->tls, pending);
3796  if (BUG(r2<0)) {
3797  log_warn(LD_BUG, "apparently, reading pending bytes can fail.");
3798  return -1;
3799  }
3800  }
3801  result = (int)(buf_datalen(conn->inbuf)-initial_size);
3802  tor_tls_get_n_raw_bytes(or_conn->tls, &n_read, &n_written);
3803  log_debug(LD_GENERAL, "After TLS read of %d: %ld read, %ld written",
3804  result, (long)n_read, (long)n_written);
3805  } else if (conn->linked) {
3806  if (conn->linked_conn) {
3807  result = buf_move_to_buf(conn->inbuf, conn->linked_conn->outbuf,
3808  &conn->linked_conn->outbuf_flushlen);
3809  if (BUG(result<0)) {
3810  log_warn(LD_BUG, "reading from linked connection buffer failed.");
3811  return -1;
3812  }
3813  } else {
3814  result = 0;
3815  }
3816  //log_notice(LD_GENERAL, "Moved %d bytes on an internal link!", result);
3817  /* If the other side has disappeared, or if it's been marked for close and
3818  * we flushed its outbuf, then we should set our inbuf_reached_eof. */
3819  if (!conn->linked_conn ||
3820  (conn->linked_conn->marked_for_close &&
3821  buf_datalen(conn->linked_conn->outbuf) == 0))
3822  conn->inbuf_reached_eof = 1;
3823 
3824  n_read = (size_t) result;
3825  } else {
3826  /* !connection_speaks_cells, !conn->linked_conn. */
3827  int reached_eof = 0;
3828  CONN_LOG_PROTECT(conn,
3829  result = buf_read_from_socket(conn->inbuf, conn->s,
3830  at_most,
3831  &reached_eof,
3832  socket_error));
3833  if (reached_eof)
3834  conn->inbuf_reached_eof = 1;
3835 
3836 // log_fn(LOG_DEBUG,"read_to_buf returned %d.",read_result);
3837 
3838  if (result < 0)
3839  return -1;
3840  n_read = (size_t) result;
3841  }
3842 
3843  if (n_read > 0) {
3844  /* change *max_to_read */
3845  *max_to_read = at_most - n_read;
3846 
3847  /* Update edge_conn->n_read */
3848  if (conn->type == CONN_TYPE_AP) {
3849  edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
3850 
3851  /* Check for overflow: */
3852  if (PREDICT_LIKELY(UINT32_MAX - edge_conn->n_read > n_read))
3853  edge_conn->n_read += (int)n_read;
3854  else
3855  edge_conn->n_read = UINT32_MAX;
3856  }
3857 
3858  /* If CONN_BW events are enabled, update conn->n_read_conn_bw for
3859  * OR/DIR/EXIT connections, checking for overflow. */
3861  (conn->type == CONN_TYPE_OR ||
3862  conn->type == CONN_TYPE_DIR ||
3863  conn->type == CONN_TYPE_EXIT)) {
3864  if (PREDICT_LIKELY(UINT32_MAX - conn->n_read_conn_bw > n_read))
3865  conn->n_read_conn_bw += (int)n_read;
3866  else
3867  conn->n_read_conn_bw = UINT32_MAX;
3868  }
3869  }
3870 
3871  connection_buckets_decrement(conn, approx_time(), n_read, n_written);
3872 
3873  if (more_to_read && result == at_most) {
3874  slack_in_buf = buf_slack(conn->inbuf);
3875  at_most = more_to_read;
3876  goto again;
3877  }
3878 
3879  /* Call even if result is 0, since the global read bucket may
3880  * have reached 0 on a different conn, and this connection needs to
3881  * know to stop reading. */
3883  if (n_written > 0 && connection_is_writing(conn))
3885 
3886  return 0;
3887 }
3888 
3889 /** A pass-through to fetch_from_buf. */
3890 int
3891 connection_buf_get_bytes(char *string, size_t len, connection_t *conn)
3892 {
3893  return buf_get_bytes(conn->inbuf, string, len);
3894 }
3895 
3896 /** As buf_get_line(), but read from a connection's input buffer. */
3897 int
3899  size_t *data_len)
3900 {
3901  return buf_get_line(conn->inbuf, data, data_len);
3902 }
3903 
3904 /** As fetch_from_buf_http, but fetches from a connection's input buffer_t as
3905  * appropriate. */
3906 int
3908  char **headers_out, size_t max_headerlen,
3909  char **body_out, size_t *body_used,
3910  size_t max_bodylen, int force_complete)
3911 {
3912  return fetch_from_buf_http(conn->inbuf, headers_out, max_headerlen,
3913  body_out, body_used, max_bodylen, force_complete);
3914 }
3915 
3916 /** Return conn->outbuf_flushlen: how many bytes conn wants to flush
3917  * from its outbuf. */
3918 int
3920 {
3921  return conn->outbuf_flushlen > 0;
3922 }
3923 
3924 /** Are there too many bytes on edge connection <b>conn</b>'s outbuf to
3925  * send back a relay-level sendme yet? Return 1 if so, 0 if not. Used by
3926  * connection_edge_consider_sending_sendme().
3927  */
3928 int
3930 {
3931  return (conn->outbuf_flushlen > 10*CELL_PAYLOAD_SIZE);
3932 }
3933 
3934 /**
3935  * On Windows Vista and Windows 7, tune the send buffer size according to a
3936  * hint from the OS.
3937  *
3938  * This should help fix slow upload rates.
3939  */
3940 static void
3942 {
3943 #ifdef _WIN32
3944  /* We only do this on Vista and 7, because earlier versions of Windows
3945  * don't have the SIO_IDEAL_SEND_BACKLOG_QUERY functionality, and on
3946  * later versions it isn't necessary. */
3947  static int isVistaOr7 = -1;
3948  if (isVistaOr7 == -1) {
3949  isVistaOr7 = 0;
3950  OSVERSIONINFO osvi = { 0 };
3951  osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
3952  GetVersionEx(&osvi);
3953  if (osvi.dwMajorVersion == 6 && osvi.dwMinorVersion < 2)
3954  isVistaOr7 = 1;
3955  }
3956  if (!isVistaOr7)
3957  return;
3958  if (get_options()->ConstrainedSockets)
3959  return;
3960  ULONG isb = 0;
3961  DWORD bytesReturned = 0;
3962  if (!WSAIoctl(sock, SIO_IDEAL_SEND_BACKLOG_QUERY, NULL, 0,
3963  &isb, sizeof(isb), &bytesReturned, NULL, NULL)) {
3964  setsockopt(sock, SOL_SOCKET, SO_SNDBUF, (const char*)&isb, sizeof(isb));
3965  }
3966 #else /* !defined(_WIN32) */
3967  (void) sock;
3968 #endif /* defined(_WIN32) */
3969 }
3970 
3971 /** Try to flush more bytes onto <b>conn</b>->s.
3972  *
3973  * This function is called in connection_handle_write(), which gets
3974  * called from conn_write_callback() in main.c when libevent tells us
3975  * that <b>conn</b> wants to write.
3976  *
3977  * Update <b>conn</b>->timestamp_last_write_allowed to now, and call flush_buf
3978  * or flush_buf_tls appropriately. If it succeeds and there are no more
3979  * more bytes on <b>conn</b>->outbuf, then call connection_finished_flushing
3980  * on it too.
3981  *
3982  * If <b>force</b>, then write as many bytes as possible, ignoring bandwidth
3983  * limits. (Used for flushing messages to controller connections on fatal
3984  * errors.)
3985  *
3986  * Mark the connection and return -1 if you want to close it, else
3987  * return 0.
3988  */
3989 static int
3991 {
3992  int e;
3993  socklen_t len=(socklen_t)sizeof(e);
3994  int result;
3995  ssize_t max_to_write;
3996  time_t now = approx_time();
3997  size_t n_read = 0, n_written = 0;
3998  int dont_stop_writing = 0;
3999 
4001 
4002  if (conn->marked_for_close || !SOCKET_OK(conn->s))
4003  return 0; /* do nothing */
4004 
4005  if (conn->in_flushed_some) {
4006  log_warn(LD_BUG, "called recursively from inside conn->in_flushed_some");
4007  return 0;
4008  }
4009 
4010  conn->timestamp_last_write_allowed = now;
4011 
4013 
4014  /* Sometimes, "writable" means "connected". */
4015  if (connection_state_is_connecting(conn)) {
4016  if (getsockopt(conn->s, SOL_SOCKET, SO_ERROR, (void*)&e, &len) < 0) {
4017  log_warn(LD_BUG, "getsockopt() syscall failed");
4018  if (conn->type == CONN_TYPE_OR) {
4019  or_connection_t *orconn = TO_OR_CONN(conn);
4020  connection_or_close_for_error(orconn, 0);
4021  } else {
4022  if (CONN_IS_EDGE(conn)) {
4024  }
4025  connection_mark_for_close(conn);
4026  }
4027  return -1;
4028  }
4029  if (e) {
4030  /* some sort of error, but maybe just inprogress still */
4031  if (!ERRNO_IS_CONN_EINPROGRESS(e)) {
4032  log_info(LD_NET,"in-progress connect failed. Removing. (%s)",
4033  tor_socket_strerror(e));
4034  if (CONN_IS_EDGE(conn))
4036  if (conn->type == CONN_TYPE_OR)
4039  tor_socket_strerror(e));
4040 
4042  /*
4043  * This can bypass normal channel checking since we did
4044  * connection_or_notify_error() above.
4045  */
4046  connection_mark_for_close_internal(conn);
4047  return -1;
4048  } else {
4049  return 0; /* no change, see if next time is better */
4050  }
4051  }
4052  /* The connection is successful. */
4053  if (connection_finished_connecting(conn)<0)
4054  return -1;
4055  }
4056 
4057  max_to_write = force ? (ssize_t)conn->outbuf_flushlen
4058  : connection_bucket_write_limit(conn, now);
4059 
4060  if (connection_speaks_cells(conn) &&
4062  or_connection_t *or_conn = TO_OR_CONN(conn);
4063  size_t initial_size;
4064  if (conn->state == OR_CONN_STATE_TLS_HANDSHAKING ||
4067  if (connection_tls_continue_handshake(or_conn) < 0) {
4068  /* Don't flush; connection is dead. */
4070  END_OR_CONN_REASON_MISC,
4071  "TLS error in connection_tls_"
4072  "continue_handshake()");
4074  /*
4075  * This can bypass normal channel checking since we did
4076  * connection_or_notify_error() above.
4077  */
4078  connection_mark_for_close_internal(conn);
4079  return -1;
4080  }
4081  return 0;
4082  } else if (conn->state == OR_CONN_STATE_TLS_SERVER_RENEGOTIATING) {
4083  return connection_handle_read(conn);
4084  }
4085 
4086  /* else open, or closing */
4087  initial_size = buf_datalen(conn->outbuf);
4088  result = buf_flush_to_tls(conn->outbuf, or_conn->tls,
4089  max_to_write, &conn->outbuf_flushlen);
4090 
4091  if (result >= 0)
4092  update_send_buffer_size(conn->s);
4093 
4094  /* If we just flushed the last bytes, tell the channel on the
4095  * or_conn to check if it needs to geoip_change_dirreq_state() */
4096  /* XXXX move this to flushed_some or finished_flushing -NM */
4097  if (buf_datalen(conn->outbuf) == 0 && or_conn->chan)
4098  channel_notify_flushed(TLS_CHAN_TO_BASE(or_conn->chan));
4099 
4100  switch (result) {
4102  case TOR_TLS_CLOSE:
4103  log_info(LD_NET, result != TOR_TLS_CLOSE ?
4104  "tls error. breaking.":"TLS connection closed on flush");
4105  /* Don't flush; connection is dead. */
4107  END_OR_CONN_REASON_MISC,
4108  result != TOR_TLS_CLOSE ?
4109  "TLS error in during flush" :
4110  "TLS closed during flush");
4112  /*
4113  * This can bypass normal channel checking since we did
4114  * connection_or_notify_error() above.
4115  */
4116  connection_mark_for_close_internal(conn);
4117  return -1;
4118  case TOR_TLS_WANTWRITE:
4119  log_debug(LD_NET,"wanted write.");
4120  /* we're already writing */
4121  dont_stop_writing = 1;
4122  break;
4123  case TOR_TLS_WANTREAD:
4124  /* Make sure to avoid a loop if the receive buckets are empty. */
4125  log_debug(LD_NET,"wanted read.");
4126  if (!connection_is_reading(conn)) {
4127  connection_write_bw_exhausted(conn, true);
4128  /* we'll start reading again when we get more tokens in our
4129  * read bucket; then we'll start writing again too.
4130  */
4131  }
4132  /* else no problem, we're already reading */
4133  return 0;
4134  /* case TOR_TLS_DONE:
4135  * for TOR_TLS_DONE, fall through to check if the flushlen
4136  * is empty, so we can stop writing.
4137  */
4138  }
4139 
4140  tor_tls_get_n_raw_bytes(or_conn->tls, &n_read, &n_written);
4141  log_debug(LD_GENERAL, "After TLS write of %d: %ld read, %ld written",
4142  result, (long)n_read, (long)n_written);
4143  or_conn->bytes_xmitted += result;
4144  or_conn->bytes_xmitted_by_tls += n_written;
4145  /* So we notice bytes were written even on error */
4146  /* XXXX This cast is safe since we can never write INT_MAX bytes in a
4147  * single set of TLS operations. But it looks kinda ugly. If we refactor
4148  * the *_buf_tls functions, we should make them return ssize_t or size_t
4149  * or something. */
4150  result = (int)(initial_size-buf_datalen(conn->outbuf));
4151  } else {
4152  CONN_LOG_PROTECT(conn,
4153  result = buf_flush_to_socket(conn->outbuf, conn->s,
4154  max_to_write, &conn->outbuf_flushlen));
4155  if (result < 0) {
4156  if (CONN_IS_EDGE(conn))
4158  if (conn->type == CONN_TYPE_AP) {
4159  /* writing failed; we couldn't send a SOCKS reply if we wanted to */
4160  TO_ENTRY_CONN(conn)->socks_request->has_finished = 1;
4161  }
4162 
4163  connection_close_immediate(conn); /* Don't flush; connection is dead. */
4164  connection_mark_for_close(conn);
4165  return -1;
4166  }
4167  update_send_buffer_size(conn->s);
4168  n_written = (size_t) result;
4169  }
4170 
4171  if (n_written && conn->type == CONN_TYPE_AP) {
4172  edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
4173 
4174  /* Check for overflow: */
4175  if (PREDICT_LIKELY(UINT32_MAX - edge_conn->n_written > n_written))
4176  edge_conn->n_written += (int)n_written;
4177  else
4178  edge_conn->n_written = UINT32_MAX;
4179  }
4180 
4181  /* If CONN_BW events are enabled, update conn->n_written_conn_bw for
4182  * OR/DIR/EXIT connections, checking for overflow. */
4183  if (n_written && get_options()->TestingEnableConnBwEvent &&
4184  (conn->type == CONN_TYPE_OR ||
4185  conn->type == CONN_TYPE_DIR ||
4186  conn->type == CONN_TYPE_EXIT)) {
4187  if (PREDICT_LIKELY(UINT32_MAX - conn->n_written_conn_bw > n_written))
4188  conn->n_written_conn_bw += (int)n_written;
4189  else
4190  conn->n_written_conn_bw = UINT32_MAX;
4191  }
4192 
4193  connection_buckets_decrement(conn, approx_time(), n_read, n_written);
4194 
4195  if (result > 0) {
4196  /* If we wrote any bytes from our buffer, then call the appropriate
4197  * functions. */
4198  if (connection_flushed_some(conn) < 0) {
4199  if (connection_speaks_cells(conn)) {
4201  END_OR_CONN_REASON_MISC,
4202  "Got error back from "
4203  "connection_flushed_some()");
4204  }
4205 
4206  /*
4207  * This can bypass normal channel checking since we did
4208  * connection_or_notify_error() above.
4209  */
4210  connection_mark_for_close_internal(conn);
4211  }
4212  }
4213 
4214  if (!connection_wants_to_flush(conn) &&
4215  !dont_stop_writing) { /* it's done flushing */
4216  if (connection_finished_flushing(conn) < 0) {
4217  /* already marked */
4218  return -1;
4219  }
4220  return 0;
4221  }
4222 
4223  /* Call even if result is 0, since the global write bucket may
4224  * have reached 0 on a different conn, and this connection needs to
4225  * know to stop writing. */
4227  if (n_read > 0 && connection_is_reading(conn))
4229 
4230  return 0;
4231 }
4232 
4233 /* DOCDOC connection_handle_write */
4234 int
4235 connection_handle_write(connection_t *conn, int force)
4236 {
4237  int res;
4238  update_current_time(time(NULL));
4239  /* connection_handle_write_impl() might call connection_handle_read()
4240  * if we're in the middle of a v2 handshake, in which case it needs this
4241  * flag set. */
4242  conn->in_connection_handle_write = 1;
4243  res = connection_handle_write_impl(conn, force);
4244  conn->in_connection_handle_write = 0;
4245  return res;
4246 }
4247 
4248 /**
4249  * Try to flush data that's waiting for a write on <b>conn</b>. Return
4250  * -1 on failure, 0 on success.
4251  *
4252  * Don't use this function for regular writing; the buffers
4253  * system should be good enough at scheduling writes there. Instead, this
4254  * function is for cases when we're about to exit or something and we want
4255  * to report it right away.
4256  */
4257 int
4259 {
4260  return connection_handle_write(conn, 1);
4261 }
4262 
4263 /** Helper for connection_write_to_buf_impl and connection_write_buf_to_buf:
4264  *
4265  * Return true iff it is okay to queue bytes on <b>conn</b>'s outbuf for
4266  * writing.
4267  */
4268 static int
4270 {
4271  /* if it's marked for close, only allow write if we mean to flush it */
4272  if (conn->marked_for_close && !conn->hold_open_until_flushed)
4273  return 0;
4274 
4275  return 1;
4276 }
4277 
4278 /** Helper for connection_write_to_buf_impl and connection_write_buf_to_buf:
4279  *
4280  * Called when an attempt to add bytes on <b>conn</b>'s outbuf has failed;
4281  * mark the connection and warn as appropriate.
4282  */
4283 static void
4285 {
4286  if (CONN_IS_EDGE(conn)) {
4287  /* if it failed, it means we have our package/delivery windows set
4288  wrong compared to our max outbuf size. close the whole circuit. */
4289  log_warn(LD_NET,
4290  "write_to_buf failed. Closing circuit (fd %d).", (int)conn->s);
4291  circuit_mark_for_close(circuit_get_by_edge_conn(TO_EDGE_CONN(conn)),
4292  END_CIRC_REASON_INTERNAL);
4293  } else if (conn->type == CONN_TYPE_OR) {
4294  or_connection_t *orconn = TO_OR_CONN(conn);
4295  log_warn(LD_NET,
4296  "write_to_buf failed on an orconn; notifying of error "
4297  "(fd %d)", (int)(conn->s));
4298  connection_or_close_for_error(orconn, 0);
4299  } else {
4300  log_warn(LD_NET,
4301  "write_to_buf failed. Closing connection (fd %d).",
4302  (int)conn->s);
4303  connection_mark_for_close(conn);
4304  }
4305 }
4306 
4307 /** Helper for connection_write_to_buf_impl and connection_write_buf_to_buf:
4308  *
4309  * Called when an attempt to add bytes on <b>conn</b>'s outbuf has succeeded:
4310  * record the number of bytes added.
4311  */
4312 static void
4314 {
4315  /* If we receive optimistic data in the EXIT_CONN_STATE_RESOLVING
4316  * state, we don't want to try to write it right away, since
4317  * conn->write_event won't be set yet. Otherwise, write data from
4318  * this conn as the socket is available. */
4319  if (conn->write_event) {
4321  }
4322  conn->outbuf_flushlen += len;
4323 }
4324 
4325 /** Append <b>len</b> bytes of <b>string</b> onto <b>conn</b>'s
4326  * outbuf, and ask it to start writing.
4327  *
4328  * If <b>zlib</b> is nonzero, this is a directory connection that should get
4329  * its contents compressed or decompressed as they're written. If zlib is
4330  * negative, this is the last data to be compressed, and the connection's zlib
4331  * state should be flushed.
4332  */
4333 MOCK_IMPL(void,
4334 connection_write_to_buf_impl_,(const char *string, size_t len,
4335  connection_t *conn, int zlib))
4336 {
4337  /* XXXX This function really needs to return -1 on failure. */
4338  int r;
4339  if (!len && !(zlib<0))
4340  return;
4341 
4342  if (!connection_may_write_to_buf(conn))
4343  return;
4344 
4345  size_t written;
4346 
4347  if (zlib) {
4348  size_t old_datalen = buf_datalen(conn->outbuf);
4349  dir_connection_t *dir_conn = TO_DIR_CONN(conn);
4350  int done = zlib < 0;
4351  CONN_LOG_PROTECT(conn, r = buf_add_compress(conn->outbuf,
4352  dir_conn->compress_state,
4353  string, len, done));
4354  written = buf_datalen(conn->outbuf) - old_datalen;
4355  } else {
4356  CONN_LOG_PROTECT(conn, r = buf_add(conn->outbuf, string, len));
4357  written = len;
4358  }
4359  if (r < 0) {
4361  return;
4362  }
4363  connection_write_to_buf_commit(conn, written);
4364 }
4365 
4366 /**
4367  * Write a <b>string</b> (of size <b>len</b> to directory connection
4368  * <b>dir_conn</b>. Apply compression if connection is configured to use
4369  * it and finalize it if <b>done</b> is true.
4370  */
4371 void
4372 connection_dir_buf_add(const char *string, size_t len,
4373  dir_connection_t *dir_conn, int done)
4374 {
4375  if (dir_conn->compress_state != NULL) {
4376  connection_buf_add_compress(string, len, dir_conn, done);
4377  return;
4378  }
4379 
4380  connection_buf_add(string, len, TO_CONN(dir_conn));
4381 }
4382 
4383 void
4384 connection_buf_add_compress(const char *string, size_t len,
4385  dir_connection_t *conn, int done)
4386 {
4387  connection_write_to_buf_impl_(string, len, TO_CONN(conn), done ? -1 : 1);
4388 }
4389 
4390 /**
4391  * Add all bytes from <b>buf</b> to <b>conn</b>'s outbuf, draining them
4392  * from <b>buf</b>. (If the connection is marked and will soon be closed,
4393  * nothing is drained.)
4394  */
4395 void
4397 {
4398  tor_assert(conn);
4399  tor_assert(buf);
4400  size_t len = buf_datalen(buf);
4401  if (len == 0)
4402  return;
4403 
4404  if (!connection_may_write_to_buf(conn))
4405  return;
4406 
4407  buf_move_all(conn->outbuf, buf);
4408  connection_write_to_buf_commit(conn, len);
4409 }
4410 
4411 #define CONN_GET_ALL_TEMPLATE(var, test) \
4412  STMT_BEGIN \
4413  smartlist_t *conns = get_connection_array(); \
4414  smartlist_t *ret_conns = smartlist_new(); \
4415  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, var) { \
4416  if (var && (test) && !var->marked_for_close) \
4417  smartlist_add(ret_conns, var); \
4418  } SMARTLIST_FOREACH_END(var); \
4419  return ret_conns; \
4420  STMT_END
4421 
4422 /* Return a list of connections that aren't close and matches the given type
4423  * and state. The returned list can be empty and must be freed using
4424  * smartlist_free(). The caller does NOT have ownership of the objects in the
4425  * list so it must not free them nor reference them as they can disappear. */
4426 smartlist_t *
4427 connection_list_by_type_state(int type, int state)
4428 {
4429  CONN_GET_ALL_TEMPLATE(conn, (conn->type == type && conn->state == state));
4430 }
4431 
4432 /* Return a list of connections that aren't close and matches the given type
4433  * and purpose. The returned list can be empty and must be freed using
4434  * smartlist_free(). The caller does NOT have ownership of the objects in the
4435  * list so it must not free them nor reference them as they can disappear. */
4436 smartlist_t *
4437 connection_list_by_type_purpose(int type, int purpose)
4438 {
4439  CONN_GET_ALL_TEMPLATE(conn,
4440  (conn->type == type && conn->purpose == purpose));
4441 }
4442 
4443 /** Return a connection_t * from get_connection_array() that satisfies test on
4444  * var, and that is not marked for close. */
4445 #define CONN_GET_TEMPLATE(var, test) \
4446  STMT_BEGIN \
4447  smartlist_t *conns = get_connection_array(); \
4448  SMARTLIST_FOREACH(conns, connection_t *, var, \
4449  { \
4450  if (var && (test) && !var->marked_for_close) \
4451  return var; \
4452  }); \
4453  return NULL; \
4454  STMT_END
4455 
4456 /** Return a connection with given type, address, port, and purpose;
4457  * or NULL if no such connection exists (or if all such connections are marked
4458  * for close). */
4461  const tor_addr_t *addr, uint16_t port,
4462  int purpose))
4463 {
4464  CONN_GET_TEMPLATE(conn,
4465  (conn->type == type &&
4466  tor_addr_eq(&conn->addr, addr) &&
4467  conn->port == port &&
4468  conn->purpose == purpose));
4469 }
4470 
4471 /** Return the stream with id <b>id</b> if it is not already marked for
4472  * close.
4473  */
4474 connection_t *
4476 {
4477  CONN_GET_TEMPLATE(conn, conn->global_identifier == id);
4478 }
4479 
4480 /** Return a connection of type <b>type</b> that is not marked for close.
4481  */
4482 connection_t *
4484 {
4485  CONN_GET_TEMPLATE(conn, conn->type == type);
4486 }
4487 
4488 /** Return a connection of type <b>type</b> that is in state <b>state</b>,
4489  * and that is not marked for close.
4490  */
4491 connection_t *
4492 connection_get_by_type_state(int type, int state)
4493 {
4494  CONN_GET_TEMPLATE(conn, conn->type == type && conn->state == state);
4495 }
4496 
4497 /**
4498  * Return a connection of type <b>type</b> that is not an internally linked
4499  * connection, and is not marked for close.
4500  **/
4503 {
4504  CONN_GET_TEMPLATE(conn, conn->type == type && !conn->linked);
4505 }
4506 
4507 /** Return a connection of type <b>type</b> that has rendquery equal
4508  * to <b>rendquery</b>, and that is not marked for close. If state
4509  * is non-zero, conn must be of that state too.
4510  */
4511 connection_t *
4513  const char *rendquery)
4514 {
4515  tor_assert(type == CONN_TYPE_DIR ||
4516  type == CONN_TYPE_AP || type == CONN_TYPE_EXIT);
4517  tor_assert(rendquery);
4518 
4519  CONN_GET_TEMPLATE(conn,
4520  (conn->type == type &&
4521  (!state || state == conn->state)) &&
4522  (
4523  (type == CONN_TYPE_DIR &&
4524  TO_DIR_CONN(conn)->rend_data &&
4525  !rend_cmp_service_ids(rendquery,
4526  rend_data_get_address(TO_DIR_CONN(conn)->rend_data)))
4527  ||
4528  (CONN_IS_EDGE(conn) &&
4529  TO_EDGE_CONN(conn)->rend_data &&
4530  !rend_cmp_service_ids(rendquery,
4531  rend_data_get_address(TO_EDGE_CONN(conn)->rend_data)))
4532  ));
4533 }
4534 
4535 /** Return a new smartlist of dir_connection_t * from get_connection_array()
4536  * that satisfy conn_test on connection_t *conn_var, and dirconn_test on
4537  * dir_connection_t *dirconn_var. conn_var must be of CONN_TYPE_DIR and not
4538  * marked for close to be included in the list. */
4539 #define DIR_CONN_LIST_TEMPLATE(conn_var, conn_test, \
4540  dirconn_var, dirconn_test) \
4541  STMT_BEGIN \
4542  smartlist_t *conns = get_connection_array(); \
4543  smartlist_t *dir_conns = smartlist_new(); \
4544  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn_var) { \
4545  if (conn_var && (conn_test) \
4546  && conn_var->type == CONN_TYPE_DIR \
4547  && !conn_var->marked_for_close) { \
4548  dir_connection_t *dirconn_var = TO_DIR_CONN(conn_var); \
4549  if (dirconn_var && (dirconn_test)) { \
4550  smartlist_add(dir_conns, dirconn_var); \
4551  } \
4552  } \
4553  } SMARTLIST_FOREACH_END(conn_var); \
4554  return dir_conns; \
4555  STMT_END
4556 
4557 /** Return a list of directory connections that are fetching the item
4558  * described by <b>purpose</b>/<b>resource</b>. If there are none,
4559  * return an empty list. This list must be freed using smartlist_free,
4560  * but the pointers in it must not be freed.
4561  * Note that this list should not be cached, as the pointers in it can be
4562  * freed if their connections close. */
4563 smartlist_t *
4565  int purpose,
4566  const char *resource)
4567 {
4569  conn->purpose == purpose,
4570  dirconn,
4571  0 == strcmp_opt(resource,
4572  dirconn->requested_resource));
4573 }
4574 
4575 /** Return a list of directory connections that are fetching the item
4576  * described by <b>purpose</b>/<b>resource</b>/<b>state</b>. If there are
4577  * none, return an empty list. This list must be freed using smartlist_free,
4578  * but the pointers in it must not be freed.
4579  * Note that this list should not be cached, as the pointers in it can be
4580  * freed if their connections close. */
4581 smartlist_t *
4583  int purpose,
4584  const char *resource,
4585  int state)
4586 {
4588  conn->purpose == purpose && conn->state == state,
4589  dirconn,
4590  0 == strcmp_opt(resource,
4591  dirconn->requested_resource));
4592 }
4593 
4594 #undef DIR_CONN_LIST_TEMPLATE
4595 
4596 /** Return an arbitrary active OR connection that isn't <b>this_conn</b>.
4597  *
4598  * We use this to guess if we should tell the controller that we
4599  * didn't manage to connect to any of our bridges. */
4600 static connection_t *
4602 {
4603  CONN_GET_TEMPLATE(conn,
4604  conn != TO_CONN(this_conn) && conn->type == CONN_TYPE_OR);
4605 }
4606 
4607 /** Return 1 if there are any active OR connections apart from
4608  * <b>this_conn</b>.
4609  *
4610  * We use this to guess if we should tell the controller that we
4611  * didn't manage to connect to any of our bridges. */
4612 int
4614 {
4616  if (conn != NULL) {
4617  log_debug(LD_DIR, "%s: Found an OR connection: %s",
4618  __func__, conn->address);
4619  return 1;
4620  }
4621 
4622  return 0;
4623 }
4624 
4625 #undef CONN_GET_TEMPLATE
4626 
4627 /** Return 1 if <b>conn</b> is a listener conn, else return 0. */
4628 int
4630 {
4631  if (conn->type == CONN_TYPE_OR_LISTENER ||
4632  conn->type == CONN_TYPE_EXT_OR_LISTENER ||
4633  conn->type == CONN_TYPE_AP_LISTENER ||
4634  conn->type == CONN_TYPE_AP_TRANS_LISTENER ||
4635  conn->type == CONN_TYPE_AP_DNS_LISTENER ||
4636  conn->type == CONN_TYPE_AP_NATD_LISTENER ||
4638  conn->type == CONN_TYPE_DIR_LISTENER ||
4640  return 1;
4641  return 0;
4642 }
4643 
4644 /** Return 1 if <b>conn</b> is in state "open" and is not marked
4645  * for close, else return 0.
4646  */
4647 int
4649 {
4650  tor_assert(conn);
4651 
4652  if (conn->marked_for_close)
4653  return 0;
4654 
4655  if ((conn->type == CONN_TYPE_OR && conn->state == OR_CONN_STATE_OPEN) ||
4656  (conn->type == CONN_TYPE_EXT_OR) ||
4657  (conn->type == CONN_TYPE_AP && conn->state == AP_CONN_STATE_OPEN) ||
4658  (conn->type == CONN_TYPE_EXIT && conn->state == EXIT_CONN_STATE_OPEN) ||
4659  (conn->type == CONN_TYPE_CONTROL &&
4660  conn->state == CONTROL_CONN_STATE_OPEN))
4661  return 1;
4662 
4663  return 0;
4664 }
4665 
4666 /** Return 1 if conn is in 'connecting' state, else return 0. */
4667 int
4669 {
4670  tor_assert(conn);
4671 
4672  if (conn->marked_for_close)
4673  return 0;
4674  switch (conn->type)
4675  {
4676  case CONN_TYPE_OR:
4677  return conn->state == OR_CONN_STATE_CONNECTING;
4678  case CONN_TYPE_EXIT:
4679  return conn->state == EXIT_CONN_STATE_CONNECTING;
4680  case CONN_TYPE_DIR:
4681  return conn->state == DIR_CONN_STATE_CONNECTING;
4682  }
4683 
4684  return 0;
4685 }
4686 
4687 /** Allocates a base64'ed authenticator for use in http or https
4688  * auth, based on the input string <b>authenticator</b>. Returns it
4689  * if success, else returns NULL. */
4690 char *
4691 alloc_http_authenticator(const char *authenticator)
4692 {
4693  /* an authenticator in Basic authentication
4694  * is just the string "username:password" */
4695  const size_t authenticator_length = strlen(authenticator);
4696  const size_t base64_authenticator_length =
4697  base64_encode_size(authenticator_length, 0) + 1;
4698  char *base64_authenticator = tor_malloc(base64_authenticator_length);
4699  if (base64_encode(base64_authenticator, base64_authenticator_length,
4700  authenticator, authenticator_length, 0) < 0) {
4701  tor_free(base64_authenticator); /* free and set to null */
4702  }
4703  return base64_authenticator;
4704 }
4705 
4706 /** Given a socket handle, check whether the local address (sockname) of the
4707  * socket is one that we've connected from before. If so, double-check
4708  * whether our address has changed and we need to generate keys. If we do,
4709  * call init_keys().
4710  */
4711 static void
4713 {
4714  tor_addr_t out_addr, iface_addr;
4715  tor_addr_t **last_interface_ip_ptr;
4716  sa_family_t family;
4717 
4718  if (!outgoing_addrs)
4720 
4721  if (tor_addr_from_getsockname(&out_addr, sock) < 0) {
4722  int e = tor_socket_errno(sock);
4723  log_warn(LD_NET, "getsockname() to check for address change failed: %s",
4724  tor_socket_strerror(e));
4725  return;
4726  }
4727  family = tor_addr_family(&out_addr);
4728 
4729  if (family == AF_INET)
4730  last_interface_ip_ptr = &last_interface_ipv4;
4731  else if (family == AF_INET6)
4732  last_interface_ip_ptr = &last_interface_ipv6;
4733  else
4734  return;
4735 
4736  if (! *last_interface_ip_ptr) {
4737  tor_addr_t *a = tor_malloc_zero(sizeof(tor_addr_t));
4738  if (get_interface_address6(LOG_INFO, family, a)==0) {
4739  *last_interface_ip_ptr = a;
4740  } else {
4741  tor_free(a);
4742  }
4743  }
4744 
4745  /* If we've used this address previously, we're okay. */
4747  if (tor_addr_eq(a_ptr, &out_addr))
4748  return;
4749  );
4750 
4751  /* Uh-oh. We haven't connected from this address before. Has the interface
4752  * address changed? */
4753  if (get_interface_address6(LOG_INFO, family, &iface_addr)<0)
4754  return;
4755 
4756  if (tor_addr_eq(&iface_addr, *last_interface_ip_ptr)) {
4757  /* Nope, it hasn't changed. Add this address to the list. */
4758  smartlist_add(outgoing_addrs, tor_memdup(&out_addr, sizeof(tor_addr_t)));
4759  } else {
4760  /* The interface changed. We're a client, so we need to regenerate our
4761  * keys. First, reset the state. */
4762  log_notice(LD_NET, "Our IP address has changed. Rotating keys...");
4763  tor_addr_copy(*last_interface_ip_ptr, &iface_addr);
4766  smartlist_add(outgoing_addrs, tor_memdup(&out_addr, sizeof(tor_addr_t)));
4767  /* We'll need to resolve ourselves again. */
4769  /* Okay, now change our keys. */
4770  ip_address_changed(1);
4771  }
4772 }
4773 
4774 /** Some systems have limited system buffers for recv and xmit on
4775  * sockets allocated in a virtual server or similar environment. For a Tor
4776  * server this can produce the "Error creating network socket: No buffer
4777  * space available" error once all available TCP buffer space is consumed.
4778  * This method will attempt to constrain the buffers allocated for the socket
4779  * to the desired size to stay below system TCP buffer limits.
4780  */
4781 static void
4783 {
4784  void *sz = (void*)&size;
4785  socklen_t sz_sz = (socklen_t) sizeof(size);
4786  if (setsockopt(sock, SOL_SOCKET, SO_SNDBUF, sz, sz_sz) < 0) {
4787  int e = tor_socket_errno(sock);
4788  log_warn(LD_NET, "setsockopt() to constrain send "
4789  "buffer to %d bytes failed: %s", size, tor_socket_strerror(e));
4790  }
4791  if (setsockopt(sock, SOL_SOCKET, SO_RCVBUF, sz, sz_sz) < 0) {
4792  int e = tor_socket_errno(sock);
4793  log_warn(LD_NET, "setsockopt() to constrain recv "
4794  "buffer to %d bytes failed: %s", size, tor_socket_strerror(e));
4795  }
4796 }
4797 
4798 /** Process new bytes that have arrived on conn->inbuf.
4799  *
4800  * This function just passes conn to the connection-specific
4801  * connection_*_process_inbuf() function. It also passes in
4802  * package_partial if wanted.
4803  */
4804 static int
4805 connection_process_inbuf(connection_t *conn, int package_partial)
4806 {
4807  tor_assert(conn);
4808 
4809  switch (conn->type) {
4810  case CONN_TYPE_OR:
4812  case CONN_TYPE_EXT_OR:
4814  case CONN_TYPE_EXIT:
4815  case CONN_TYPE_AP:
4817  package_partial);
4818  case CONN_TYPE_DIR:
4820  case CONN_TYPE_CONTROL:
4822  default:
4823  log_err(LD_BUG,"got unexpected conn type %d.", conn->type);
4825  return -1;
4826  }
4827 }
4828 
4829 /** Called whenever we've written data on a connection. */
4830 static int
4832 {
4833  int r = 0;
4834  tor_assert(!conn->in_flushed_some);
4835  conn->in_flushed_some = 1;
4836  if (conn->type == CONN_TYPE_DIR &&
4839  } else if (conn->type == CONN_TYPE_OR) {
4841  } else if (CONN_IS_EDGE(conn)) {
4843  }
4844  conn->in_flushed_some = 0;
4845  return r;
4846 }
4847 
4848 /** We just finished flushing bytes to the appropriately low network layer,
4849  * and there are no more bytes remaining in conn->outbuf or
4850  * conn->tls to be flushed.
4851  *
4852  * This function just passes conn to the connection-specific
4853  * connection_*_finished_flushing() function.
4854  */
4855 static int
4857 {
4858  tor_assert(conn);
4859 
4860  /* If the connection is closed, don't try to do anything more here. */
4861  if (CONN_IS_CLOSED(conn))
4862  return 0;
4863 
4864 // log_fn(LOG_DEBUG,"entered. Socket %u.", conn->s);
4865 
4867 
4868  switch (conn->type) {
4869  case CONN_TYPE_OR:
4871  case CONN_TYPE_EXT_OR:
4873  case CONN_TYPE_AP:
4874  case CONN_TYPE_EXIT:
4876  case CONN_TYPE_DIR:
4878  case CONN_TYPE_CONTROL:
4880  default:
4881  log_err(LD_BUG,"got unexpected conn type %d.", conn->type);
4883  return -1;
4884  }
4885 }
4886 
4887 /** Called when our attempt to connect() to another server has just
4888  * succeeded.
4889  *
4890  * This function just passes conn to the connection-specific
4891  * connection_*_finished_connecting() function.
4892  */
4893 static int
4895 {
4896  tor_assert(conn);
4897 
4898  if (!server_mode(get_options())) {
4899  /* See whether getsockname() says our address changed. We need to do this
4900  * now that the connection has finished, because getsockname() on Windows
4901  * won't work until then. */
4903  }
4904 
4905  switch (conn->type)
4906  {
4907  case CONN_TYPE_OR:
4909  case CONN_TYPE_EXIT:
4911  case CONN_TYPE_DIR:
4913  default:
4914  log_err(LD_BUG,"got unexpected conn type %d.", conn->type);
4916  return -1;
4917  }
4918 }
4919 
4920 /** Callback: invoked when a connection reaches an EOF event. */
4921 static int
4923 {
4924  switch (conn->type) {
4925  case CONN_TYPE_OR:
4926  case CONN_TYPE_EXT_OR:
4927  return connection_or_reached_eof(TO_OR_CONN(conn));
4928  case CONN_TYPE_AP:
4929  case CONN_TYPE_EXIT:
4931  case CONN_TYPE_DIR:
4933  case CONN_TYPE_CONTROL:
4935  default:
4936  log_err(LD_BUG,"got unexpected conn type %d.", conn->type);
4938  return -1;
4939  }
4940 }
4941 
4942 /** Comparator for the two-orconn case in OOS victim sort */
4943 static int
4945 {
4946  int a_circs, b_circs;
4947  /* Fewer circuits == higher priority for OOS kill, sort earlier */
4948 
4949  a_circs = connection_or_get_num_circuits(a);
4950  b_circs = connection_or_get_num_circuits(b);
4951 
4952  if (a_circs < b_circs) return 1;
4953  else if (a_circs > b_circs) return -1;
4954  else return 0;
4955 }
4956 
4957 /** Sort comparator for OOS victims; better targets sort before worse
4958  * ones. */
4959 static int
4960 oos_victim_comparator(const void **a_v, const void **b_v)
4961 {
4962  connection_t *a = NULL, *b = NULL;
4963 
4964  /* Get connection pointers out */
4965 
4966  a = (connection_t *)(*a_v);
4967  b = (connection_t *)(*b_v);
4968 
4969  tor_assert(a != NULL);
4970  tor_assert(b != NULL);
4971 
4972  /*
4973  * We always prefer orconns as victims currently; we won't even see
4974  * these non-orconn cases, but if we do, sort them after orconns.
4975  */
4976  if (a->type == CONN_TYPE_OR && b->type == CONN_TYPE_OR) {
4978  } else {
4979  /*
4980  * One isn't an orconn; if one is, it goes first. We currently have no
4981  * opinions about cases where neither is an orconn.
4982  */
4983  if (a->type == CONN_TYPE_OR) return -1;
4984  else if (b->type == CONN_TYPE_OR) return 1;
4985  else return 0;
4986  }
4987 }
4988 
4989 /** Pick n victim connections for the OOS handler and return them in a
4990  * smartlist.
4991  */
4994 {
4995  smartlist_t *eligible = NULL, *victims = NULL;
4996  smartlist_t *conns;
4997  int conn_counts_by_type[CONN_TYPE_MAX_ + 1], i;
4998 
4999  /*
5000  * Big damn assumption (someone improve this someday!):
5001  *
5002  * Socket exhaustion normally happens on high-volume relays, and so
5003  * most of the connections involved are orconns. We should pick victims
5004  * by assembling a list of all orconns, and sorting them in order of
5005  * how much 'damage' by some metric we'd be doing by dropping them.
5006  *
5007  * If we move on from orconns, we should probably think about incoming
5008  * directory connections next, or exit connections. Things we should
5009  * probably never kill are controller connections and listeners.
5010  *
5011  * This function will count how many connections of different types
5012  * exist and log it for purposes of gathering data on typical OOS
5013  * situations to guide future improvements.
5014  */
5015 
5016  /* First, get the connection array */
5017  conns = get_connection_array();
5018  /*
5019  * Iterate it and pick out eligible connection types, and log some stats
5020  * along the way.
5021  */
5022  eligible = smartlist_new();
5023  memset(conn_counts_by_type, 0, sizeof(conn_counts_by_type));
5024  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, c) {
5025  /* Bump the counter */
5026  tor_assert(c->type <= CONN_TYPE_MAX_);
5027  ++(conn_counts_by_type[c->type]);
5028 
5029  /* Skip anything without a socket we can free */
5030  if (!(SOCKET_OK(c->s))) {
5031  continue;
5032  }
5033 
5034  /* Skip anything we would count as moribund */
5035  if (connection_is_moribund(c)) {
5036  continue;
5037  }
5038 
5039  switch (c->type) {
5040  case CONN_TYPE_OR:
5041  /* We've got an orconn, it's eligible to be OOSed */
5042  smartlist_add(eligible, c);
5043  break;
5044  default:
5045  /* We don't know what to do with it, ignore it */
5046  break;
5047  }
5048  } SMARTLIST_FOREACH_END(c);
5049 
5050  /* Log some stats */
5051  if (smartlist_len(conns) > 0) {
5052  /* At least one counter must be non-zero */
5053  log_info(LD_NET, "Some stats on conn types seen during OOS follow");
5054  for (i = CONN_TYPE_MIN_; i <= CONN_TYPE_MAX_; ++i) {
5055  /* Did we see any? */
5056  if (conn_counts_by_type[i] > 0) {
5057  log_info(LD_NET, "%s: %d conns",
5059  conn_counts_by_type[i]);
5060  }
5061  }
5062  log_info(LD_NET, "Done with OOS conn type stats");
5063  }
5064 
5065  /* Did we find more eligible targets than we want to kill? */
5066  if (smartlist_len(eligible) > n) {
5067  /* Sort the list in order of target preference */
5069  /* Pick first n as victims */
5070  victims = smartlist_new();
5071  for (i = 0; i < n; ++i) {
5072  smartlist_add(victims, smartlist_get(eligible, i));
5073  }
5074  /* Free the original list */
5075  smartlist_free(eligible);
5076  } else {
5077  /* No, we can just call them all victims */
5078  victims = eligible;
5079  }
5080 
5081  return victims;
5082 }
5083 
5084 /** Kill a list of connections for the OOS handler. */
5085 MOCK_IMPL(STATIC void,
5087 {
5088  if (!conns) return;
5089 
5090  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, c) {
5091  /* Make sure the channel layer gets told about orconns */
5092  if (c->type == CONN_TYPE_OR) {
5094  } else {
5095  connection_mark_for_close(c);
5096  }
5097  } SMARTLIST_FOREACH_END(c);
5098 
5099  log_notice(LD_NET,
5100  "OOS handler marked %d connections",
5101  smartlist_len(conns));
5102 }
5103 
5104 /** Check if a connection is on the way out so the OOS handler doesn't try
5105  * to kill more than it needs. */
5106 int
5108 {
5109  if (conn != NULL &&
5110  (conn->conn_array_index < 0 ||
5111  conn->marked_for_close)) {
5112  return 1;
5113  } else {
5114  return 0;
5115  }
5116 }
5117 
5118 /** Out-of-Sockets handler; n_socks is the current number of open
5119  * sockets, and failed is non-zero if a socket exhaustion related
5120  * error immediately preceded this call. This is where to do
5121  * circuit-killing heuristics as needed.
5122  */
5123 void
5124 connection_check_oos(int n_socks, int failed)
5125 {
5126  int target_n_socks = 0, moribund_socks, socks_to_kill;
5127  smartlist_t *conns;
5128 
5129  /* Early exit: is OOS checking disabled? */
5130  if (get_options()->DisableOOSCheck) {
5131  return;
5132  }
5133 
5134  /* Sanity-check args */
5135  tor_assert(n_socks >= 0);
5136 
5137  /*
5138  * Make some log noise; keep it at debug level since this gets a chance
5139  * to run on every connection attempt.
5140  */
5141  log_debug(LD_NET,
5142  "Running the OOS handler (%d open sockets, %s)",
5143  n_socks, (failed != 0) ? "exhaustion seen" : "no exhaustion");
5144 
5145  /*
5146  * Check if we're really handling an OOS condition, and if so decide how
5147  * many sockets we want to get down to. Be sure we check if the threshold
5148  * is distinct from zero first; it's possible for this to be called a few
5149  * times before we've finished reading the config.
5150  */
5151  if (n_socks >= get_options()->ConnLimit_high_thresh &&
5152  get_options()->ConnLimit_high_thresh != 0 &&
5153  get_options()->ConnLimit_ != 0) {
5154  /* Try to get down to the low threshold */
5155  target_n_socks = get_options()->ConnLimit_low_thresh;
5156  log_notice(LD_NET,
5157  "Current number of sockets %d is greater than configured "
5158  "limit %d; OOS handler trying to get down to %d",
5159  n_socks, get_options()->ConnLimit_high_thresh,
5160  target_n_socks);
5161  } else if (failed) {
5162  /*
5163  * If we're not at the limit but we hit a socket exhaustion error, try to
5164  * drop some (but not as aggressively as ConnLimit_low_threshold, which is
5165  * 3/4 of ConnLimit_)
5166  */
5167  target_n_socks = (n_socks * 9) / 10;
5168  log_notice(LD_NET,
5169  "We saw socket exhaustion at %d open sockets; OOS handler "
5170  "trying to get down to %d",
5171  n_socks, target_n_socks);
5172  }
5173 
5174  if (target_n_socks > 0) {
5175  /*
5176  * It's an OOS!
5177  *
5178  * Count moribund sockets; it's be important that anything we decide
5179  * to get rid of here but don't immediately close get counted as moribund
5180  * on subsequent invocations so we don't try to kill too many things if
5181  * connection_check_oos() gets called multiple times.
5182  */
5183  moribund_socks = connection_count_moribund();
5184 
5185  if (moribund_socks < n_socks - target_n_socks) {
5186  socks_to_kill = n_socks - target_n_socks - moribund_socks;
5187 
5188  conns = pick_oos_victims(socks_to_kill);
5189  if (conns) {
5190  kill_conn_list_for_oos(conns);
5191  log_notice(LD_NET,
5192  "OOS handler killed %d conns", smartlist_len(conns));
5193  smartlist_free(conns);
5194  } else {
5195  log_notice(LD_NET, "OOS handler failed to pick any victim conns");
5196  }
5197  } else {
5198  log_notice(LD_NET,
5199  "Not killing any sockets for OOS because there are %d "
5200  "already moribund, and we only want to eliminate %d",
5201  moribund_socks, n_socks - target_n_socks);
5202  }
5203  }
5204 }
5205 
5206 /** Log how many bytes are used by buffers of different kinds and sizes. */
5207 void
5209 {
5210  uint64_t used_by_type[CONN_TYPE_MAX_+1];
5211  uint64_t alloc_by_type[CONN_TYPE_MAX_+1];
5212  int n_conns_by_type[CONN_TYPE_MAX_+1];
5213  uint64_t total_alloc = 0;
5214  uint64_t total_used = 0;
5215  int i;
5216  smartlist_t *conns = get_connection_array();
5217 
5218  memset(used_by_type, 0, sizeof(used_by_type));
5219  memset(alloc_by_type, 0, sizeof(alloc_by_type));
5220  memset(n_conns_by_type, 0, sizeof(n_conns_by_type));
5221 
5222  SMARTLIST_FOREACH_BEGIN(conns, connection_t *, c) {
5223  int tp = c->type;
5224  ++n_conns_by_type[tp];
5225  if (c->inbuf) {
5226  used_by_type[tp] += buf_datalen(c->inbuf);
5227  alloc_by_type[tp] += buf_allocation(c->inbuf);
5228  }
5229  if (c->outbuf) {
5230  used_by_type[tp] += buf_datalen(c->outbuf);
5231  alloc_by_type[tp] += buf_allocation(c->outbuf);
5232  }
5233  } SMARTLIST_FOREACH_END(c);
5234  for (i=0; i <= CONN_TYPE_MAX_; ++i) {
5235  total_used += used_by_type[i];
5236  total_alloc += alloc_by_type[i];
5237  }
5238 
5239  tor_log(severity, LD_GENERAL,
5240  "In buffers for %d connections: %"PRIu64" used/%"PRIu64" allocated",
5241  smartlist_len(conns),
5242  (total_used), (total_alloc));
5243  for (i=CONN_TYPE_MIN_; i <= CONN_TYPE_MAX_; ++i) {
5244  if (!n_conns_by_type[i])
5245  continue;
5246  tor_log(severity, LD_GENERAL,
5247  " For %d %s connections: %"PRIu64" used/%"PRIu64" allocated",
5248  n_conns_by_type[i], conn_type_to_string(i),
5249  (used_by_type[i]), (alloc_by_type[i]));
5250  }
5251 }
5252 
5253 /** Verify that connection <b>conn</b> has all of its invariants
5254  * correct. Trigger an assert if anything is invalid.
5255  */
5256 void
5258 {
5259  (void) now; /* XXXX unused. */
5260  tor_assert(conn);
5261  tor_assert(conn->type >= CONN_TYPE_MIN_);
5262  tor_assert(conn->type <= CONN_TYPE_MAX_);
5263 
5264  switch (conn->type) {
5265  case CONN_TYPE_OR:
5266  case CONN_TYPE_EXT_OR:
5267  tor_assert(conn->magic == OR_CONNECTION_MAGIC);
5268  break;
5269  case CONN_TYPE_AP:
5270  tor_assert(conn->magic == ENTRY_CONNECTION_MAGIC);
5271  break;
5272  case CONN_TYPE_EXIT:
5273  tor_assert(conn->magic == EDGE_CONNECTION_MAGIC);
5274  break;
5275  case CONN_TYPE_DIR:
5276  tor_assert(conn->magic == DIR_CONNECTION_MAGIC);
5277  break;
5278  case CONN_TYPE_CONTROL:
5279  tor_assert(conn->magic == CONTROL_CONNECTION_MAGIC);
5280  break;
5281  CASE_ANY_LISTENER_TYPE:
5282  tor_assert(conn->magic == LISTENER_CONNECTION_MAGIC);
5283  break;
5284  default:
5285  tor_assert(conn->magic == BASE_CONNECTION_MAGIC);
5286  break;
5287  }
5288 
5289  if (conn->linked_conn) {
5290  tor_assert(conn->linked_conn->linked_conn == conn);
5291  tor_assert(conn->linked);
5292  }
5293  if (conn->linked)
5294  tor_assert(!SOCKET_OK(conn->s));
5295 
5296  if (conn->outbuf_flushlen > 0) {
5297  /* With optimistic data, we may have queued data in
5298  * EXIT_CONN_STATE_RESOLVING while the conn is not yet marked to writing.
5299  * */
5300  tor_assert((conn->type == CONN_TYPE_EXIT &&
5301  conn->state == EXIT_CONN_STATE_RESOLVING) ||
5302  connection_is_writing(conn) ||
5303  conn->write_blocked_on_bw ||
5304  (CONN_IS_EDGE(conn) &&
5305  TO_EDGE_CONN(conn)->edge_blocked_on_circ));
5306  }
5307 
5308  if (conn->hold_open_until_flushed)
5310 
5311  /* XXXX check: read_blocked_on_bw, write_blocked_on_bw, s, conn_array_index,
5312  * marked_for_close. */
5313 
5314  /* buffers */
5315  if (conn->inbuf)
5316  buf_assert_ok(conn->inbuf);
5317  if (conn->outbuf)
5318  buf_assert_ok(conn->outbuf);
5319 
5320  if (conn->type == CONN_TYPE_OR) {
5321  or_connection_t *or_conn = TO_OR_CONN(conn);
5322  if (conn->state == OR_CONN_STATE_OPEN) {
5323  /* tor_assert(conn->bandwidth > 0); */
5324  /* the above isn't necessarily true: if we just did a TLS
5325  * handshake but we didn't recognize the other peer, or it
5326  * gave a bad cert/etc, then we won't have assigned bandwidth,
5327  * yet it will be open. -RD
5328  */
5329 // tor_assert(conn->read_bucket >= 0);
5330  }
5331 // tor_assert(conn->addr && conn->port);
5332  tor_assert(conn->address);
5334  tor_assert(or_conn->tls);
5335  }
5336 
5337  if (CONN_IS_EDGE(conn)) {
5338  /* XXX unchecked: package window, deliver window. */
5339  if (conn->type == CONN_TYPE_AP) {
5340  entry_connection_t *entry_conn = TO_ENTRY_CONN(conn);
5341  if (entry_conn->chosen_exit_optional || entry_conn->chosen_exit_retries)
5342  tor_assert(entry_conn->chosen_exit_name);
5343 
5344  tor_assert(entry_conn->socks_request);
5345  if (conn->state == AP_CONN_STATE_OPEN) {
5346  tor_assert(entry_conn->socks_request->has_finished);
5347  if (!conn->marked_for_close) {
5348  tor_assert(ENTRY_TO_EDGE_CONN(entry_conn)->cpath_layer);
5349  cpath_assert_layer_ok(ENTRY_TO_EDGE_CONN(entry_conn)->cpath_layer);
5350  }
5351  }
5352  }
5353  if (conn->type == CONN_TYPE_EXIT) {
5355  conn->purpose == EXIT_PURPOSE_RESOLVE);
5356  }
5357  } else if (conn->type == CONN_TYPE_DIR) {
5358  } else {
5359  /* Purpose is only used for dir and exit types currently */
5360  tor_assert(!conn->purpose);
5361  }
5362 
5363  switch (conn->type)
5364  {
5365  CASE_ANY_LISTENER_TYPE:
5367  break;
5368  case CONN_TYPE_OR:
5369  tor_assert(conn->state >= OR_CONN_STATE_MIN_);
5370  tor_assert(conn->state <= OR_CONN_STATE_MAX_);
5371  break;
5372  case CONN_TYPE_EXT_OR:
5374  tor_assert(conn->state <= EXT_OR_CONN_STATE_MAX_);
5375  break;
5376  case CONN_TYPE_EXIT:
5377  tor_assert(conn->state >= EXIT_CONN_STATE_MIN_);
5378  tor_assert(conn->state <= EXIT_CONN_STATE_MAX_);
5379  tor_assert(conn->purpose >= EXIT_PURPOSE_MIN_);
5380  tor_assert(conn->purpose <= EXIT_PURPOSE_MAX_);
5381  break;
5382  case CONN_TYPE_AP:
5383  tor_assert(conn->state >= AP_CONN_STATE_MIN_);
5384  tor_assert(conn->state <= AP_CONN_STATE_MAX_);
5385  tor_assert(TO_ENTRY_CONN(conn)->socks_request);
5386  break;
5387  case CONN_TYPE_DIR:
5388  tor_assert(conn->state >= DIR_CONN_STATE_MIN_);
5389  tor_assert(conn->state <= DIR_CONN_STATE_MAX_);
5390  tor_assert(conn->purpose >= DIR_PURPOSE_MIN_);
5391  tor_assert(conn->purpose <= DIR_PURPOSE_MAX_);
5392  break;
5393  case CONN_TYPE_CONTROL:
5394  tor_assert(conn->state >= CONTROL_CONN_STATE_MIN_);
5395  tor_assert(conn->state <= CONTROL_CONN_STATE_MAX_);
5396  break;
5397  default:
5398  tor_assert(0);
5399  }
5400 }
5401 
5402 /** Fills <b>addr</b> and <b>port</b> with the details of the global
5403  * proxy server we are using. Store a 1 to the int pointed to by
5404  * <b>is_put_out</b> if the connection is using a pluggable
5405  * transport; store 0 otherwise. <b>conn</b> contains the connection
5406  * we are using the proxy for.
5407  *
5408  * Return 0 on success, -1 on failure.
5409  */
5410 int
5411 get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type,
5412  int *is_pt_out, const connection_t *conn)
5413 {
5414  const or_options_t *options = get_options();
5415 
5416  *is_pt_out = 0;
5417  /* Client Transport Plugins can use another proxy, but that should be hidden
5418  * from the rest of tor (as the plugin is responsible for dealing with the
5419  * proxy), check it first, then check the rest of the proxy types to allow
5420  * the config to have unused ClientTransportPlugin entries.
5421  */
5422  if (options->ClientTransportPlugin) {
5423  const transport_t *transport = NULL;
5424  int r;
5425  r = get_transport_by_bridge_addrport(&conn->addr, conn->port, &transport);
5426  if (r<0)
5427  return -1;
5428  if (transport) { /* transport found */
5429  tor_addr_copy(addr, &transport->addr);
5430  *port = transport->port;
5431  *proxy_type = transport->socks_version;
5432  *is_pt_out = 1;
5433  return 0;
5434  }
5435 
5436  /* Unused ClientTransportPlugin. */
5437  }
5438 
5439  if (options->HTTPSProxy) {
5440  tor_addr_copy(addr, &options->HTTPSProxyAddr);
5441  *port = options->HTTPSProxyPort;
5442  *proxy_type = PROXY_CONNECT;
5443  return 0;
5444  } else if (options->Socks4Proxy) {
5445  tor_addr_copy(addr, &options->Socks4ProxyAddr);
5446  *port = options->Socks4ProxyPort;
5447  *proxy_type = PROXY_SOCKS4;
5448  return 0;
5449  } else if (options->Socks5Proxy) {
5450  tor_addr_copy(addr, &options->Socks5ProxyAddr);
5451  *port = options->Socks5ProxyPort;
5452  *proxy_type = PROXY_SOCKS5;
5453  return 0;
5454  }
5455 
5456  tor_addr_make_unspec(addr);
5457  *port = 0;
5458  *proxy_type = PROXY_NONE;
5459  return 0;
5460 }
5461 
5462 /** Log a failed connection to a proxy server.
5463  * <b>conn</b> is the connection we use the proxy server for. */
5464 void
5466 {
5467  tor_addr_t proxy_addr;
5468  uint16_t proxy_port;
5469  int proxy_type, is_pt;
5470 
5471  if (get_proxy_addrport(&proxy_addr, &proxy_port, &proxy_type, &is_pt,
5472  conn) != 0)
5473  return; /* if we have no proxy set up, leave this function. */
5474 
5475  (void)is_pt;
5476  log_warn(LD_NET,
5477  "The connection to the %s proxy server at %s just failed. "
5478  "Make sure that the proxy server is up and running.",
5479  proxy_type_to_string(proxy_type),
5480  fmt_addrport(&proxy_addr, proxy_port));
5481 }
5482 
5483 /** Return string representation of <b>proxy_type</b>. */
5484 static const char *
5485 proxy_type_to_string(int proxy_type)
5486 {
5487  switch (proxy_type) {
5488  case PROXY_CONNECT: return "HTTP";
5489  case PROXY_SOCKS4: return "SOCKS4";
5490  case PROXY_SOCKS5: return "SOCKS5";
5491  case PROXY_PLUGGABLE: return "pluggable transports SOCKS";
5492  case PROXY_NONE: return "NULL";
5493  default: tor_assert(0);
5494  }
5495  return NULL; /*Unreached*/
5496 }
5497 
5498 /** Call connection_free_minimal() on every connection in our array, and
5499  * release all storage held by connection.c.
5500  *
5501  * Don't do the checks in connection_free(), because they will
5502  * fail.
5503  */
5504 void
5506 {
5507  smartlist_t *conns = get_connection_array();
5508 
5509  /* We don't want to log any messages to controllers. */
5510  SMARTLIST_FOREACH(conns, connection_t *, conn,
5511  if (conn->type == CONN_TYPE_CONTROL)
5512  TO_CONTROL_CONN(conn)->event_mask = 0);
5513 
5515 
5516  /* Unlink everything from the identity map. */
5519 
5520  /* Clear out our list of broken connections */
5522 
5523  SMARTLIST_FOREACH(conns, connection_t *, conn,
5524  connection_free_minimal(conn));
5525 
5526  if (outgoing_addrs) {
5528  smartlist_free(outgoing_addrs);
5529  outgoing_addrs = NULL;
5530  }
5531 
5533  tor_free(last_interface_ipv6);
5535 
5536  mainloop_event_free(reenable_blocked_connections_ev);
5538  memset(&reenable_blocked_connections_delay, 0, sizeof(struct timeval));
5539 }
5540 
5541 /** Log a warning, and possibly emit a control event, that <b>received</b> came
5542  * at a skewed time. <b>trusted</b> indicates that the <b>source</b> was one
5543  * that we had more faith in and therefore the warning level should have higher
5544  * severity.
5545  */
5546 MOCK_IMPL(void,
5547 clock_skew_warning, (const connection_t *conn, long apparent_skew, int trusted,
5548  log_domain_mask_t domain, const char *received,
5549  const char *source))
5550 {
5551  char dbuf[64];
5552  char *ext_source = NULL, *warn = NULL;
5553  format_time_interval(dbuf, sizeof(dbuf), apparent_skew);
5554  if (conn)
5555  tor_asprintf(&ext_source, "%s:%s:%d", source, conn->address, conn->port);
5556  else
5557  ext_source = tor_strdup(source);
5558  log_fn(trusted ? LOG_WARN : LOG_INFO, domain,
5559  "Received %s with skewed time (%s): "
5560  "It seems that our clock is %s by %s, or that theirs is %s%s. "
5561  "Tor requires an accurate clock to work: please check your time, "
5562  "timezone, and date settings.", received, ext_source,
5563  apparent_skew > 0 ? "ahead" : "behind", dbuf,
5564  apparent_skew > 0 ? "behind" : "ahead",
5565  (!conn || trusted) ? "" : ", or they are sending us the wrong time");
5566  if (trusted) {
5567  control_event_general_status(LOG_WARN, "CLOCK_SKEW SKEW=%ld SOURCE=%s",
5568  apparent_skew, ext_source);
5569  tor_asprintf(&warn, "Clock skew %ld in %s from %s", apparent_skew,
5570  received, source);
5571  control_event_bootstrap_problem(warn, "CLOCK_SKEW", conn, 1);
5572  }
5573  tor_free(warn);
5574  tor_free(ext_source);
5575 }
#define RELAY_PAYLOAD_SIZE
Definition: or.h:605
static void connection_bucket_refill_single(connection_t *conn, uint32_t now_ts)
Definition: connection.c:3474
Header file for dirserv.c.
void connection_or_close_for_error(or_connection_t *orconn, int flush)
void rep_hist_note_bytes_read(uint64_t num_bytes, time_t when)
Definition: rephist.c:1166
#define AP_CONN_STATE_CONNECT_WAIT
#define DIR_PURPOSE_SERVER
Definition: directory.h:62
#define CASE_TOR_TLS_ERROR_ANY_NONIO
Definition: tortls.h:53
void accounting_add_bytes(size_t n_read, size_t n_written, int seconds)
Definition: hibernate.c:331
#define CONN_TYPE_DIR_LISTENER
Definition: connection.h:33
struct tor_compress_state_t * compress_state
smartlist_t * get_connection_array(void)
Definition: mainloop.c:452
Header file for rendcommon.c.
#define CONN_TYPE_CONTROL_LISTENER
Definition: connection.h:38
int fascist_firewall_prefer_ipv6_orport(const or_options_t *options)
Definition: policies.c:508
STATIC void kill_conn_list_for_oos(smartlist_t *conns)
Definition: connection.c:5086
unsigned int cpd_check_t
Definition: dir.h:20
STATIC int connection_connect_sockaddr(connection_t *conn, const struct sockaddr *sa, socklen_t sa_len, const struct sockaddr *bindaddr, socklen_t bindaddr_len, int *socket_error)
Definition: connection.c:1945
Header file for channeltls.c.
#define AP_CONN_STATE_RESOLVE_WAIT
void rep_hist_note_dir_bytes_written(uint64_t num_bytes, time_t when)
Definition: rephist.c:1176
void connection_or_close_normally(or_connection_t *orconn, int flush)
Router descriptor structure.
const tor_addr_t * conn_get_outbound_address(sa_family_t family, const or_options_t *options, unsigned int conn_type)
Definition: connection.c:2128
Header file containing common data for the whole HS subsytem.
uint16_t HTTPSProxyPort
int token_bucket_rw_refill(token_bucket_rw_t *bucket, uint32_t now_ts)
Definition: token_bucket.c:183
void connection_start_writing(connection_t *conn)
Definition: mainloop.c:688
Header file for circuitbuild.c.
int get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type, int *is_pt_out, const connection_t *conn)
Definition: connection.c:5411
int connection_is_moribund(connection_t *conn)
Definition: connection.c:5107
int socks_policy_permits_address(const tor_addr_t *addr)
Definition: policies.c:1186
static smartlist_t * outgoing_addrs
Definition: connection.c:203
static int connection_read_https_proxy_response(connection_t *conn)
Definition: connection.c:2495
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
uint16_t sa_family_t
Definition: inaddr_st.h:77
#define SOCKS_COMMAND_CONNECT
Header for backtrace.c.
#define TO_CONN(c)
Definition: or.h:735
static int connection_flushed_some(connection_t *conn)
Definition: connection.c:4831
static int connection_fetch_from_buf_socks_client(connection_t *conn, int state, char **reason)
Definition: connection.c:2588
unsigned int linked_conn_is_closed
Definition: connection_st.h:86
void entry_guard_cancel(circuit_guard_state_t **guard_state_p)
Definition: entrynodes.c:2459
void connection_mark_all_noncontrol_connections(void)
Definition: connection.c:3013
void connection_ap_about_to_close(entry_connection_t *entry_conn)
uint8_t type
Definition: port_cfg_st.h:23
int connection_flush(connection_t *conn)
Definition: connection.c:4258
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
void tor_addr_make_unspec(tor_addr_t *a)
Definition: address.c:225
#define EXT_OR_CONN_STATE_MIN_
Definition: ext_orport.h:17
void update_current_time(time_t now)
Definition: mainloop.c:2195
int check_private_dir(const char *dirname, cpd_check_t check, const char *effective_user)
Definition: dir.c:71
uint16_t router_get_advertised_or_port(const or_options_t *options)
Definition: router.c:1424
static void connection_send_socks5_connect(connection_t *conn)
Definition: connection.c:2556
int tor_close_socket(tor_socket_t s)
Definition: socket.c:218
uint16_t router_get_advertised_or_port_by_af(const or_options_t *options, sa_family_t family)
Definition: router.c:1432
static void update_send_buffer_size(tor_socket_t sock)
Definition: connection.c:3941
char * Socks5ProxyPassword
#define EXIT_PURPOSE_CONNECT
int ClientPreferIPv6DirPort
connection_t * connection_get_by_type_nonlinked(int type)
Definition: connection.c:4502
Header for buffers_tls.c.
int connection_state_is_connecting(connection_t *conn)
Definition: connection.c:4668
void channel_close_for_error(channel_t *chan)
Definition: channel.c:1241
#define EXIT_CONN_STATE_RESOLVING
#define CONN_TYPE_AP_NATD_LISTENER
Definition: connection.h:46
uint32_t n_written_conn_bw
unsigned int purpose
Definition: connection_st.h:51
Header file for connection.c.
static int oos_victim_comparator(const void **a_v, const void **b_v)
Definition: connection.c:4960
#define EXIT_CONN_STATE_RESOLVEFAILED
const char * tor_tls_err_to_string(int err)
Definition: tortls.c:155
void connection_stop_reading_from_linked_conn(connection_t *conn)
Definition: mainloop.c:820
connection_t * connection_get_by_type_state_rendquery(int type, int state, const char *rendquery)
Definition: connection.c:4512
char unix_addr[FLEXIBLE_ARRAY_MEMBER]
Definition: port_cfg_st.h:36
#define LD_GENERAL
Definition: log.h:62
static void connection_init(time_t now, connection_t *conn, int type, int socket_family)
Definition: connection.c:491
void connection_consider_empty_read_buckets(connection_t *conn)
Definition: connection.c:3365
#define MAX_SOCKS5_AUTH_FIELD_SIZE
Definition: connection.h:180
void connection_free_(connection_t *conn)
Definition: connection.c:761
static int connection_reached_eof(connection_t *conn)
Definition: connection.c:4922
int rend_cmp_service_ids(const char *one, const char *two)
Definition: rendcommon.c:48
dir_connection_t * dir_connection_new(int socket_family)
Definition: connection.c:360
int get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr)
Definition: address.c:1629
static void client_check_address_changed(tor_socket_t sock)
Definition: connection.c:4712
static int connection_handle_listener_read(connection_t *conn, int new_type)
Definition: connection.c:1702
#define DOWNCAST(to, ptr)
Definition: or.h:110
int buf_flush_to_socket(buf_t *buf, tor_socket_t s, size_t sz, size_t *buf_flushlen)
Definition: buffers_net.c:231
static ssize_t connection_bucket_get_share(int base, int priority, ssize_t global_bucket_val, ssize_t conn_bucket)
Definition: connection.c:3099
Listener connection structure.
#define CONN_TYPE_AP_TRANS_LISTENER
Definition: connection.h:43
tor_addr_t addr
Definition: port_cfg_st.h:20
int authdir_mode(const or_options_t *options)
Definition: authmode.c:25
time_t connection_or_client_used(or_connection_t *conn)
Headers for compress.c.
void connection_link_connections(connection_t *conn_a, connection_t *conn_b)
Definition: connection.c:539
int conn_array_index
Definition: connection_st.h:94
#define LOG_INFO
Definition: log.h:45
static uint32_t tor_addr_to_ipv4n(const tor_addr_t *a)
Definition: address.h:145
Header file for nodelist.c.
static connection_t * connection_listener_new_for_port(const port_cfg_t *port, int *defer, int *addr_in_use)
Definition: connection.c:1576
static int retry_listener_ports(smartlist_t *old_conns, const smartlist_t *ports, smartlist_t *new_conns, smartlist_t *replacements, int control_listeners_only)
Definition: connection.c:2777
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:628
void tor_addr_make_null(tor_addr_t *a, sa_family_t family)
Definition: address.c:235
void stats_increment_bytes_read_and_written(uint64_t r, uint64_t w)
Definition: mainloop.c:484
unsigned int chosen_exit_optional
Header file for directory.c.
void smartlist_add(smartlist_t *sl, void *element)
#define OR_CONN_STATE_TLS_HANDSHAKING
Definition: orconn_event.h:36
int connection_dir_finished_connecting(dir_connection_t *conn)
Definition: directory.c:537
int connection_is_listener(connection_t *conn)
Definition: connection.c:4629
unsigned int write_blocked_on_bw
Definition: connection_st.h:58
unsigned get_signewnym_epoch(void)
Definition: mainloop.c:1346
int accounting_is_enabled(const or_options_t *options)
Definition: hibernate.c:305
#define bool_neq(a, b)
Definition: logic.h:18
void connection_or_notify_error(or_connection_t *conn, int reason, const char *msg)
#define MAX_HEADERS_SIZE
Definition: or.h:123
#define CONTROL_CONN_STATE_OPEN
Definition: control.h:19
void connection_or_clear_identity_map(void)
int fascist_firewall_prefer_ipv6_dirport(const or_options_t *options)
Definition: policies.c:533
size_t base64_encode_size(size_t srclen, int flags)
Definition: binascii.c:166
uint64_t RelayBandwidthRate
char * Socks5ProxyUsername
OR connection structure.
const struct passwd * tor_getpwnam(const char *username)
Definition: userdb.c:70
char * rate_limit_log(ratelim_t *lim, time_t now)
Definition: ratelim.c:41
#define AP_CONN_STATE_RENDDESC_WAIT
#define CONN_TYPE_OR_LISTENER
Definition: connection.h:21
#define OR_CONN_STATE_TLS_SERVER_RENEGOTIATING
Definition: orconn_event.h:43
int connection_ext_or_start_auth(or_connection_t *or_conn)
Definition: ext_orport.c:636
Header file for config.c.
static struct timeval reenable_blocked_connections_delay
Definition: connection.c:3501
char * Socks4Proxy
control_connection_t * TO_CONTROL_CONN(connection_t *c)
Definition: control.c:67
edge_connection_t * edge_connection_new(int type, int socket_family)
Definition: connection.c:415
static const char * connection_proxy_state_to_string(int state)
Definition: connection.c:2273
#define fmt_and_decorate_addr(a)
Definition: address.h:214
#define CONN_TYPE_OR
Definition: connection.h:24
socklen_t tor_addr_to_sockaddr(const tor_addr_t *a, uint16_t port, struct sockaddr *sa_out, socklen_t len)
Definition: address.c:113
char * alloc_http_authenticator(const char *authenticator)
Definition: connection.c:4691
#define DIR_CONN_LIST_TEMPLATE(conn_var, conn_test, dirconn_var, dirconn_test)
Definition: connection.c:4539
int connection_edge_finished_connecting(edge_connection_t *edge_conn)
const char * conn_type_to_string(int type)
Definition: connection.c:243