Tor  0.4.7.0-alpha-dev
Data Structures | Macros | Functions | Variables
connection_or.c File Reference

Functions to handle OR connections, TLS handshaking, and cells on the network. More...

#include "core/or/or.h"
#include "feature/client/bridges.h"
#include "lib/buf/buffers.h"
#include "core/or/channel.h"
#include "core/or/channeltls.h"
#include "core/or/circuitbuild.h"
#include "core/or/circuitlist.h"
#include "core/or/circuitstats.h"
#include "core/or/command.h"
#include "app/config/config.h"
#include "core/mainloop/connection.h"
#include "core/or/connection_or.h"
#include "feature/relay/relay_handshake.h"
#include "feature/control/control_events.h"
#include "lib/crypt_ops/crypto_util.h"
#include "feature/dirauth/reachability.h"
#include "feature/client/entrynodes.h"
#include "lib/geoip/geoip.h"
#include "core/mainloop/mainloop.h"
#include "trunnel/netinfo.h"
#include "feature/nodelist/microdesc.h"
#include "feature/nodelist/networkstatus.h"
#include "feature/nodelist/nodelist.h"
#include "core/proto/proto_cell.h"
#include "core/or/reasons.h"
#include "core/or/relay.h"
#include "feature/rend/rendcommon.h"
#include "feature/stats/rephist.h"
#include "feature/relay/router.h"
#include "feature/relay/routerkeys.h"
#include "feature/relay/routermode.h"
#include "feature/nodelist/dirlist.h"
#include "feature/nodelist/routerlist.h"
#include "feature/relay/ext_orport.h"
#include "core/or/scheduler.h"
#include "feature/nodelist/torcert.h"
#include "core/or/channelpadding.h"
#include "feature/dirauth/authmode.h"
#include "feature/hs/hs_service.h"
#include "core/or/cell_st.h"
#include "core/or/cell_queue_st.h"
#include "core/or/or_connection_st.h"
#include "core/or/or_handshake_certs_st.h"
#include "core/or/or_handshake_state_st.h"
#include "app/config/or_state_st.h"
#include "feature/nodelist/routerinfo_st.h"
#include "core/or/var_cell_st.h"
#include "lib/crypt_ops/crypto_format.h"
#include "lib/tls/tortls.h"
#include "core/or/orconn_event.h"

Go to the source code of this file.

Data Structures

struct  broken_state_count_t
 
struct  or_connect_failure_entry_t
 

Macros

#define CHANNEL_OBJECT_PRIVATE
 
#define CONNECTION_OR_PRIVATE
 
#define ORCONN_EVENT_PRIVATE
 
#define MAX_REASONS_TO_REPORT   10
 
#define TIME_BEFORE_OR_CONN_IS_TOO_OLD   (60*60*24*7)
 
#define OR_CONNECT_FAILURE_LIFETIME   60
 
#define OR_CONNECT_FAILURE_CLEANUP_INTERVAL   60
 

Functions

static int connection_tls_finish_handshake (or_connection_t *conn)
 
static int connection_or_launch_v3_or_handshake (or_connection_t *conn)
 
static int connection_or_process_cells_from_inbuf (or_connection_t *conn)
 
static int connection_or_check_valid_tls_handshake (or_connection_t *conn, int started_here, char *digest_rcvd_out)
 
static void connection_or_tls_renegotiated_cb (tor_tls_t *tls, void *_conn)
 
static unsigned int connection_or_is_bad_for_new_circs (or_connection_t *or_conn)
 
static void connection_or_mark_bad_for_new_circs (or_connection_t *or_conn)
 
static void connection_or_check_canonicity (or_connection_t *conn, int started_here)
 
or_connection_tTO_OR_CONN (connection_t *c)
 
const or_connection_tCONST_TO_OR_CONN (const connection_t *c)
 
void connection_or_clear_identity (or_connection_t *conn)
 
void connection_or_clear_identity_map (void)
 
static void connection_or_set_identity_digest (or_connection_t *conn, const char *rsa_digest, const ed25519_public_key_t *ed_id)
 
const struct ed25519_public_key_tconnection_or_get_alleged_ed25519_id (const or_connection_t *conn)
 
static void note_broken_connection (const char *state)
 
void clear_broken_connection_map (int stop_recording)
 
static void connection_or_get_state_description (or_connection_t *orconn, char *buf, size_t buflen)
 
static void connection_or_note_state_when_broken (or_connection_t *orconn)
 
static int broken_state_count_compare (const void **a_ptr, const void **b_ptr)
 
void connection_or_report_broken_states (int severity, int domain)
 
void connection_or_event_status (or_connection_t *conn, or_conn_status_event_t tp, int reason)
 
static void connection_or_state_publish (const or_connection_t *conn, uint8_t state)
 
void connection_or_change_state (or_connection_t *conn, uint8_t state)
 
int connection_or_get_num_circuits (or_connection_t *conn)
 
void cell_pack (packed_cell_t *dst, const cell_t *src, int wide_circ_ids)
 
static void cell_unpack (cell_t *dest, const char *src, int wide_circ_ids)
 
int var_cell_pack_header (const var_cell_t *cell, char *hdr_out, int wide_circ_ids)
 
var_cell_tvar_cell_new (uint16_t payload_len)
 
var_cell_tvar_cell_copy (const var_cell_t *src)
 
void var_cell_free_ (var_cell_t *cell)
 
int connection_or_reached_eof (or_connection_t *conn)
 
int connection_or_process_inbuf (or_connection_t *conn)
 
int connection_or_flushed_some (or_connection_t *conn)
 
ssize_t connection_or_num_cells_writeable (or_connection_t *conn)
 
int connection_or_finished_flushing (or_connection_t *conn)
 
int connection_or_finished_connecting (or_connection_t *or_conn)
 
void connection_or_about_to_close (or_connection_t *or_conn)
 
int connection_or_digest_is_known_relay (const char *id_digest)
 
static void connection_or_update_token_buckets_helper (or_connection_t *conn, int reset, const or_options_t *options)
 
void connection_or_update_token_buckets (smartlist_t *conns, const or_options_t *options)
 
void connection_or_set_canonical (or_connection_t *or_conn, int is_canonical)
 
void connection_or_init_conn_from_address (or_connection_t *conn, const tor_addr_t *addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id, int started_here)
 
int connection_or_single_set_badness_ (time_t now, or_connection_t *or_conn, int force)
 
void connection_or_group_set_badness_ (smartlist_t *group, int force)
 
static HT_HEAD (or_connect_failure_ht, or_connect_failure_entry_t)
 
static unsigned int or_connect_failure_ht_hash (const or_connect_failure_entry_t *entry)
 
 HT_PROTOTYPE (or_connect_failure_ht, or_connect_failure_entry_t, node, or_connect_failure_ht_hash, or_connect_failure_ht_eq)
 
 HT_GENERATE2 (or_connect_failure_ht, or_connect_failure_entry_t, node, or_connect_failure_ht_hash, or_connect_failure_ht_eq, 0.6, tor_reallocarray_, tor_free_)
 
static void or_connect_failure_init (const char *identity_digest, const tor_addr_t *addr, uint16_t port, or_connect_failure_entry_t *ocf)
 
static or_connect_failure_entry_tor_connect_failure_new (const or_connection_t *or_conn)
 
static or_connect_failure_entry_tor_connect_failure_find (const or_connection_t *or_conn)
 
STATIC void note_or_connect_failed (const or_connection_t *or_conn)
 
static void or_connect_failure_map_cleanup (time_t cutoff)
 
STATIC int should_connect_to_relay (const or_connection_t *or_conn)
 
void connection_or_connect_failed (or_connection_t *conn, int reason, const char *msg)
 
void connection_or_notify_error (or_connection_t *conn, int reason, const char *msg)
 
or_connection_tconnection_or_connect (const tor_addr_t *_addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id, channel_tls_t *chan)
 
void connection_or_close_normally (or_connection_t *orconn, int flush)
 
void connection_or_close_for_error (or_connection_t *orconn, int flush)
 
int connection_tls_start_handshake (or_connection_t *conn, int receiving)
 
void connection_or_block_renegotiation (or_connection_t *conn)
 
int connection_tls_continue_handshake (or_connection_t *conn)
 
int connection_or_nonopen_was_started_here (or_connection_t *conn)
 
int connection_or_client_learned_peer_id (or_connection_t *conn, const uint8_t *rsa_peer_id, const ed25519_public_key_t *ed_peer_id)
 
time_t connection_or_client_used (or_connection_t *conn)
 
int connection_init_or_handshake_state (or_connection_t *conn, int started_here)
 
void or_handshake_state_free_ (or_handshake_state_t *state)
 
void or_handshake_state_record_cell (or_connection_t *conn, or_handshake_state_t *state, const cell_t *cell, int incoming)
 
void or_handshake_state_record_var_cell (or_connection_t *conn, or_handshake_state_t *state, const var_cell_t *cell, int incoming)
 
int connection_or_set_state_open (or_connection_t *conn)
 
void connection_or_write_cell_to_buf (const cell_t *cell, or_connection_t *conn)
 
void connection_or_write_var_cell_to_buf (const var_cell_t *cell, or_connection_t *conn)
 
static int connection_fetch_var_cell_from_buf (or_connection_t *or_conn, var_cell_t **out)
 
int is_or_protocol_version_known (uint16_t v)
 
int connection_or_send_versions (or_connection_t *conn, int v3_plus)
 
static netinfo_addr_t * netinfo_addr_from_tor_addr (const tor_addr_t *tor_addr)
 
int connection_or_send_netinfo (or_connection_t *conn)
 

Variables

static strmap_t * broken_connection_counts
 
static int disable_broken_connection_counts = 0
 
static time_t or_connect_failure_map_next_cleanup_ts = 0
 
static const uint16_t or_protocol_versions [] = { 1, 2, 3, 4, 5 }
 
static const int n_or_protocol_versions
 

Detailed Description

Functions to handle OR connections, TLS handshaking, and cells on the network.

An or_connection_t is a subtype of connection_t (as implemented in connection.c) that uses a TLS connection to send and receive cells on the Tor network. (By sending and receiving cells connection_or.c, it cooperates with channeltls.c to implement a the channel interface of channel.c.)

Every OR connection has an underlying tortls_t object (as implemented in tortls.c) which it uses as its TLS stream. It is responsible for sending and receiving cells over that TLS.

This module also implements the client side of the v3 (and greater) Tor link handshake.

Definition in file connection_or.c.

Macro Definition Documentation

◆ MAX_REASONS_TO_REPORT

#define MAX_REASONS_TO_REPORT   10

Upper limit on the number of different states to report for connection failure.

Definition at line 327 of file connection_or.c.

◆ TIME_BEFORE_OR_CONN_IS_TOO_OLD

#define TIME_BEFORE_OR_CONN_IS_TOO_OLD   (60*60*24*7)

How old do we let a connection to an OR get before deciding it's too old for new circuits?

Definition at line 1017 of file connection_or.c.

Function Documentation

◆ broken_state_count_compare()

static int broken_state_count_compare ( const void **  a_ptr,
const void **  b_ptr 
)
static

Helper function used to sort broken_state_count_t by frequency.

Definition at line 314 of file connection_or.c.

◆ cell_pack()

void cell_pack ( packed_cell_t dst,
const cell_t src,
int  wide_circ_ids 
)

Pack the cell_t host-order structure src into network-order in the buffer dest. See tor-spec.txt for details about the wire format.

Note that this function doesn't touch dst->next: the caller should set it or clear it as appropriate.

Definition at line 454 of file connection_or.c.

Referenced by packed_cell_copy().

◆ cell_unpack()

static void cell_unpack ( cell_t dest,
const char *  src,
int  wide_circ_ids 
)
static

Unpack the network-order buffer src into a host-order cell_t structure dest.

Definition at line 475 of file connection_or.c.

◆ clear_broken_connection_map()

void clear_broken_connection_map ( int  stop_recording)

Forget all recorded states for failed connections. If stop_recording is true, don't record any more.

Definition at line 264 of file connection_or.c.

Referenced by connection_free_all().

◆ connection_fetch_var_cell_from_buf()

static int connection_fetch_var_cell_from_buf ( or_connection_t or_conn,
var_cell_t **  out 
)
static

See whether there's a variable-length cell waiting on or_conn's inbuf. Return values as for fetch_var_cell_from_buf().

Definition at line 2347 of file connection_or.c.

◆ connection_init_or_handshake_state()

int connection_init_or_handshake_state ( or_connection_t conn,
int  started_here 
)

Allocate a new connection handshake state for the connection conn. Return 0 on success, -1 on failure.

Definition at line 2147 of file connection_or.c.

Referenced by connection_or_launch_v3_or_handshake().

◆ connection_or_about_to_close()

void connection_or_about_to_close ( or_connection_t or_conn)

Called when we're about to finally unlink and free an OR connection: perform necessary accounting and cleanup

Definition at line 761 of file connection_or.c.

Referenced by connection_about_to_close_connection().

◆ connection_or_block_renegotiation()

void connection_or_block_renegotiation ( or_connection_t conn)

Block all future attempts to renegotiate on 'conn'

Definition at line 1685 of file connection_or.c.

Referenced by connection_or_tls_renegotiated_cb().

◆ connection_or_change_state()

void connection_or_change_state ( or_connection_t conn,
uint8_t  state 
)

Call this to change or_connection_t states, so the owning channel_tls_t can be notified.

Definition at line 419 of file connection_or.c.

Referenced by connection_or_launch_v3_or_handshake(), connection_or_set_state_open(), and connection_tls_start_handshake().

◆ connection_or_check_canonicity()

static void connection_or_check_canonicity ( or_connection_t conn,
int  started_here 
)
static

Check whether the identity of conn matches a known node. If it does, check whether the address of conn matches the expected address, and update the connection's is_canonical flag, nickname, and address fields as appropriate.

Definition at line 936 of file connection_or.c.

◆ connection_or_check_valid_tls_handshake()

static int connection_or_check_valid_tls_handshake ( or_connection_t conn,
int  started_here,
char *  digest_rcvd_out 
)
static

Conn just completed its handshake. Return 0 if all is well, and return -1 if they are lying, broken, or otherwise something is wrong.

If we initiated this connection (started_here is true), make sure the other side sent a correctly formed certificate. If I initiated the connection, make sure it's the right relay by checking the certificate.

Otherwise (if we didn't initiate this connection), it's okay for the certificate to be weird or absent.

If we return 0, and the certificate is as expected, write a hash of the identity key into digest_rcvd_out, which must have DIGEST_LEN space in it. If the certificate is invalid or missing on an incoming connection, we return 0 and set digest_rcvd_out to DIGEST_LEN NUL bytes. (If we return -1, the contents of this buffer are undefined.)

As side effects, 1) Set conn->circ_id_type according to tor-spec.txt. 2) If we're an authdirserver and we initiated the connection: drop all descriptors that claim to be on that IP/port but that aren't this relay; and note that this relay is reachable. 3) If this is a bridge and we didn't configure its identity fingerprint, remember the keyid we just learned.

Definition at line 1811 of file connection_or.c.

◆ connection_or_clear_identity()

void connection_or_clear_identity ( or_connection_t conn)

Clear clear conn->identity_digest and update other data structures as appropriate.

Definition at line 129 of file connection_or.c.

Referenced by connection_unlink().

◆ connection_or_clear_identity_map()

void connection_or_clear_identity_map ( void  )

Clear all identities in OR conns.

Definition at line 137 of file connection_or.c.

Referenced by connection_free_all().

◆ connection_or_client_learned_peer_id()

int connection_or_client_learned_peer_id ( or_connection_t conn,
const uint8_t *  rsa_peer_id,
const ed25519_public_key_t ed_peer_id 
)

Called when we (as a connection initiator) have definitively, authenticatedly, learned that ID of the Tor instance on the other side of conn is rsa_peer_id and optionally ed_peer_id. For v1 and v2 handshakes, this is right after we get a certificate chain in a TLS handshake or renegotiation. For v3+ handshakes, this is right after we get a certificate chain in a CERTS cell.

If we did not know the ID before, record the one we got.

If we wanted an ID, but we didn't get the one we expected, log a message and return -1. On relays:

  • log a protocol warning whenever the fingerprints don't match; On clients:
  • if a relay's fingerprint doesn't match, log a warning;
  • if we don't have updated relay fingerprints from a recent consensus, and a fallback directory mirror's hard-coded fingerprint has changed, log an info explaining that we will try another fallback.

If we're testing reachability, remember what we learned.

Return 0 on success, -1 on failure.

Definition at line 1906 of file connection_or.c.

◆ connection_or_client_used()

time_t connection_or_client_used ( or_connection_t conn)

Return when we last used this channel for client activity (origin circuits). This is called from connection.c, since client_used is now one of the timestamps in channel_t

Definition at line 2063 of file connection_or.c.

Referenced by connection_counts_as_relayed_traffic().

◆ connection_or_close_for_error()

void connection_or_close_for_error ( or_connection_t orconn,
int  flush 
)

Mark orconn for close and transition the associated channel, if any, to the error state.

Definition at line 1619 of file connection_or.c.

Referenced by connection_or_tls_renegotiated_cb(), and kill_conn_list_for_oos().

◆ connection_or_close_normally()

void connection_or_close_normally ( or_connection_t orconn,
int  flush 
)

Mark orconn for close and transition the associated channel, if any, to the closing state.

It's safe to call this and connection_or_close_for_error() any time, and channel layer will treat it as a connection closing for reasons outside its control, like the remote end closing it. It can also be a local reason that's specific to connection_t/or_connection_t rather than the channel mechanism, such as expiration of old connections in run_connection_housekeeping(). If you want to close a channel_t from somewhere that logically works in terms of generic channels rather than connections, use channel_mark_for_close(); see also the comment on that function in channel.c.

Definition at line 1598 of file connection_or.c.

◆ connection_or_connect()

or_connection_t* connection_or_connect ( const tor_addr_t _addr,
uint16_t  port,
const char *  id_digest,
const ed25519_public_key_t ed_id,
channel_tls_t *  chan 
)

Launch a new OR connection to addr:port and expect to handshake with an OR with identity digest id_digest. Optionally, pass in a pointer to a channel using this connection.

If id_digest is me, do nothing. If we're already connected to it, return that connection. If the connect() is in progress, set the new conn's state to 'connecting' and return it. If connect() succeeds, call connection_tls_start_handshake() on it.

This function is called from router_retry_connections(), for ORs connecting to ORs, and circuit_establish_circuit(), for OPs connecting to ORs.

Return the launched conn, or NULL if it failed.

Definition at line 1454 of file connection_or.c.

◆ connection_or_connect_failed()

void connection_or_connect_failed ( or_connection_t conn,
int  reason,
const char *  msg 
)

conn is in the 'connecting' state, and it failed to complete a TCP connection. Send notifications appropriately.

reason specifies the or_conn_end_reason for the failure; msg specifies the strerror-style error message.

Definition at line 1395 of file connection_or.c.

Referenced by connection_or_notify_error().

◆ connection_or_digest_is_known_relay()

int connection_or_digest_is_known_relay ( const char *  id_digest)

Return 1 if identity digest id_digest is known to be a currently or recently running relay. Otherwise return 0.

Definition at line 814 of file connection_or.c.

Referenced by connection_or_update_token_buckets_helper().

◆ connection_or_event_status()

void connection_or_event_status ( or_connection_t conn,
or_conn_status_event_t  tp,
int  reason 
)

Helper function to publish an OR connection status event

Publishes a messages to subscribers of ORCONN messages, and sends the control event.

Definition at line 372 of file connection_or.c.

Referenced by connection_ext_or_transition(), connection_init_accepted_conn(), connection_or_connect_failed(), and connection_or_set_state_open().

◆ connection_or_finished_connecting()

int connection_or_finished_connecting ( or_connection_t or_conn)

Connected handler for OR connections: begin the TLS handshake.

Definition at line 725 of file connection_or.c.

Referenced by connection_finished_connecting().

◆ connection_or_finished_flushing()

int connection_or_finished_flushing ( or_connection_t conn)

Connection conn has finished writing and has no bytes left on its outbuf.

Otherwise it's in state "open": stop writing and return.

If conn is broken, mark it for close and return -1, else return 0.

Definition at line 680 of file connection_or.c.

Referenced by connection_finished_flushing().

◆ connection_or_flushed_some()

int connection_or_flushed_some ( or_connection_t conn)

Called whenever we have flushed some data on an or_conn: add more data from active circuits.

Definition at line 628 of file connection_or.c.

◆ connection_or_get_alleged_ed25519_id()

const struct ed25519_public_key_t* connection_or_get_alleged_ed25519_id ( const or_connection_t conn)

Return the Ed25519 identity of the peer for this connection (if any).

Note that this ID may not be the actual identity for the peer if authentication is not complete.

Definition at line 218 of file connection_or.c.

◆ connection_or_get_num_circuits()

int connection_or_get_num_circuits ( or_connection_t conn)

Return the number of circuits using an or_connection_t; this used to be an or_connection_t field, but it got moved to channel_t and we shouldn't maintain two copies.

Definition at line 435 of file connection_or.c.

Referenced by oos_victim_comparator_for_orconns().

◆ connection_or_get_state_description()

static void connection_or_get_state_description ( or_connection_t orconn,
char *  buf,
size_t  buflen 
)
static

Write a detailed description the state of orconn into the buflen-byte buffer at buf. This description includes not only the OR-conn level state but also the TLS state. It's useful for diagnosing broken handshakes.

Definition at line 278 of file connection_or.c.

Referenced by connection_or_note_state_when_broken().

◆ connection_or_group_set_badness_()

void connection_or_group_set_badness_ ( smartlist_t group,
int  force 
)

Given a list of all the or_connections with a given identity, set elements of that list as is_bad_for_new_circs as appropriate. Helper for connection_or_set_bad_connections().

Specifically, we set the is_bad_for_new_circs flag on:

  • all connections if force is true.
  • all connections that are too old.
  • all open non-canonical connections for which a canonical connection exists to the same router.
  • all open canonical connections for which a 'better' canonical connection exists to the same router.
  • all open non-canonical connections for which a 'better' non-canonical connection exists to the same router at the same address.

See channel_is_better() in channel.c for our idea of what makes one OR connection better than another.

Definition at line 1068 of file connection_or.c.

◆ connection_or_init_conn_from_address()

void connection_or_init_conn_from_address ( or_connection_t conn,
const tor_addr_t addr,
uint16_t  port,
const char *  id_digest,
const ed25519_public_key_t ed_id,
int  started_here 
)

If we don't necessarily know the router we're connecting to, but we have an addr/port/id_digest, then fill in as much as we can. Start by checking to see if this describes a router we know. started_here is 1 if we are the initiator of conn and 0 if it's an incoming connection.

Definition at line 907 of file connection_or.c.

◆ connection_or_is_bad_for_new_circs()

static unsigned int connection_or_is_bad_for_new_circs ( or_connection_t or_conn)
static

These just pass all the is_bad_for_new_circs manipulation on to channel_t

Definition at line 997 of file connection_or.c.

Referenced by connection_or_group_set_badness_(), and connection_or_single_set_badness_().

◆ connection_or_launch_v3_or_handshake()

static int connection_or_launch_v3_or_handshake ( or_connection_t conn)
static

Called as client when initial TLS handshake is done, and we notice that we got a v3-handshake signalling certificate from the server. Set up structures, do bookkeeping, and send the versions cell. Return 0 on success and -1 on failure.

Definition at line 2131 of file connection_or.c.

◆ connection_or_nonopen_was_started_here()

int connection_or_nonopen_was_started_here ( or_connection_t conn)

Return 1 if we initiated this connection, or 0 if it started out as an incoming connection.

Definition at line 1774 of file connection_or.c.

Referenced by connection_or_launch_v3_or_handshake(), connection_tls_finish_handshake(), and enter_v3_handshake_with_cell().

◆ connection_or_note_state_when_broken()

static void connection_or_note_state_when_broken ( or_connection_t orconn)
static

Record the current state of orconn as the state of a broken connection.

Definition at line 296 of file connection_or.c.

◆ connection_or_notify_error()

void connection_or_notify_error ( or_connection_t conn,
int  reason,
const char *  msg 
)

conn got an error in connection_handle_read_impl() or connection_handle_write_impl() and is going to die soon.

reason specifies the or_conn_end_reason for the failure; msg specifies the strerror-style error message.

Definition at line 1411 of file connection_or.c.

Referenced by connection_handle_read_impl().

◆ connection_or_num_cells_writeable()

ssize_t connection_or_num_cells_writeable ( or_connection_t conn)

This is for channeltls.c to ask how many cells we could accept if they were available.

Definition at line 650 of file connection_or.c.

◆ connection_or_process_cells_from_inbuf()

static int connection_or_process_cells_from_inbuf ( or_connection_t conn)
static

Process cells from conn's inbuf.

Loop: while inbuf contains a cell, pull it off the inbuf, unpack it, and hand it to command_process_cell().

Always return 0.

Definition at line 2361 of file connection_or.c.

◆ connection_or_process_inbuf()

int connection_or_process_inbuf ( or_connection_t conn)

Handle any new bytes that have come in on connection conn. If conn is in 'open' state, hand it to connection_or_process_cells_from_inbuf() (else do nothing).

Definition at line 568 of file connection_or.c.

Referenced by connection_process_inbuf().

◆ connection_or_reached_eof()

int connection_or_reached_eof ( or_connection_t conn)

We've received an EOF from conn. Mark it for close and return.

Definition at line 552 of file connection_or.c.

Referenced by connection_reached_eof().

◆ connection_or_report_broken_states()

void connection_or_report_broken_states ( int  severity,
int  domain 
)

Report a list of the top states for failed OR connections at log level severity, in log domain domain.

Definition at line 332 of file connection_or.c.

◆ connection_or_send_netinfo()

int connection_or_send_netinfo ( or_connection_t conn)

Send a NETINFO cell on conn, telling the other server what we know about their address, our address, and the current time.

Definition at line 2503 of file connection_or.c.

◆ connection_or_send_versions()

int connection_or_send_versions ( or_connection_t conn,
int  v3_plus 
)

Send a VERSIONS cell on conn, telling the other host about the link protocol versions that this Tor can support.

If v3_plus, this is part of a V3 protocol handshake, so only allow protocol version v3 or later. If not v3_plus, this is not part of a v3 protocol handshake, so don't allow protocol v3 or later.

Definition at line 2448 of file connection_or.c.

Referenced by connection_or_launch_v3_or_handshake().

◆ connection_or_set_identity_digest()

static void connection_or_set_identity_digest ( or_connection_t conn,
const char *  rsa_digest,
const ed25519_public_key_t ed_id 
)
static

Change conn->identity_digest to digest, and add conn into the appropriate digest maps.

NOTE that this function only allows two kinds of transitions: from unset identity to set identity, and from idempotent re-settings of the same identity. It's not allowed to clear an identity or to change an identity. Return 0 on success, and -1 if the transition is not allowed.

Definition at line 158 of file connection_or.c.

◆ connection_or_set_state_open()

int connection_or_set_state_open ( or_connection_t conn)

Set conn's state to OR_CONN_STATE_OPEN, and tell other subsystems as appropriate. Called when we are done with all TLS and OR handshaking.

Definition at line 2263 of file connection_or.c.

◆ connection_or_single_set_badness_()

int connection_or_single_set_badness_ ( time_t  now,
or_connection_t or_conn,
int  force 
)

Expire an or_connection if it is too old. Helper for connection_or_group_set_badness_ and fast path for channel_rsa_id_group_set_badness.

Returns 1 if the connection was already expired, else 0.

Definition at line 1026 of file connection_or.c.

Referenced by connection_or_group_set_badness_().

◆ connection_or_state_publish()

static void connection_or_state_publish ( const or_connection_t conn,
uint8_t  state 
)
static

Helper function to publish a state change message

connection_or_change_state() calls this to notify subscribers about a change of an OR connection state.

Definition at line 391 of file connection_or.c.

Referenced by connection_or_change_state().

◆ connection_or_tls_renegotiated_cb()

static void connection_or_tls_renegotiated_cb ( tor_tls_t tls,
void *  _conn 
)
static

Invoked on the server side from inside tor_tls_read() when the server gets a successful TLS renegotiation from the client.

Definition at line 1697 of file connection_or.c.

◆ connection_or_update_token_buckets()

void connection_or_update_token_buckets ( smartlist_t conns,
const or_options_t options 
)

Either our set of relays or our per-conn rate limits have changed. Go through all the OR connections and update their token buckets to make sure they don't exceed their maximum values.

Definition at line 866 of file connection_or.c.

Referenced by options_act_relay_bandwidth().

◆ connection_or_update_token_buckets_helper()

static void connection_or_update_token_buckets_helper ( or_connection_t conn,
int  reset,
const or_options_t options 
)
static

Set the per-conn read and write limits for conn. If it's a known relay, we will rely on the global read and write buckets, so give it per-conn limits that are big enough they'll never matter. But if it's not a known relay, first check if we set PerConnBwRate/Burst, then check if the consensus sets them, else default to 'big enough'.

If reset is true, set the bucket to be full. Otherwise, just clip the bucket if it happens to be too full.

Definition at line 834 of file connection_or.c.

◆ connection_or_write_cell_to_buf()

void connection_or_write_cell_to_buf ( const cell_t cell,
or_connection_t conn 
)

Pack cell into wire-format, and write it onto conn's outbuf. For cells that use or affect a circuit, this should only be called by connection_or_flush_from_first_active_circuit().

Definition at line 2286 of file connection_or.c.

◆ connection_or_write_var_cell_to_buf()

void connection_or_write_var_cell_to_buf ( const var_cell_t cell,
or_connection_t conn 
)

Pack a variable-length cell into wire-format, and write it onto conn's outbuf. Right now, this DOES NOT support cells that affect a circuit.

Definition at line 2325 of file connection_or.c.

◆ connection_tls_continue_handshake()

int connection_tls_continue_handshake ( or_connection_t conn)

Move forward with the tls handshake. If it finishes, hand conn to connection_tls_finish_handshake().

Return -1 if conn is broken, else return 0.

Definition at line 1718 of file connection_or.c.

◆ connection_tls_finish_handshake()

static int connection_tls_finish_handshake ( or_connection_t conn)
static

The v1/v2 TLS handshake is finished.

Make sure we are happy with the peer we just handshaked with.

If they initiated the connection, make sure they're not already connected, then initialize conn from the information in router.

If all is successful, call circuit_n_conn_done() to handle events that have been pending on the <tls handshake completion. Also set the directory to be dirty (only matters if I'm an authdirserver).

If this is a v2 TLS handshake, send a versions cell.

Definition at line 2086 of file connection_or.c.

Referenced by connection_or_tls_renegotiated_cb().

◆ connection_tls_start_handshake()

int connection_tls_start_handshake ( or_connection_t conn,
int  receiving 
)

Begin the tls handshake with conn. receiving is 0 if we initiated the connection, else it's 1.

Assign a new tls object to conn->tls, begin reading on conn, and pass conn to connection_tls_continue_handshake().

Return -1 if conn is broken, else return 0.

Definition at line 1644 of file connection_or.c.

◆ CONST_TO_OR_CONN()

const or_connection_t* CONST_TO_OR_CONN ( const connection_t c)

Cast a const connection_t * to a const or_connection_t *.

Exit with an assertion failure if the input is not an or_connnection_t.

Definition at line 121 of file connection_or.c.

◆ is_or_protocol_version_known()

int is_or_protocol_version_known ( uint16_t  v)

Return true iff v is a link protocol version that this Tor implementation believes it can support.

Definition at line 2429 of file connection_or.c.

◆ note_broken_connection()

static void note_broken_connection ( const char *  state)
static

Record that an OR connection failed in state.

Definition at line 244 of file connection_or.c.

◆ or_handshake_state_free_()

void or_handshake_state_free_ ( or_handshake_state_t state)

Free all storage held by state.

Definition at line 2168 of file connection_or.c.

◆ or_handshake_state_record_cell()

void or_handshake_state_record_cell ( or_connection_t conn,
or_handshake_state_t state,
const cell_t cell,
int  incoming 
)

Remember that cell has been transmitted (if incoming is false) or received (if incoming is true) during a V3 handshake using state.

(We don't record the cell, but we keep a digest of everything sent or received during the v3 handshake, and the client signs it in an authenticate cell.)

Definition at line 2190 of file connection_or.c.

◆ or_handshake_state_record_var_cell()

void or_handshake_state_record_var_cell ( or_connection_t conn,
or_handshake_state_t state,
const var_cell_t cell,
int  incoming 
)

Remember that a variable-length cell has been transmitted (if incoming is false) or received (if incoming is true) during a V3 handshake using state.

(We don't record the cell, but we keep a digest of everything sent or received during the v3 handshake, and the client signs it in an authenticate cell.)

Definition at line 2231 of file connection_or.c.

◆ TO_OR_CONN()

or_connection_t* TO_OR_CONN ( connection_t c)

◆ var_cell_copy()

var_cell_t* var_cell_copy ( const var_cell_t src)

Copy a var_cell_t

Definition at line 526 of file connection_or.c.

◆ var_cell_free_()

void var_cell_free_ ( var_cell_t cell)

Release all space held by cell.

Definition at line 545 of file connection_or.c.

◆ var_cell_new()

var_cell_t* var_cell_new ( uint16_t  payload_len)

Allocate and return a new var_cell_t with payload_len bytes of payload space.

Definition at line 511 of file connection_or.c.

Referenced by connection_or_send_auth_challenge_cell(), and connection_or_send_versions().

◆ var_cell_pack_header()

int var_cell_pack_header ( const var_cell_t cell,
char *  hdr_out,
int  wide_circ_ids 
)

Write the header of cell into the first VAR_CELL_MAX_HEADER_SIZE bytes of hdr_out. Returns number of bytes used.

Definition at line 491 of file connection_or.c.

Referenced by connection_or_write_var_cell_to_buf().

Variable Documentation

◆ broken_connection_counts

strmap_t* broken_connection_counts
static

Map from a string describing what a non-open OR connection was doing when failed, to an intptr_t describing the count of connections that failed that way. Note that the count is stored as the pointer.

Definition at line 237 of file connection_or.c.

Referenced by clear_broken_connection_map(), connection_or_report_broken_states(), and note_broken_connection().

◆ disable_broken_connection_counts

int disable_broken_connection_counts = 0
static

If true, do not record information in broken_connection_counts.

Definition at line 240 of file connection_or.c.

Referenced by connection_or_note_state_when_broken(), connection_or_report_broken_states(), and note_broken_connection().

◆ n_or_protocol_versions

const int n_or_protocol_versions
static
Initial value:
=
(int)( sizeof(or_protocol_versions)/sizeof(uint16_t) )
static const uint16_t or_protocol_versions[]

Number of versions in or_protocol_versions.

Definition at line 2423 of file connection_or.c.

Referenced by connection_or_send_versions().

◆ or_protocol_versions

const uint16_t or_protocol_versions[] = { 1, 2, 3, 4, 5 }
static

Array of recognized link protocol versions.

Definition at line 2421 of file connection_or.c.