Tor
0.4.7.0-alpha-dev
|
Functions to handle OR connections, TLS handshaking, and cells on the network. More...
#include "core/or/or.h"
#include "feature/client/bridges.h"
#include "lib/buf/buffers.h"
#include "core/or/channel.h"
#include "core/or/channeltls.h"
#include "core/or/circuitbuild.h"
#include "core/or/circuitlist.h"
#include "core/or/circuitstats.h"
#include "core/or/command.h"
#include "app/config/config.h"
#include "core/mainloop/connection.h"
#include "core/or/connection_or.h"
#include "feature/relay/relay_handshake.h"
#include "feature/control/control_events.h"
#include "lib/crypt_ops/crypto_util.h"
#include "feature/dirauth/reachability.h"
#include "feature/client/entrynodes.h"
#include "lib/geoip/geoip.h"
#include "core/mainloop/mainloop.h"
#include "trunnel/netinfo.h"
#include "feature/nodelist/microdesc.h"
#include "feature/nodelist/networkstatus.h"
#include "feature/nodelist/nodelist.h"
#include "core/proto/proto_cell.h"
#include "core/or/reasons.h"
#include "core/or/relay.h"
#include "feature/rend/rendcommon.h"
#include "feature/stats/rephist.h"
#include "feature/relay/router.h"
#include "feature/relay/routerkeys.h"
#include "feature/relay/routermode.h"
#include "feature/nodelist/dirlist.h"
#include "feature/nodelist/routerlist.h"
#include "feature/relay/ext_orport.h"
#include "core/or/scheduler.h"
#include "feature/nodelist/torcert.h"
#include "core/or/channelpadding.h"
#include "feature/dirauth/authmode.h"
#include "feature/hs/hs_service.h"
#include "core/or/cell_st.h"
#include "core/or/cell_queue_st.h"
#include "core/or/or_connection_st.h"
#include "core/or/or_handshake_certs_st.h"
#include "core/or/or_handshake_state_st.h"
#include "app/config/or_state_st.h"
#include "feature/nodelist/routerinfo_st.h"
#include "core/or/var_cell_st.h"
#include "lib/crypt_ops/crypto_format.h"
#include "lib/tls/tortls.h"
#include "core/or/orconn_event.h"
Go to the source code of this file.
Data Structures | |
struct | broken_state_count_t |
struct | or_connect_failure_entry_t |
Macros | |
#define | CHANNEL_OBJECT_PRIVATE |
#define | CONNECTION_OR_PRIVATE |
#define | ORCONN_EVENT_PRIVATE |
#define | MAX_REASONS_TO_REPORT 10 |
#define | TIME_BEFORE_OR_CONN_IS_TOO_OLD (60*60*24*7) |
#define | OR_CONNECT_FAILURE_LIFETIME 60 |
#define | OR_CONNECT_FAILURE_CLEANUP_INTERVAL 60 |
Variables | |
static strmap_t * | broken_connection_counts |
static int | disable_broken_connection_counts = 0 |
static time_t | or_connect_failure_map_next_cleanup_ts = 0 |
static const uint16_t | or_protocol_versions [] = { 1, 2, 3, 4, 5 } |
static const int | n_or_protocol_versions |
Functions to handle OR connections, TLS handshaking, and cells on the network.
An or_connection_t is a subtype of connection_t (as implemented in connection.c) that uses a TLS connection to send and receive cells on the Tor network. (By sending and receiving cells connection_or.c, it cooperates with channeltls.c to implement a the channel interface of channel.c.)
Every OR connection has an underlying tortls_t object (as implemented in tortls.c) which it uses as its TLS stream. It is responsible for sending and receiving cells over that TLS.
This module also implements the client side of the v3 (and greater) Tor link handshake.
Definition in file connection_or.c.
#define MAX_REASONS_TO_REPORT 10 |
Upper limit on the number of different states to report for connection failure.
Definition at line 327 of file connection_or.c.
#define TIME_BEFORE_OR_CONN_IS_TOO_OLD (60*60*24*7) |
How old do we let a connection to an OR get before deciding it's too old for new circuits?
Definition at line 1017 of file connection_or.c.
|
static |
Helper function used to sort broken_state_count_t by frequency.
Definition at line 314 of file connection_or.c.
void cell_pack | ( | packed_cell_t * | dst, |
const cell_t * | src, | ||
int | wide_circ_ids | ||
) |
Pack the cell_t host-order structure src into network-order in the buffer dest. See tor-spec.txt for details about the wire format.
Note that this function doesn't touch dst->next: the caller should set it or clear it as appropriate.
Definition at line 454 of file connection_or.c.
Referenced by packed_cell_copy().
|
static |
Unpack the network-order buffer src into a host-order cell_t structure dest.
Definition at line 475 of file connection_or.c.
void clear_broken_connection_map | ( | int | stop_recording | ) |
Forget all recorded states for failed connections. If stop_recording is true, don't record any more.
Definition at line 264 of file connection_or.c.
Referenced by connection_free_all().
|
static |
See whether there's a variable-length cell waiting on or_conn's inbuf. Return values as for fetch_var_cell_from_buf().
Definition at line 2347 of file connection_or.c.
int connection_init_or_handshake_state | ( | or_connection_t * | conn, |
int | started_here | ||
) |
Allocate a new connection handshake state for the connection conn. Return 0 on success, -1 on failure.
Definition at line 2147 of file connection_or.c.
Referenced by connection_or_launch_v3_or_handshake().
void connection_or_about_to_close | ( | or_connection_t * | or_conn | ) |
Called when we're about to finally unlink and free an OR connection: perform necessary accounting and cleanup
Definition at line 761 of file connection_or.c.
Referenced by connection_about_to_close_connection().
void connection_or_block_renegotiation | ( | or_connection_t * | conn | ) |
Block all future attempts to renegotiate on 'conn'
Definition at line 1685 of file connection_or.c.
Referenced by connection_or_tls_renegotiated_cb().
void connection_or_change_state | ( | or_connection_t * | conn, |
uint8_t | state | ||
) |
Call this to change or_connection_t states, so the owning channel_tls_t can be notified.
Definition at line 419 of file connection_or.c.
Referenced by connection_or_launch_v3_or_handshake(), connection_or_set_state_open(), and connection_tls_start_handshake().
|
static |
Check whether the identity of conn matches a known node. If it does, check whether the address of conn matches the expected address, and update the connection's is_canonical flag, nickname, and address fields as appropriate.
Definition at line 936 of file connection_or.c.
|
static |
Conn just completed its handshake. Return 0 if all is well, and return -1 if they are lying, broken, or otherwise something is wrong.
If we initiated this connection (started_here is true), make sure the other side sent a correctly formed certificate. If I initiated the connection, make sure it's the right relay by checking the certificate.
Otherwise (if we didn't initiate this connection), it's okay for the certificate to be weird or absent.
If we return 0, and the certificate is as expected, write a hash of the identity key into digest_rcvd_out, which must have DIGEST_LEN space in it. If the certificate is invalid or missing on an incoming connection, we return 0 and set digest_rcvd_out to DIGEST_LEN NUL bytes. (If we return -1, the contents of this buffer are undefined.)
As side effects, 1) Set conn->circ_id_type according to tor-spec.txt. 2) If we're an authdirserver and we initiated the connection: drop all descriptors that claim to be on that IP/port but that aren't this relay; and note that this relay is reachable. 3) If this is a bridge and we didn't configure its identity fingerprint, remember the keyid we just learned.
Definition at line 1811 of file connection_or.c.
void connection_or_clear_identity | ( | or_connection_t * | conn | ) |
Clear clear conn->identity_digest and update other data structures as appropriate.
Definition at line 129 of file connection_or.c.
Referenced by connection_unlink().
void connection_or_clear_identity_map | ( | void | ) |
Clear all identities in OR conns.
Definition at line 137 of file connection_or.c.
Referenced by connection_free_all().
int connection_or_client_learned_peer_id | ( | or_connection_t * | conn, |
const uint8_t * | rsa_peer_id, | ||
const ed25519_public_key_t * | ed_peer_id | ||
) |
Called when we (as a connection initiator) have definitively, authenticatedly, learned that ID of the Tor instance on the other side of conn is rsa_peer_id and optionally ed_peer_id. For v1 and v2 handshakes, this is right after we get a certificate chain in a TLS handshake or renegotiation. For v3+ handshakes, this is right after we get a certificate chain in a CERTS cell.
If we did not know the ID before, record the one we got.
If we wanted an ID, but we didn't get the one we expected, log a message and return -1. On relays:
If we're testing reachability, remember what we learned.
Return 0 on success, -1 on failure.
Definition at line 1906 of file connection_or.c.
time_t connection_or_client_used | ( | or_connection_t * | conn | ) |
Return when we last used this channel for client activity (origin circuits). This is called from connection.c, since client_used is now one of the timestamps in channel_t
Definition at line 2063 of file connection_or.c.
Referenced by connection_counts_as_relayed_traffic().
void connection_or_close_for_error | ( | or_connection_t * | orconn, |
int | flush | ||
) |
Mark orconn for close and transition the associated channel, if any, to the error state.
Definition at line 1619 of file connection_or.c.
Referenced by connection_or_tls_renegotiated_cb(), and kill_conn_list_for_oos().
void connection_or_close_normally | ( | or_connection_t * | orconn, |
int | flush | ||
) |
Mark orconn for close and transition the associated channel, if any, to the closing state.
It's safe to call this and connection_or_close_for_error() any time, and channel layer will treat it as a connection closing for reasons outside its control, like the remote end closing it. It can also be a local reason that's specific to connection_t/or_connection_t rather than the channel mechanism, such as expiration of old connections in run_connection_housekeeping(). If you want to close a channel_t from somewhere that logically works in terms of generic channels rather than connections, use channel_mark_for_close(); see also the comment on that function in channel.c.
Definition at line 1598 of file connection_or.c.
or_connection_t* connection_or_connect | ( | const tor_addr_t * | _addr, |
uint16_t | port, | ||
const char * | id_digest, | ||
const ed25519_public_key_t * | ed_id, | ||
channel_tls_t * | chan | ||
) |
Launch a new OR connection to addr:port and expect to handshake with an OR with identity digest id_digest. Optionally, pass in a pointer to a channel using this connection.
If id_digest is me, do nothing. If we're already connected to it, return that connection. If the connect() is in progress, set the new conn's state to 'connecting' and return it. If connect() succeeds, call connection_tls_start_handshake() on it.
This function is called from router_retry_connections(), for ORs connecting to ORs, and circuit_establish_circuit(), for OPs connecting to ORs.
Return the launched conn, or NULL if it failed.
Definition at line 1454 of file connection_or.c.
void connection_or_connect_failed | ( | or_connection_t * | conn, |
int | reason, | ||
const char * | msg | ||
) |
conn is in the 'connecting' state, and it failed to complete a TCP connection. Send notifications appropriately.
reason specifies the or_conn_end_reason for the failure; msg specifies the strerror-style error message.
Definition at line 1395 of file connection_or.c.
Referenced by connection_or_notify_error().
int connection_or_digest_is_known_relay | ( | const char * | id_digest | ) |
Return 1 if identity digest id_digest is known to be a currently or recently running relay. Otherwise return 0.
Definition at line 814 of file connection_or.c.
Referenced by connection_or_update_token_buckets_helper().
void connection_or_event_status | ( | or_connection_t * | conn, |
or_conn_status_event_t | tp, | ||
int | reason | ||
) |
Helper function to publish an OR connection status event
Publishes a messages to subscribers of ORCONN messages, and sends the control event.
Definition at line 372 of file connection_or.c.
Referenced by connection_ext_or_transition(), connection_init_accepted_conn(), connection_or_connect_failed(), and connection_or_set_state_open().
int connection_or_finished_connecting | ( | or_connection_t * | or_conn | ) |
Connected handler for OR connections: begin the TLS handshake.
Definition at line 725 of file connection_or.c.
Referenced by connection_finished_connecting().
int connection_or_finished_flushing | ( | or_connection_t * | conn | ) |
Connection conn has finished writing and has no bytes left on its outbuf.
Otherwise it's in state "open": stop writing and return.
If conn is broken, mark it for close and return -1, else return 0.
Definition at line 680 of file connection_or.c.
Referenced by connection_finished_flushing().
int connection_or_flushed_some | ( | or_connection_t * | conn | ) |
Called whenever we have flushed some data on an or_conn: add more data from active circuits.
Definition at line 628 of file connection_or.c.
const struct ed25519_public_key_t* connection_or_get_alleged_ed25519_id | ( | const or_connection_t * | conn | ) |
Return the Ed25519 identity of the peer for this connection (if any).
Note that this ID may not be the actual identity for the peer if authentication is not complete.
Definition at line 218 of file connection_or.c.
int connection_or_get_num_circuits | ( | or_connection_t * | conn | ) |
Return the number of circuits using an or_connection_t; this used to be an or_connection_t field, but it got moved to channel_t and we shouldn't maintain two copies.
Definition at line 435 of file connection_or.c.
Referenced by oos_victim_comparator_for_orconns().
|
static |
Write a detailed description the state of orconn into the buflen-byte buffer at buf. This description includes not only the OR-conn level state but also the TLS state. It's useful for diagnosing broken handshakes.
Definition at line 278 of file connection_or.c.
Referenced by connection_or_note_state_when_broken().
void connection_or_group_set_badness_ | ( | smartlist_t * | group, |
int | force | ||
) |
Given a list of all the or_connections with a given identity, set elements of that list as is_bad_for_new_circs as appropriate. Helper for connection_or_set_bad_connections().
Specifically, we set the is_bad_for_new_circs flag on:
See channel_is_better() in channel.c for our idea of what makes one OR connection better than another.
Definition at line 1068 of file connection_or.c.
void connection_or_init_conn_from_address | ( | or_connection_t * | conn, |
const tor_addr_t * | addr, | ||
uint16_t | port, | ||
const char * | id_digest, | ||
const ed25519_public_key_t * | ed_id, | ||
int | started_here | ||
) |
If we don't necessarily know the router we're connecting to, but we have an addr/port/id_digest, then fill in as much as we can. Start by checking to see if this describes a router we know. started_here is 1 if we are the initiator of conn and 0 if it's an incoming connection.
Definition at line 907 of file connection_or.c.
|
static |
These just pass all the is_bad_for_new_circs manipulation on to channel_t
Definition at line 997 of file connection_or.c.
Referenced by connection_or_group_set_badness_(), and connection_or_single_set_badness_().
|
static |
Called as client when initial TLS handshake is done, and we notice that we got a v3-handshake signalling certificate from the server. Set up structures, do bookkeeping, and send the versions cell. Return 0 on success and -1 on failure.
Definition at line 2131 of file connection_or.c.
int connection_or_nonopen_was_started_here | ( | or_connection_t * | conn | ) |
Return 1 if we initiated this connection, or 0 if it started out as an incoming connection.
Definition at line 1774 of file connection_or.c.
Referenced by connection_or_launch_v3_or_handshake(), connection_tls_finish_handshake(), and enter_v3_handshake_with_cell().
|
static |
Record the current state of orconn as the state of a broken connection.
Definition at line 296 of file connection_or.c.
void connection_or_notify_error | ( | or_connection_t * | conn, |
int | reason, | ||
const char * | msg | ||
) |
conn got an error in connection_handle_read_impl() or connection_handle_write_impl() and is going to die soon.
reason specifies the or_conn_end_reason for the failure; msg specifies the strerror-style error message.
Definition at line 1411 of file connection_or.c.
Referenced by connection_handle_read_impl().
ssize_t connection_or_num_cells_writeable | ( | or_connection_t * | conn | ) |
This is for channeltls.c to ask how many cells we could accept if they were available.
Definition at line 650 of file connection_or.c.
|
static |
Process cells from conn's inbuf.
Loop: while inbuf contains a cell, pull it off the inbuf, unpack it, and hand it to command_process_cell().
Always return 0.
Definition at line 2361 of file connection_or.c.
int connection_or_process_inbuf | ( | or_connection_t * | conn | ) |
Handle any new bytes that have come in on connection conn. If conn is in 'open' state, hand it to connection_or_process_cells_from_inbuf() (else do nothing).
Definition at line 568 of file connection_or.c.
Referenced by connection_process_inbuf().
int connection_or_reached_eof | ( | or_connection_t * | conn | ) |
We've received an EOF from conn. Mark it for close and return.
Definition at line 552 of file connection_or.c.
Referenced by connection_reached_eof().
void connection_or_report_broken_states | ( | int | severity, |
int | domain | ||
) |
Report a list of the top states for failed OR connections at log level severity, in log domain domain.
Definition at line 332 of file connection_or.c.
int connection_or_send_netinfo | ( | or_connection_t * | conn | ) |
Send a NETINFO cell on conn, telling the other server what we know about their address, our address, and the current time.
Definition at line 2503 of file connection_or.c.
int connection_or_send_versions | ( | or_connection_t * | conn, |
int | v3_plus | ||
) |
Send a VERSIONS cell on conn, telling the other host about the link protocol versions that this Tor can support.
If v3_plus, this is part of a V3 protocol handshake, so only allow protocol version v3 or later. If not v3_plus, this is not part of a v3 protocol handshake, so don't allow protocol v3 or later.
Definition at line 2448 of file connection_or.c.
Referenced by connection_or_launch_v3_or_handshake().
|
static |
Change conn->identity_digest to digest, and add conn into the appropriate digest maps.
NOTE that this function only allows two kinds of transitions: from unset identity to set identity, and from idempotent re-settings of the same identity. It's not allowed to clear an identity or to change an identity. Return 0 on success, and -1 if the transition is not allowed.
Definition at line 158 of file connection_or.c.
int connection_or_set_state_open | ( | or_connection_t * | conn | ) |
Set conn's state to OR_CONN_STATE_OPEN, and tell other subsystems as appropriate. Called when we are done with all TLS and OR handshaking.
Definition at line 2263 of file connection_or.c.
int connection_or_single_set_badness_ | ( | time_t | now, |
or_connection_t * | or_conn, | ||
int | force | ||
) |
Expire an or_connection if it is too old. Helper for connection_or_group_set_badness_ and fast path for channel_rsa_id_group_set_badness.
Returns 1 if the connection was already expired, else 0.
Definition at line 1026 of file connection_or.c.
Referenced by connection_or_group_set_badness_().
|
static |
Helper function to publish a state change message
connection_or_change_state() calls this to notify subscribers about a change of an OR connection state.
Definition at line 391 of file connection_or.c.
Referenced by connection_or_change_state().
|
static |
Invoked on the server side from inside tor_tls_read() when the server gets a successful TLS renegotiation from the client.
Definition at line 1697 of file connection_or.c.
void connection_or_update_token_buckets | ( | smartlist_t * | conns, |
const or_options_t * | options | ||
) |
Either our set of relays or our per-conn rate limits have changed. Go through all the OR connections and update their token buckets to make sure they don't exceed their maximum values.
Definition at line 866 of file connection_or.c.
Referenced by options_act_relay_bandwidth().
|
static |
Set the per-conn read and write limits for conn. If it's a known relay, we will rely on the global read and write buckets, so give it per-conn limits that are big enough they'll never matter. But if it's not a known relay, first check if we set PerConnBwRate/Burst, then check if the consensus sets them, else default to 'big enough'.
If reset is true, set the bucket to be full. Otherwise, just clip the bucket if it happens to be too full.
Definition at line 834 of file connection_or.c.
void connection_or_write_cell_to_buf | ( | const cell_t * | cell, |
or_connection_t * | conn | ||
) |
Pack cell into wire-format, and write it onto conn's outbuf. For cells that use or affect a circuit, this should only be called by connection_or_flush_from_first_active_circuit().
Definition at line 2286 of file connection_or.c.
void connection_or_write_var_cell_to_buf | ( | const var_cell_t * | cell, |
or_connection_t * | conn | ||
) |
Pack a variable-length cell into wire-format, and write it onto conn's outbuf. Right now, this DOES NOT support cells that affect a circuit.
Definition at line 2325 of file connection_or.c.
int connection_tls_continue_handshake | ( | or_connection_t * | conn | ) |
Move forward with the tls handshake. If it finishes, hand conn to connection_tls_finish_handshake().
Return -1 if conn is broken, else return 0.
Definition at line 1718 of file connection_or.c.
|
static |
The v1/v2 TLS handshake is finished.
Make sure we are happy with the peer we just handshaked with.
If they initiated the connection, make sure they're not already connected, then initialize conn from the information in router.
If all is successful, call circuit_n_conn_done() to handle events that have been pending on the <tls handshake completion. Also set the directory to be dirty (only matters if I'm an authdirserver).
If this is a v2 TLS handshake, send a versions cell.
Definition at line 2086 of file connection_or.c.
Referenced by connection_or_tls_renegotiated_cb().
int connection_tls_start_handshake | ( | or_connection_t * | conn, |
int | receiving | ||
) |
Begin the tls handshake with conn. receiving is 0 if we initiated the connection, else it's 1.
Assign a new tls object to conn->tls, begin reading on conn, and pass conn to connection_tls_continue_handshake().
Return -1 if conn is broken, else return 0.
Definition at line 1644 of file connection_or.c.
const or_connection_t* CONST_TO_OR_CONN | ( | const connection_t * | c | ) |
Cast a const connection_t *
to a const or_connection_t *
.
Exit with an assertion failure if the input is not an or_connnection_t
.
Definition at line 121 of file connection_or.c.
int is_or_protocol_version_known | ( | uint16_t | v | ) |
Return true iff v is a link protocol version that this Tor implementation believes it can support.
Definition at line 2429 of file connection_or.c.
|
static |
Record that an OR connection failed in state.
Definition at line 244 of file connection_or.c.
void or_handshake_state_free_ | ( | or_handshake_state_t * | state | ) |
Free all storage held by state.
Definition at line 2168 of file connection_or.c.
void or_handshake_state_record_cell | ( | or_connection_t * | conn, |
or_handshake_state_t * | state, | ||
const cell_t * | cell, | ||
int | incoming | ||
) |
Remember that cell has been transmitted (if incoming is false) or received (if incoming is true) during a V3 handshake using state.
(We don't record the cell, but we keep a digest of everything sent or received during the v3 handshake, and the client signs it in an authenticate cell.)
Definition at line 2190 of file connection_or.c.
void or_handshake_state_record_var_cell | ( | or_connection_t * | conn, |
or_handshake_state_t * | state, | ||
const var_cell_t * | cell, | ||
int | incoming | ||
) |
Remember that a variable-length cell has been transmitted (if incoming is false) or received (if incoming is true) during a V3 handshake using state.
(We don't record the cell, but we keep a digest of everything sent or received during the v3 handshake, and the client signs it in an authenticate cell.)
Definition at line 2231 of file connection_or.c.
or_connection_t* TO_OR_CONN | ( | connection_t * | c | ) |
Cast a connection_t *
to an or_connection_t *
.
Exit with an assertion failure if the input is not an or_connnection_t
.
Definition at line 109 of file connection_or.c.
Referenced by connection_about_to_close_connection(), connection_counts_as_relayed_traffic(), connection_finished_connecting(), connection_finished_flushing(), connection_handle_read_impl(), connection_init_accepted_conn(), connection_process_inbuf(), connection_reached_eof(), connection_unlink(), CONST_TO_OR_CONN(), kill_conn_list_for_oos(), and oos_victim_comparator().
var_cell_t* var_cell_copy | ( | const var_cell_t * | src | ) |
Copy a var_cell_t
Definition at line 526 of file connection_or.c.
void var_cell_free_ | ( | var_cell_t * | cell | ) |
Release all space held by cell.
Definition at line 545 of file connection_or.c.
var_cell_t* var_cell_new | ( | uint16_t | payload_len | ) |
Allocate and return a new var_cell_t with payload_len bytes of payload space.
Definition at line 511 of file connection_or.c.
Referenced by connection_or_send_auth_challenge_cell(), and connection_or_send_versions().
int var_cell_pack_header | ( | const var_cell_t * | cell, |
char * | hdr_out, | ||
int | wide_circ_ids | ||
) |
Write the header of cell into the first VAR_CELL_MAX_HEADER_SIZE bytes of hdr_out. Returns number of bytes used.
Definition at line 491 of file connection_or.c.
Referenced by connection_or_write_var_cell_to_buf().
|
static |
Map from a string describing what a non-open OR connection was doing when failed, to an intptr_t describing the count of connections that failed that way. Note that the count is stored as the pointer.
Definition at line 237 of file connection_or.c.
Referenced by clear_broken_connection_map(), connection_or_report_broken_states(), and note_broken_connection().
|
static |
If true, do not record information in broken_connection_counts.
Definition at line 240 of file connection_or.c.
Referenced by connection_or_note_state_when_broken(), connection_or_report_broken_states(), and note_broken_connection().
|
static |
Number of versions in or_protocol_versions.
Definition at line 2423 of file connection_or.c.
Referenced by connection_or_send_versions().
|
static |
Array of recognized link protocol versions.
Definition at line 2421 of file connection_or.c.