36 #define CONTROL_PRIVATE 37 #define OCIRC_EVENT_PRIVATE 58 #include "core/proto/proto_control0.h" 59 #include "core/proto/proto_http.h" 60 #include "feature/client/addressmap.h" 66 #include "feature/control/getinfo_geoip.h" 88 #include "feature/rend/rendparse.h" 91 #include "feature/stats/predict_ports.h" 97 #include "lib/version/torversion.h" 99 #include "feature/dircache/cached_dir_st.h" 100 #include "feature/control/control_connection_st.h" 101 #include "core/or/cpath_build_state_st.h" 102 #include "core/or/entry_connection_st.h" 103 #include "feature/nodelist/extrainfo_st.h" 104 #include "feature/nodelist/networkstatus_st.h" 105 #include "feature/nodelist/node_st.h" 106 #include "core/or/or_connection_st.h" 107 #include "core/or/or_circuit_st.h" 108 #include "core/or/origin_circuit_st.h" 109 #include "feature/nodelist/microdesc_st.h" 110 #include "feature/rend/rend_authorized_client_st.h" 111 #include "feature/rend/rend_encoded_v2_service_descriptor_st.h" 112 #include "feature/rend/rend_service_descriptor_st.h" 113 #include "feature/nodelist/routerinfo_st.h" 114 #include "feature/nodelist/routerlist_st.h" 115 #include "core/or/socks_request_st.h" 120 #ifdef HAVE_SYS_STAT_H 121 #include <sys/stat.h> 126 #include <sys/resource.h> 135 #define STATE_IS_OPEN(s) ((s) == CONTROL_CONN_STATE_OPEN) 154 #define EVENT_IS_INTERESTING(e) \ 155 (!! (global_event_mask & EVENT_MASK_(e))) 158 #define ANY_EVENT_IS_INTERESTING(e) \ 159 (!! (global_event_mask & (e))) 163 #define AUTHENTICATION_COOKIE_LEN 32 173 #define SAFECOOKIE_SERVER_TO_CONTROLLER_CONSTANT \ 174 "Tor safe cookie authentication server-to-controller hash" 175 #define SAFECOOKIE_CONTROLLER_TO_SERVER_CONSTANT \ 176 "Tor safe cookie authentication controller-to-server hash" 177 #define SAFECOOKIE_SERVER_NONCE_LEN DIGEST256_LEN 185 const char *format, ...)
188 const
char *format, va_list ap)
196 const
char *format, ...)
222 uint32_t len, const
char *body);
255 static
int get_cached_network_liveness(
void);
256 static
void set_cached_network_liveness(
int liveness);
268 tor_assert(c->magic == CONTROL_CONNECTION_MAGIC);
279 case EVENT_INFO_MSG:
return LOG_INFO;
281 case EVENT_WARN_MSG:
return LOG_WARN;
282 case EVENT_ERR_MSG:
return LOG_ERR;
293 case LOG_INFO:
return EVENT_INFO_MSG;
295 case LOG_WARN:
return EVENT_WARN_MSG;
296 case LOG_ERR:
return EVENT_ERR_MSG;
314 SMARTLIST_FOREACH_END(circ);
332 control_connection_t *conn = TO_CONTROL_CONN(_conn);
333 global_event_mask |= conn->event_mask;
344 #define NEWLY_ENABLED(ev) \ 345 (! (old_mask & (ev)) && (new_mask & (ev))) 349 if (NEWLY_ENABLED(EVENT_STREAM_BANDWIDTH_USED)) {
353 edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
354 edge_conn->n_written = edge_conn->n_read = 0;
358 if (NEWLY_ENABLED(EVENT_CIRC_BANDWIDTH_USED)) {
361 if (NEWLY_ENABLED(EVENT_BANDWIDTH_USED)) {
379 int min_log_event=EVENT_ERR_MSG, max_log_event=EVENT_DEBUG_MSG;
381 for (i = EVENT_DEBUG_MSG; i <= EVENT_ERR_MSG; ++i) {
387 for (i = EVENT_ERR_MSG; i >= EVENT_DEBUG_MSG; --i) {
394 if (min_log_event > EVENT_NOTICE_MSG)
395 min_log_event = EVENT_NOTICE_MSG;
396 if (max_log_event < EVENT_ERR_MSG)
397 max_log_event = EVENT_ERR_MSG;
399 if (min_log_event <= max_log_event)
423 EVENT_MASK_(EVENT_BANDWIDTH_USED) |
424 EVENT_MASK_(EVENT_CELL_STATS) |
425 EVENT_MASK_(EVENT_CIRC_BANDWIDTH_USED) |
426 EVENT_MASK_(EVENT_CONN_BW) |
427 EVENT_MASK_(EVENT_STREAM_BANDWIDTH_USED)
433 static uint64_t stats_prev_n_read = 0;
436 static uint64_t stats_prev_n_written = 0;
467 uint64_t bytes_read, bytes_written;
483 size_t len = strlen(s);
484 connection_buf_add(s, len,
TO_CONN(conn));
498 size_t sz_out = len+8+1;
500 const char *start = data, *end;
503 for (i=0; i < len; ++i) {
504 if (data[i] ==
'\n') {
507 log_warn(
LD_BUG,
"Input to write_escaped_data was too long");
508 *out = tor_strdup(
".\r\n");
513 *out = outp = tor_malloc(sz_out);
518 if (data > start && data[-1] !=
'\r')
521 }
else if (*data ==
'.') {
531 if (outp < *out+2 ||
fast_memcmp(outp-2,
"\r\n", 2)) {
557 *out = outp = tor_malloc(len+1);
565 next = memchr(data,
'\n', end-data);
567 size_t n_to_copy = next-data;
569 if (n_to_copy && *(next-1) ==
'\r')
571 memcpy(outp, data, n_to_copy);
576 memcpy(outp, data, end-data);
595 const char *cp, *end;
602 end = start+in_len_max;
608 }
else if (*cp ==
'\\') {
613 }
else if (*cp ==
'\"') {
622 return (
int)(cp - start+1);
629 char **out,
size_t *out_len)
635 *out = tor_strndup(start, *out_len);
649 char **out,
size_t *out_len)
651 const char *cp, *end;
653 int len, n_chars = 0;
661 outp = *out = tor_malloc(len+1);
686 const int is_owner = !!(flags & CC_LOCAL_FD_IS_OWNER);
687 const int is_authenticated = !!(flags & CC_LOCAL_FD_IS_AUTHENTICATED);
693 conn->
address = tor_strdup(
"<local socket>");
700 connection_add(conn) < 0) {
701 connection_free(conn);
708 connection_mark_for_close(conn);
712 if (is_authenticated) {
733 log_err(
LD_BUG,
"Unable to format string for controller.");
737 connection_buf_add(buf, (
size_t)len,
TO_CONN(conn));
753 lines = smartlist_new();
759 if (conn->socket_family == AF_UNIX) {
765 } SMARTLIST_FOREACH_END(conn);
776 log_warn(
LD_FS,
"Unable to make %s group-readable.",
783 smartlist_free(lines);
819 control_initialize_event_queue(
void)
826 struct event_base *b = tor_libevent_get_base();
841 get_block_event_queue(
void)
844 if (PREDICT_UNLIKELY(val == NULL)) {
845 val = tor_malloc_zero(
sizeof(
int));
863 queue_control_event_string,(uint16_t event,
char *msg))
872 int *block_event_queue = get_block_event_queue();
873 if (*block_event_queue) {
883 ++*block_event_queue;
889 int activate_event = 0;
897 --*block_event_queue;
903 if (activate_event) {
909 #define queued_event_free(ev) \ 910 FREE_AND_NULL(queued_event_t, queued_event_free_, (ev)) 940 int *block_event_queue = get_block_event_queue();
941 ++*block_event_queue;
953 !conn->marked_for_close &&
959 } SMARTLIST_FOREACH_END(conn);
963 const size_t msg_len = strlen(ev->msg);
966 if (control_conn->event_mask & bit) {
967 connection_buf_add(ev->msg, msg_len,
TO_CONN(control_conn));
969 } SMARTLIST_FOREACH_END(control_conn);
971 queued_event_free(ev);
972 } SMARTLIST_FOREACH_END(ev);
978 } SMARTLIST_FOREACH_END(control_conn);
981 smartlist_free(queued_events);
982 smartlist_free(controllers);
984 --*block_event_queue;
1003 send_control_event_string,(uint16_t event,
1006 tor_assert(event >= EVENT_MIN_ && event <= EVENT_MAX_);
1007 queue_control_event_string(event, tor_strdup(msg));
1016 const char *format, va_list ap)
1023 log_warn(
LD_BUG,
"Unable to format event for controller.");
1027 queue_control_event_string(event, buf);
1035 const char *format, ...)
1038 va_start(ap, format);
1068 return TO_ENTRY_CONN(conn);
1082 char *errstring = NULL;
1083 const unsigned flags =
1084 CAL_CLEAR_FIRST | (use_defaults ? CAL_USE_DEFAULTS : 0);
1095 while (!TOR_ISSPACE(*eq) && *eq !=
'=')
1097 key = tor_strndup(body, eq-body);
1102 if (*body !=
'\"') {
1103 char *val_start = body;
1104 while (!TOR_ISSPACE(*body))
1106 val = tor_strndup(val_start, body-val_start);
1107 val_len = strlen(val);
1114 smartlist_free(entries);
1126 while (TOR_ISSPACE(*body))
1133 smartlist_free(entries);
1136 log_warn(
LD_CONTROL,
"Controller gave us config lines we can't parse.");
1148 case SETOPT_ERR_MISC:
1149 msg =
"552 Unrecognized option";
1151 case SETOPT_ERR_PARSE:
1152 msg =
"513 Unacceptable option value";
1154 case SETOPT_ERR_TRANSITION:
1155 msg =
"553 Transition not allowed";
1157 case SETOPT_ERR_SETTING:
1159 msg =
"553 Unable to set option";
1162 config_free_lines(lines);
1167 "Controller gave us config lines that didn't validate: %s",
1170 config_free_lines(lines);
1210 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1224 answer->key, answer->value);
1226 next = answer->next;
1233 } SMARTLIST_FOREACH_END(q);
1235 if ((len = smartlist_len(unrecognized))) {
1236 for (i=0; i < len-1; ++i)
1238 "552-Unrecognized configuration key \"%s\"\r\n",
1239 (
char*)smartlist_get(unrecognized, i));
1241 "552 Unrecognized configuration key \"%s\"\r\n",
1242 (
char*)smartlist_get(unrecognized, len-1));
1243 }
else if ((len = smartlist_len(answers))) {
1244 char *tmp = smartlist_get(answers, len-1);
1248 connection_buf_add(msg, msg_len,
TO_CONN(conn));
1254 smartlist_free(answers);
1256 smartlist_free(questions);
1257 smartlist_free(unrecognized);
1270 char *errstring = NULL;
1271 const char *msg = NULL;
1276 if (retval != SETOPT_OK)
1278 "Controller gave us config file that didn't validate: %s",
1282 case SETOPT_ERR_PARSE:
1283 msg =
"552 Invalid config file";
1285 case SETOPT_ERR_TRANSITION:
1286 msg =
"553 Transition not allowed";
1288 case SETOPT_ERR_SETTING:
1289 msg =
"553 Unable to set option";
1291 case SETOPT_ERR_MISC:
1293 msg =
"550 Unable to load config";
1312 uint16_t event_code;
1313 const char *event_name;
1318 { EVENT_CIRCUIT_STATUS,
"CIRC" },
1319 { EVENT_CIRCUIT_STATUS_MINOR,
"CIRC_MINOR" },
1320 { EVENT_STREAM_STATUS,
"STREAM" },
1321 { EVENT_OR_CONN_STATUS,
"ORCONN" },
1322 { EVENT_BANDWIDTH_USED,
"BW" },
1323 { EVENT_DEBUG_MSG,
"DEBUG" },
1324 { EVENT_INFO_MSG,
"INFO" },
1325 { EVENT_NOTICE_MSG,
"NOTICE" },
1326 { EVENT_WARN_MSG,
"WARN" },
1327 { EVENT_ERR_MSG,
"ERR" },
1328 { EVENT_NEW_DESC,
"NEWDESC" },
1329 { EVENT_ADDRMAP,
"ADDRMAP" },
1330 { EVENT_DESCCHANGED,
"DESCCHANGED" },
1332 { EVENT_STATUS_GENERAL,
"STATUS_GENERAL" },
1333 { EVENT_STATUS_CLIENT,
"STATUS_CLIENT" },
1334 { EVENT_STATUS_SERVER,
"STATUS_SERVER" },
1335 { EVENT_GUARD,
"GUARD" },
1336 { EVENT_STREAM_BANDWIDTH_USED,
"STREAM_BW" },
1337 { EVENT_CLIENTS_SEEN,
"CLIENTS_SEEN" },
1338 { EVENT_NEWCONSENSUS,
"NEWCONSENSUS" },
1339 { EVENT_BUILDTIMEOUT_SET,
"BUILDTIMEOUT_SET" },
1340 { EVENT_GOT_SIGNAL,
"SIGNAL" },
1341 { EVENT_CONF_CHANGED,
"CONF_CHANGED"},
1342 { EVENT_CONN_BW,
"CONN_BW" },
1343 { EVENT_CELL_STATS,
"CELL_STATS" },
1344 { EVENT_CIRC_BANDWIDTH_USED,
"CIRC_BW" },
1345 { EVENT_TRANSPORT_LAUNCHED,
"TRANSPORT_LAUNCHED" },
1346 { EVENT_HS_DESC,
"HS_DESC" },
1347 { EVENT_HS_DESC_CONTENT,
"HS_DESC_CONTENT" },
1348 { EVENT_NETWORK_LIVENESS,
"NETWORK_LIVENESS" },
1365 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1368 if (!strcasecmp(ev,
"EXTENDED") ||
1369 !strcasecmp(ev,
"AUTHDIR_NEWDESCS")) {
1370 log_warn(
LD_CONTROL,
"The \"%s\" SETEVENTS argument is no longer " 1384 if (event_code == -1) {
1388 smartlist_free(events);
1394 SMARTLIST_FOREACH_END(ev);
1396 smartlist_free(events);
1419 for (cl = passwords; cl; cl = cl->next) {
1420 const char *hashed = cl->value;
1423 if (
base16_decode(decoded,
sizeof(decoded), hashed+3, strlen(hashed+3))
1429 if (
base64_decode(decoded,
sizeof(decoded), hashed, strlen(hashed))
1454 int used_quoted_string = 0;
1456 const char *errstr =
"Unknown error";
1458 size_t password_len;
1461 int bad_cookie=0, bad_password=0;
1465 password = tor_strdup(
"");
1467 }
else if (TOR_ISXDIGIT(body[0])) {
1469 while (TOR_ISXDIGIT(*cp))
1471 i = (int)(cp - body);
1474 password = tor_malloc(password_len + 1);
1476 != (
int) password_len) {
1478 "551 Invalid hexadecimal encoding. Maybe you tried a plain text " 1479 "password? If so, the standard requires that you put it in " 1480 "double quotes.\r\n", conn);
1481 connection_mark_for_close(
TO_CONN(conn));
1488 "to put the password in double quotes.\r\n", conn);
1489 connection_mark_for_close(
TO_CONN(conn));
1492 used_quoted_string = 1;
1504 "Got safe cookie authentication response with wrong length " 1505 "(%d)", (
int)password_len);
1506 errstr =
"Wrong length for safe cookie response.";
1512 "Got incorrect safe cookie authentication response");
1513 errstr =
"Safe cookie response did not match expected value.";
1532 if (!also_password) {
1533 log_warn(
LD_CONTROL,
"Got authentication cookie with wrong length " 1534 "(%d)", (
int)password_len);
1535 errstr =
"Wrong length on authentication cookie.";
1540 if (!also_password) {
1541 log_warn(
LD_CONTROL,
"Got mismatched authentication cookie");
1542 errstr =
"Authentication cookie did not match expected value.";
1557 sl = smartlist_new();
1564 smartlist_free(sl_tmp);
1573 smartlist_free(sl_tmp);
1579 "Couldn't decode HashedControlPassword: invalid base16");
1580 errstr=
"Couldn't decode HashedControlPassword value in configuration.";
1591 password,password_len,expected);
1600 if (used_quoted_string)
1601 errstr =
"Password did not match HashedControlPassword value from " 1604 errstr =
"Password did not match HashedControlPassword value from " 1605 "configuration. Maybe you tried a plain text password? " 1606 "If so, the standard requires that you put it in double quotes.";
1615 log_warn(
LD_CONTROL,
"Bad password or authentication cookie on controller.");
1616 errstr =
"Password did not match HashedControlPassword *or* authentication " 1622 connection_mark_for_close(
TO_CONN(conn));
1629 log_info(
LD_CONTROL,
"Authenticated control connection ("TOR_SOCKET_T_FORMAT
1630 ")", conn->base_.
s);
1653 "551 Unable to write configuration to disk.\r\n", conn);
1662 const char *signal_name;
1665 static const struct signal_t signal_table[] = {
1666 { SIGHUP,
"RELOAD" },
1668 { SIGINT,
"SHUTDOWN" },
1669 { SIGUSR1,
"DUMP" },
1670 { SIGUSR1,
"USR1" },
1671 { SIGUSR2,
"DEBUG" },
1672 { SIGUSR2,
"USR2" },
1673 { SIGTERM,
"HALT" },
1674 { SIGTERM,
"TERM" },
1676 { SIGNEWNYM,
"NEWNYM" },
1677 { SIGCLEARDNSCACHE,
"CLEARDNSCACHE"},
1678 { SIGHEARTBEAT,
"HEARTBEAT"},
1679 { SIGACTIVE,
"ACTIVE" },
1680 { SIGDORMANT,
"DORMANT" },
1698 while (body[n] && ! TOR_ISSPACE(body[n]))
1700 s = tor_strndup(body, n);
1702 for (i = 0; signal_table[i].signal_name != NULL; ++i) {
1703 if (!strcasecmp(s, signal_table[i].signal_name)) {
1704 sig = signal_table[i].sig;
1718 if (sig == SIGTERM || sig == SIGINT)
1721 activate_signal(sig);
1738 log_info(
LD_CONTROL,
"Control connection %d has taken ownership of this " 1740 (
int)(conn->base_.
s));
1758 log_info(
LD_CONTROL,
"Control connection %d has dropped ownership of this " 1760 (
int)(conn->base_.
s));
1790 lines = smartlist_new();
1791 elts = smartlist_new();
1792 reply = smartlist_new();
1794 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
1798 if (smartlist_len(elts) == 2) {
1799 const char *from = smartlist_get(elts,0);
1800 const char *to = smartlist_get(elts,1);
1803 "512-syntax error: invalid address '%s'", to);
1805 "Skipping invalid argument '%s' in MapAddress msg", to);
1806 }
else if (!strcmp(from,
".") || !strcmp(from,
"0.0.0.0") ||
1807 !strcmp(from,
"::")) {
1809 !strcmp(from,
".") ? RESOLVED_TYPE_HOSTNAME :
1810 (!strcmp(from,
"0.0.0.0") ? RESOLVED_TYPE_IPV4 : RESOLVED_TYPE_IPV6);
1812 type, tor_strdup(to));
1815 "451-resource exhausted: skipping '%s'", line);
1817 "Unable to allocate address for '%s' in MapAddress msg",
1818 safe_str_client(line));
1827 "512-syntax error: invalid address mapping " 1828 " '%s': %s", line, msg);
1830 "Skipping invalid argument '%s' in MapAddress msg: %s",
1838 "not of expected form 'foo=bar'.", line);
1839 log_info(
LD_CONTROL,
"Skipping MapAddress '%s': wrong " 1841 safe_str_client(line));
1845 } SMARTLIST_FOREACH_END(line);
1847 smartlist_free(lines);
1848 smartlist_free(elts);
1850 if (smartlist_len(reply)) {
1851 ((
char*)smartlist_get(reply,smartlist_len(reply)-1))[3] =
' ';
1853 connection_buf_add(r, sz,
TO_CONN(conn));
1856 const char *response =
1857 "512 syntax error: not enough arguments to mapaddress.\r\n";
1858 connection_buf_add(response, strlen(response),
TO_CONN(conn));
1862 smartlist_free(reply);
1870 char **answer,
const char **errmsg)
1873 if (!strcmp(question,
"version")) {
1874 *answer = tor_strdup(get_version());
1875 }
else if (!strcmp(question,
"bw-event-cache")) {
1876 *answer = get_bw_samples();
1877 }
else if (!strcmp(question,
"config-file")) {
1880 *answer = tor_strdup(a);
1881 }
else if (!strcmp(question,
"config-defaults-file")) {
1884 *answer = tor_strdup(a);
1885 }
else if (!strcmp(question,
"config-text")) {
1886 *answer =
options_dump(get_options(), OPTIONS_DUMP_MINIMAL);
1887 }
else if (!strcmp(question,
"config-can-saveconf")) {
1888 *answer = tor_strdup(get_options()->IncludeUsed ?
"0" :
"1");
1889 }
else if (!strcmp(question,
"info/names")) {
1891 }
else if (!strcmp(question,
"dormant")) {
1893 *answer = tor_strdup(dormant ?
"1" :
"0");
1894 }
else if (!strcmp(question,
"events/names")) {
1904 smartlist_free(event_names);
1905 }
else if (!strcmp(question,
"signal/names")) {
1908 for (j = 0; signal_table[j].signal_name != NULL; ++j) {
1909 smartlist_add(signal_names, (
char*)signal_table[j].signal_name);
1914 smartlist_free(signal_names);
1915 }
else if (!strcmp(question,
"features/names")) {
1916 *answer = tor_strdup(
"VERBOSE_NAMES EXTENDED_EVENTS");
1917 }
else if (!strcmp(question,
"address")) {
1919 if (router_pick_published_address(get_options(), &addr, 0) < 0) {
1920 *errmsg =
"Address unknown";
1924 }
else if (!strcmp(question,
"traffic/read")) {
1926 }
else if (!strcmp(question,
"traffic/written")) {
1927 tor_asprintf(answer,
"%"PRIu64, (get_bytes_written()));
1928 }
else if (!strcmp(question,
"uptime")) {
1929 long uptime_secs = get_uptime();
1931 }
else if (!strcmp(question,
"process/pid")) {
1941 }
else if (!strcmp(question,
"process/uid")) {
1943 *answer = tor_strdup(
"-1");
1945 int myUid = geteuid();
1948 }
else if (!strcmp(question,
"process/user")) {
1950 *answer = tor_strdup(
"");
1952 int myUid = geteuid();
1956 *answer = tor_strdup(myPwEntry->pw_name);
1958 *answer = tor_strdup(
"");
1961 }
else if (!strcmp(question,
"process/descriptor-limit")) {
1964 }
else if (!strcmp(question,
"limits/max-mem-in-queues")) {
1966 (get_options()->MaxMemInQueues));
1967 }
else if (!strcmp(question,
"fingerprint")) {
1969 if (!server_mode(get_options())) {
1970 *errmsg =
"Not running in server mode";
1994 char *out = NULL, *outp;
1996 const char *router_sig;
2003 outp = out = tor_malloc(ri_len+ei_len+1);
2004 if (!(router_sig = tor_memstr(ri_body, ri_len,
"\nrouter-signature")))
2007 memcpy(out, ri_body, router_sig-ri_body);
2008 outp += router_sig-ri_body;
2010 for (i=0; i < 2; ++i) {
2011 const char *kwd = i ?
"\nwrite-history " :
"\nread-history ";
2012 const char *cp, *eol;
2013 if (!(cp = tor_memstr(ei_body, ei_len, kwd)))
2016 if (!(eol = memchr(cp,
'\n', ei_len - (cp-ei_body))))
2018 memcpy(outp, cp, eol-cp+1);
2021 memcpy(outp, router_sig, ri_len - (router_sig-ri_body));
2023 tor_assert(outp-out < (
int)(ri_len+ei_len+1));
2035 const char *question,
2036 char **answer,
const char **errmsg)
2044 if (!strcmp(question,
"net/listeners/or"))
2046 else if (!strcmp(question,
"net/listeners/extor"))
2048 else if (!strcmp(question,
"net/listeners/dir"))
2050 else if (!strcmp(question,
"net/listeners/socks"))
2052 else if (!strcmp(question,
"net/listeners/trans"))
2054 else if (!strcmp(question,
"net/listeners/natd"))
2056 else if (!strcmp(question,
"net/listeners/httptunnel"))
2058 else if (!strcmp(question,
"net/listeners/dns"))
2060 else if (!strcmp(question,
"net/listeners/control"))
2065 res = smartlist_new();
2067 struct sockaddr_storage ss;
2068 socklen_t ss_len =
sizeof(ss);
2070 if (conn->type != type || conn->marked_for_close || !
SOCKET_OK(conn->s))
2073 if (getsockname(conn->s, (
struct sockaddr *)&ss, &ss_len) < 0) {
2081 } SMARTLIST_FOREACH_END(conn);
2086 smartlist_free(res);
2094 const char *question,
2095 char **answer,
const char **errmsg)
2101 tor_gettimeofday(&now);
2102 char timebuf[ISO_TIME_LEN+1];
2104 if (!strcmp(question,
"current-time/local"))
2106 else if (!strcmp(question,
"current-time/utc"))
2111 *answer = tor_strdup(timebuf);
2119 const char *question,
char **answer,
2120 const char **errmsg)
2122 (void) control_conn;
2134 *errmsg =
"We fetch microdescriptors, not router " 2135 "descriptors. You'll need to use md/id/* " 2136 "instead of desc/id/*.";
2139 }
else if (!
strcmpstart(question,
"desc/name/")) {
2144 node_get_by_nickname(question+strlen(
"desc/name/"), 0);
2153 *errmsg =
"We fetch microdescriptors, not router " 2154 "descriptors. You'll need to use md/name/* " 2155 "instead of desc/name/*.";
2158 }
else if (!strcmp(question,
"desc/download-enabled")) {
2161 }
else if (!strcmp(question,
"desc/all-recent")) {
2167 const char *body = signed_descriptor_get_body(&ri->cache_info);
2170 tor_strndup(body, ri->cache_info.signed_descriptor_len));
2176 }
else if (!strcmp(question,
"desc/all-recent-extrainfo-hack")) {
2184 ri->cache_info.extra_info_digest);
2187 &ri->cache_info, ei));
2190 tor_strndup(body, ri->cache_info.signed_descriptor_len));
2192 } SMARTLIST_FOREACH_END(ri);
2197 }
else if (!
strcmpstart(question,
"hs/client/desc/id/")) {
2200 question += strlen(
"hs/client/desc/id/");
2202 addr_type = ONION_V2_HOSTNAME;
2203 }
else if (hs_address_is_valid(question)) {
2204 addr_type = ONION_V3_HOSTNAME;
2206 *errmsg =
"Invalid address";
2210 if (addr_type == ONION_V2_HOSTNAME) {
2214 *answer = tor_strdup(e->
desc);
2216 *errmsg =
"Not found in cache";
2226 if (hs_parse_address(question, &service_pk, NULL, NULL) < 0) {
2227 *errmsg =
"Invalid v3 address";
2233 *answer = tor_strdup(desc);
2235 *errmsg =
"Not found in cache";
2239 }
else if (!
strcmpstart(question,
"hs/service/desc/id/")) {
2242 question += strlen(
"hs/service/desc/id/");
2244 addr_type = ONION_V2_HOSTNAME;
2245 }
else if (hs_address_is_valid(question)) {
2246 addr_type = ONION_V3_HOSTNAME;
2248 *errmsg =
"Invalid address";
2253 if (addr_type == ONION_V2_HOSTNAME) {
2254 if (!rend_cache_lookup_v2_desc_as_service(question, &e)) {
2256 *answer = tor_strdup(e->
desc);
2258 *errmsg =
"Not found in cache";
2268 if (hs_parse_address(question, &service_pk, NULL, NULL) < 0) {
2269 *errmsg =
"Invalid v3 address";
2273 desc = hs_service_lookup_current_desc(&service_pk);
2278 *errmsg =
"Not found in cache";
2282 }
else if (!strcmp(question,
"md/all")) {
2286 if (smartlist_len(nodes) == 0) {
2287 *answer = tor_strdup(
"");
2294 if (n->md && n->md->body) {
2295 char *copy = tor_strndup(n->md->body, n->md->bodylen);
2298 } SMARTLIST_FOREACH_END(n);
2302 smartlist_free(microdescs);
2306 if (node) md = node->md;
2307 if (md && md->
body) {
2313 const node_t *node = node_get_by_nickname(question+strlen(
"md/name/"), 0);
2316 if (node) md = node->md;
2317 if (md && md->
body) {
2320 }
else if (!strcmp(question,
"md/download-enabled")) {
2323 }
else if (!
strcmpstart(question,
"desc-annotations/id/")) {
2330 const char *annotations =
2333 *answer = tor_strndup(annotations,
2336 }
else if (!
strcmpstart(question,
"dir/server/")) {
2337 size_t answer_len = 0;
2346 log_warn(
LD_CONTROL,
"getinfo '%s': %s", question, msg);
2347 smartlist_free(descs);
2354 cp = *answer = tor_malloc(answer_len+1);
2358 sd->signed_descriptor_len);
2359 cp += sd->signed_descriptor_len;
2363 smartlist_free(descs);
2364 }
else if (!
strcmpstart(question,
"dir/status/")) {
2365 *answer = tor_strdup(
"");
2366 }
else if (!strcmp(question,
"dir/status-vote/current/consensus")) {
2370 *answer = tor_strdup(consensus->
dir);
2375 *answer = tor_memdup_nulterm(mapped->
data, mapped->
size);
2376 tor_munmap_file(mapped);
2379 *errmsg =
"Could not open cached consensus. " 2380 "Make sure FetchUselessDescriptors is set to 1.";
2384 }
else if (!strcmp(question,
"network-status")) {
2385 static int network_status_warned = 0;
2386 if (!network_status_warned) {
2387 log_warn(
LD_CONTROL,
"GETINFO network-status is deprecated; it will " 2388 "go away in a future version of Tor.");
2389 network_status_warned = 1;
2396 }
else if (!
strcmpstart(question,
"extra-info/digest/")) {
2397 question += strlen(
"extra-info/digest/");
2411 sd = extrainfo_get_by_descriptor_digest(d);
2435 result = tor_malloc_zero(len);
2442 } SMARTLIST_FOREACH_END(digest);
2455 char tbuf[ISO_TIME_LEN+1];
2456 const char *schedule_str, *want_authority_str;
2457 const char *increment_on_str, *backoff_str;
2464 case DL_SCHED_GENERIC:
2465 schedule_str =
"DL_SCHED_GENERIC";
2467 case DL_SCHED_CONSENSUS:
2468 schedule_str =
"DL_SCHED_CONSENSUS";
2470 case DL_SCHED_BRIDGE:
2471 schedule_str =
"DL_SCHED_BRIDGE";
2474 schedule_str =
"unknown";
2479 case DL_WANT_ANY_DIRSERVER:
2480 want_authority_str =
"DL_WANT_ANY_DIRSERVER";
2482 case DL_WANT_AUTHORITY:
2483 want_authority_str =
"DL_WANT_AUTHORITY";
2486 want_authority_str =
"unknown";
2491 case DL_SCHED_INCREMENT_FAILURE:
2492 increment_on_str =
"DL_SCHED_INCREMENT_FAILURE";
2494 case DL_SCHED_INCREMENT_ATTEMPT:
2495 increment_on_str =
"DL_SCHED_INCREMENT_ATTEMPT";
2498 increment_on_str =
"unknown";
2502 backoff_str =
"DL_SCHED_RANDOM_EXPONENTIAL";
2506 "next-attempt-at %s\n" 2507 "n-download-failures %u\n" 2508 "n-download-attempts %u\n" 2510 "want-authority %s\n" 2513 "last-backoff-position %u\n" 2514 "last-delay-used %d\n",
2533 const char **errmsg)
2539 if (strcmp(flavor,
"ns") == 0) {
2540 *dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_NS);
2541 }
else if (strcmp(flavor,
"ns/bootstrap") == 0) {
2542 *dl_to_emit = networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_NS);
2543 }
else if (strcmp(flavor,
"ns/running") == 0 ) {
2544 *dl_to_emit = networkstatus_get_dl_status_by_flavor_running(FLAV_NS);
2545 }
else if (strcmp(flavor,
"microdesc") == 0) {
2546 *dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_MICRODESC);
2547 }
else if (strcmp(flavor,
"microdesc/bootstrap") == 0) {
2549 networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_MICRODESC);
2550 }
else if (strcmp(flavor,
"microdesc/running") == 0) {
2552 networkstatus_get_dl_status_by_flavor_running(FLAV_MICRODESC);
2554 *errmsg =
"Unknown flavor";
2563 const char **errmsg)
2597 if (strcmp(fp_sk_req,
"fps") == 0) {
2598 *digest_list = list_authority_ids_with_downloads();
2599 if (!(*digest_list)) {
2600 *errmsg =
"Failed to get list of authority identity digests (!)";
2603 fp_sk_req += strlen(
"fp/");
2605 sk_req = strchr(fp_sk_req,
'/');
2609 fp_sk_req, sk_req - fp_sk_req) ==
DIGEST_LEN) {
2612 if (strcmp(sk_req,
"sks") == 0) {
2614 *digest_list = list_sk_digests_for_authority_id(id_digest);
2615 if (!(*digest_list)) {
2616 *errmsg =
"Failed to get list of signing key digests for this " 2617 "authority identity digest";
2624 download_status_for_authority_id_and_sk(id_digest, sk_digest);
2625 if (!(*dl_to_emit)) {
2626 *errmsg =
"Failed to get download status for this identity/" 2627 "signing key digest pair";
2630 *errmsg =
"That didn't look like a signing key digest";
2634 *errmsg =
"That didn't look like an identity digest";
2640 fp_sk_req, strlen(fp_sk_req)) ==
DIGEST_LEN) {
2641 *dl_to_emit = id_only_download_status_for_authority_id(id_digest);
2642 if (!(*dl_to_emit)) {
2643 *errmsg =
"Failed to get download status for this authority " 2647 *errmsg =
"That didn't look like a digest";
2650 *errmsg =
"That didn't look like a digest";
2654 *errmsg =
"Unknown certificate download status query";
2663 const char **errmsg)
2679 if (strcmp(desc_req,
"descs") == 0) {
2680 *digest_list = router_get_descriptor_digests();
2681 if (!(*digest_list)) {
2682 *errmsg =
"We don't seem to have a networkstatus-flavored consensus";
2692 *dl_to_emit = router_get_dl_status_by_descriptor_digest(desc_digest);
2693 if (!(*dl_to_emit)) {
2694 *errmsg =
"No such descriptor digest found";
2697 *errmsg =
"That didn't look like a digest";
2700 *errmsg =
"Unknown router descriptor download status query";
2709 const char **errmsg)
2725 if (strcmp(bridge_req,
"bridges") == 0) {
2726 *digest_list = list_bridge_identities();
2727 if (!(*digest_list)) {
2728 *errmsg =
"We don't seem to be using bridges";
2732 bridge_req, strlen(bridge_req)) ==
DIGEST_LEN) {
2734 *dl_to_emit = get_bridge_dl_status_by_id(bridge_digest);
2735 if (!(*dl_to_emit)) {
2736 *errmsg =
"No such bridge identity digest found";
2739 *errmsg =
"That didn't look like a digest";
2742 *errmsg =
"Unknown bridge descriptor download status query";
2750 const char *question,
char **answer,
2751 const char **errmsg)
2766 if (!
strcmpstart(question,
"downloads/networkstatus/")) {
2768 question + strlen(
"downloads/networkstatus/"),
2769 &dl_to_emit, errmsg);
2771 }
else if (!
strcmpstart(question,
"downloads/cert/")) {
2773 question + strlen(
"downloads/cert/"),
2774 &dl_to_emit, &digest_list, errmsg);
2776 }
else if (!
strcmpstart(question,
"downloads/desc/")) {
2778 question + strlen(
"downloads/desc/"),
2779 &dl_to_emit, &digest_list, errmsg);
2781 }
else if (!
strcmpstart(question,
"downloads/bridge/")) {
2783 question + strlen(
"downloads/bridge/"),
2784 &dl_to_emit, &digest_list, errmsg);
2786 *errmsg =
"Unknown download status query";
2793 }
else if (digest_list) {
2796 smartlist_free(digest_list);
2801 *errmsg =
"Unknown error";
2828 char *flaglist_joined;
2840 if (smartlist_len(flaglist)) {
2848 smartlist_free(flaglist);
2855 const char *hs_state =
2858 if (hs_state != NULL) {
2864 char addr[HS_SERVICE_ADDR_LEN_BASE32 + 1];
2865 const char *onion_address;
2867 onion_address = rend_data_get_address(circ->
rend_data);
2869 hs_build_address(&circ->
hs_ident->identity_pk, HS_VERSION_THREE, addr);
2870 onion_address = addr;
2876 char tbuf[ISO_TIME_USEC_LEN+1];
2883 if (circ->socks_username_len > 0) {
2885 (
size_t) circ->socks_username_len);
2887 socks_username_escaped);
2890 if (circ->socks_password_len > 0) {
2892 (
size_t) circ->socks_password_len);
2894 socks_password_escaped);
2901 smartlist_free(descparts);
2910 const char *question,
char **answer,
2911 const char **errmsg)
2914 (void) control_conn;
2915 if (!strcmp(question,
"circuit-status")) {
2928 state =
"GUARD_WAIT";
2929 else if (circ->
cpath)
2938 state, *circdesc ?
" " :
"", circdesc);
2941 SMARTLIST_FOREACH_END(circ_);
2944 smartlist_free(status);
2945 }
else if (!strcmp(question,
"stream-status")) {
2955 base_conn->marked_for_close ||
2959 conn = TO_ENTRY_CONN(base_conn);
2960 switch (base_conn->state)
2966 state =
"NEWRESOLVE";
2972 state =
"SENTCONNECT";
break;
2974 state =
"SENTRESOLVE";
break;
2976 state =
"SUCCEEDED";
break;
2978 log_warn(
LD_BUG,
"Asked for stream in unknown state %d",
2987 (
unsigned long) base_conn->global_identifier,state,
2991 } SMARTLIST_FOREACH_END(base_conn);
2994 smartlist_free(status);
2995 }
else if (!strcmp(question,
"orconn-status")) {
3002 if (base_conn->type !=
CONN_TYPE_OR || base_conn->marked_for_close)
3006 state =
"CONNECTED";
3013 } SMARTLIST_FOREACH_END(base_conn);
3016 smartlist_free(status);
3017 }
else if (!
strcmpstart(question,
"address-mappings/")) {
3018 time_t min_e, max_e;
3020 question += strlen(
"address-mappings/");
3021 if (!strcmp(question,
"all")) {
3022 min_e = 0; max_e = TIME_MAX;
3023 }
else if (!strcmp(question,
"cache")) {
3024 min_e = 2; max_e = TIME_MAX;
3025 }
else if (!strcmp(question,
"config")) {
3026 min_e = 0; max_e = 0;
3027 }
else if (!strcmp(question,
"control")) {
3028 min_e = 1; max_e = 1;
3032 mappings = smartlist_new();
3036 smartlist_free(mappings);
3040 if (!strcmp(question,
"status/circuit-established")) {
3042 }
else if (!strcmp(question,
"status/enough-dir-info")) {
3043 *answer = tor_strdup(router_have_minimum_dir_info() ?
"1" :
"0");
3044 }
else if (!strcmp(question,
"status/good-server-descriptor") ||
3045 !strcmp(question,
"status/accepted-server-descriptor")) {
3051 }
else if (!strcmp(question,
"status/reachability-succeeded/or")) {
3054 }
else if (!strcmp(question,
"status/reachability-succeeded/dir")) {
3057 }
else if (!strcmp(question,
"status/reachability-succeeded")) {
3061 }
else if (!strcmp(question,
"status/bootstrap-phase")) {
3063 }
else if (!
strcmpstart(question,
"status/version/")) {
3064 int is_server = server_mode(options);
3067 const char *recommended;
3076 if (!strcmp(question,
"status/version/recommended")) {
3077 *answer = tor_strdup(recommended);
3080 if (!strcmp(question,
"status/version/current")) {
3084 case VS_OLD: *answer = tor_strdup(
"obsolete");
break;
3085 case VS_NEW: *answer = tor_strdup(
"new");
break;
3088 case VS_EMPTY: *answer = tor_strdup(
"none recommended");
break;
3089 case VS_UNKNOWN: *answer = tor_strdup(
"unknown");
break;
3093 }
else if (!strcmp(question,
"status/clients-seen")) {
3095 if (!bridge_stats) {
3096 *errmsg =
"No bridge-client stats available";
3099 *answer = bridge_stats;
3100 }
else if (!strcmp(question,
"status/fresh-relay-descs")) {
3101 if (!server_mode(options)) {
3102 *errmsg =
"Only relays have descriptors";
3108 *errmsg =
"Error generating descriptor";
3116 char *descs = tor_malloc(size);
3122 if (cp[0] ==
'\0') {
3124 }
else if (cp[0] !=
'\n') {
3132 if (cp[0] ==
'\n') {
3134 }
else if (cp[0] !=
'\0') {
3151 const char *question,
char **answer,
3152 const char **errmsg)
3157 if (control_conn && !strcmp(question,
"onions/current")) {
3159 }
else if (!strcmp(question,
"onions/detached")) {
3164 if (!onion_list || smartlist_len(onion_list) == 0) {
3166 *answer = tor_strdup(
"");
3181 const char *question,
char **answer,
3182 const char **errmsg)
3186 if (strcmp(question,
"network-liveness") == 0) {
3187 if (get_cached_network_liveness()) {
3188 *answer = tor_strdup(
"up");
3190 *answer = tor_strdup(
"down");
3201 const char *question,
char **answer,
3202 const char **errmsg)
3204 (void) control_conn;
3207 if (!strcmp(question,
"sr/current")) {
3208 *answer = sr_get_current_for_control();
3209 }
else if (!strcmp(question,
"sr/previous")) {
3210 *answer = sr_get_previous_for_control();
3226 const char *q,
char **a,
3227 const char **error_out);
3238 #define ITEM(name, fn, desc) { name, getinfo_helper_##fn, desc, 0 } 3239 #define PREFIX(name, fn, desc) { name, getinfo_helper_##fn, desc, 1 } 3240 #define DOC(name, desc) { name, NULL, desc, 0 } 3245 ITEM(
"version", misc,
"The current version of Tor."),
3246 ITEM(
"bw-event-cache", misc,
"Cached BW events for a short interval."),
3247 ITEM(
"config-file", misc,
"Current location of the \"torrc\" file."),
3248 ITEM(
"config-defaults-file", misc,
"Current location of the defaults file."),
3249 ITEM(
"config-text", misc,
3250 "Return the string that would be written by a saveconf command."),
3251 ITEM(
"config-can-saveconf", misc,
3252 "Is it possible to save the configuration to the \"torrc\" file?"),
3253 ITEM(
"accounting/bytes", accounting,
3254 "Number of bytes read/written so far in the accounting interval."),
3255 ITEM(
"accounting/bytes-left", accounting,
3256 "Number of bytes left to write/read so far in the accounting interval."),
3257 ITEM(
"accounting/enabled", accounting,
"Is accounting currently enabled?"),
3258 ITEM(
"accounting/hibernating", accounting,
"Are we hibernating or awake?"),
3259 ITEM(
"accounting/interval-start", accounting,
3260 "Time when the accounting period starts."),
3261 ITEM(
"accounting/interval-end", accounting,
3262 "Time when the accounting period ends."),
3263 ITEM(
"accounting/interval-wake", accounting,
3264 "Time to wake up in this accounting period."),
3265 ITEM(
"helper-nodes", entry_guards, NULL),
3266 ITEM(
"entry-guards", entry_guards,
3267 "Which nodes are we using as entry guards?"),
3268 ITEM(
"fingerprint", misc, NULL),
3269 PREFIX(
"config/", config,
"Current configuration values."),
3271 "List of configuration options, types, and documentation."),
3272 DOC(
"config/defaults",
3273 "List of default values for configuration options. " 3274 "See also config/names"),
3275 PREFIX(
"current-time/", current_time,
"Current time."),
3276 DOC(
"current-time/local",
"Current time on the local system."),
3277 DOC(
"current-time/utc",
"Current UTC time."),
3278 PREFIX(
"downloads/networkstatus/", downloads,
3279 "Download statuses for networkstatus objects"),
3280 DOC(
"downloads/networkstatus/ns",
3281 "Download status for current-mode networkstatus download"),
3282 DOC(
"downloads/networkstatus/ns/bootstrap",
3283 "Download status for bootstrap-time networkstatus download"),
3284 DOC(
"downloads/networkstatus/ns/running",
3285 "Download status for run-time networkstatus download"),
3286 DOC(
"downloads/networkstatus/microdesc",
3287 "Download status for current-mode microdesc download"),
3288 DOC(
"downloads/networkstatus/microdesc/bootstrap",
3289 "Download status for bootstrap-time microdesc download"),
3290 DOC(
"downloads/networkstatus/microdesc/running",
3291 "Download status for run-time microdesc download"),
3292 PREFIX(
"downloads/cert/", downloads,
3293 "Download statuses for certificates, by id fingerprint and " 3295 DOC(
"downloads/cert/fps",
3296 "List of authority fingerprints for which any download statuses " 3298 DOC(
"downloads/cert/fp/<fp>",
3299 "Download status for <fp> with the default signing key; corresponds " 3300 "to /fp/ URLs on directory server."),
3301 DOC(
"downloads/cert/fp/<fp>/sks",
3302 "List of signing keys for which specific download statuses are " 3303 "available for this id fingerprint"),
3304 DOC(
"downloads/cert/fp/<fp>/<sk>",
3305 "Download status for <fp> with signing key <sk>; corresponds " 3306 "to /fp-sk/ URLs on directory server."),
3307 PREFIX(
"downloads/desc/", downloads,
3308 "Download statuses for router descriptors, by descriptor digest"),
3309 DOC(
"downloads/desc/descs",
3310 "Return a list of known router descriptor digests"),
3311 DOC(
"downloads/desc/<desc>",
3312 "Return a download status for a given descriptor digest"),
3313 PREFIX(
"downloads/bridge/", downloads,
3314 "Download statuses for bridge descriptors, by bridge identity " 3316 DOC(
"downloads/bridge/bridges",
3317 "Return a list of configured bridge identity digests with download " 3319 DOC(
"downloads/bridge/<desc>",
3320 "Return a download status for a given bridge identity digest"),
3321 ITEM(
"info/names", misc,
3322 "List of GETINFO options, types, and documentation."),
3323 ITEM(
"events/names", misc,
3324 "Events that the controller can ask for with SETEVENTS."),
3325 ITEM(
"signal/names", misc,
"Signal names recognized by the SIGNAL command"),
3326 ITEM(
"features/names", misc,
"What arguments can USEFEATURE take?"),
3327 PREFIX(
"desc/id/", dir,
"Router descriptors by ID."),
3328 PREFIX(
"desc/name/", dir,
"Router descriptors by nickname."),
3329 ITEM(
"desc/all-recent", dir,
3330 "All non-expired, non-superseded router descriptors."),
3331 ITEM(
"desc/download-enabled", dir,
3332 "Do we try to download router descriptors?"),
3333 ITEM(
"desc/all-recent-extrainfo-hack", dir, NULL),
3334 ITEM(
"md/all", dir,
"All known microdescriptors."),
3335 PREFIX(
"md/id/", dir,
"Microdescriptors by ID"),
3336 PREFIX(
"md/name/", dir,
"Microdescriptors by name"),
3337 ITEM(
"md/download-enabled", dir,
3338 "Do we try to download microdescriptors?"),
3339 PREFIX(
"extra-info/digest/", dir,
"Extra-info documents by digest."),
3340 PREFIX(
"hs/client/desc/id", dir,
3341 "Hidden Service descriptor in client's cache by onion."),
3342 PREFIX(
"hs/service/desc/id/", dir,
3343 "Hidden Service descriptor in services's cache by onion."),
3344 PREFIX(
"net/listeners/", listeners,
"Bound addresses by type"),
3345 ITEM(
"ns/all", networkstatus,
3346 "Brief summary of router status (v2 directory format)"),
3347 PREFIX(
"ns/id/", networkstatus,
3348 "Brief summary of router status by ID (v2 directory format)."),
3349 PREFIX(
"ns/name/", networkstatus,
3350 "Brief summary of router status by nickname (v2 directory format)."),
3351 PREFIX(
"ns/purpose/", networkstatus,
3352 "Brief summary of router status by purpose (v2 directory format)."),
3353 PREFIX(
"consensus/", networkstatus,
3354 "Information about and from the ns consensus."),
3355 ITEM(
"network-status", dir,
3356 "Brief summary of router status (v1 directory format)"),
3357 ITEM(
"network-liveness", liveness,
3358 "Current opinion on whether the network is live"),
3359 ITEM(
"circuit-status", events,
"List of current circuits originating here."),
3360 ITEM(
"stream-status", events,
"List of current streams."),
3361 ITEM(
"orconn-status", events,
"A list of current OR connections."),
3362 ITEM(
"dormant", misc,
3363 "Is Tor dormant (not building circuits because it's idle)?"),
3364 PREFIX(
"address-mappings/", events, NULL),
3365 DOC(
"address-mappings/all",
"Current address mappings."),
3366 DOC(
"address-mappings/cache",
"Current cached DNS replies."),
3367 DOC(
"address-mappings/config",
3368 "Current address mappings from configuration."),
3369 DOC(
"address-mappings/control",
"Current address mappings from controller."),
3370 PREFIX(
"status/", events, NULL),
3371 DOC(
"status/circuit-established",
3372 "Whether we think client functionality is working."),
3373 DOC(
"status/enough-dir-info",
3374 "Whether we have enough up-to-date directory information to build " 3376 DOC(
"status/bootstrap-phase",
3377 "The last bootstrap phase status event that Tor sent."),
3378 DOC(
"status/clients-seen",
3379 "Breakdown of client countries seen by a bridge."),
3380 DOC(
"status/fresh-relay-descs",
3381 "A fresh relay/ei descriptor pair for Tor's current state. Not stored."),
3382 DOC(
"status/version/recommended",
"List of currently recommended versions."),
3383 DOC(
"status/version/current",
"Status of the current version."),
3384 ITEM(
"address", misc,
"IP address of this Tor host, if we can guess it."),
3385 ITEM(
"traffic/read", misc,
"Bytes read since the process was started."),
3386 ITEM(
"traffic/written", misc,
3387 "Bytes written since the process was started."),
3388 ITEM(
"uptime", misc,
"Uptime of the Tor daemon in seconds."),
3389 ITEM(
"process/pid", misc,
"Process id belonging to the main tor process."),
3390 ITEM(
"process/uid", misc,
"User id running the tor process."),
3391 ITEM(
"process/user", misc,
3392 "Username under which the tor process is running."),
3393 ITEM(
"process/descriptor-limit", misc,
"File descriptor limit."),
3394 ITEM(
"limits/max-mem-in-queues", misc,
"Actual limit on memory in queues"),
3395 PREFIX(
"desc-annotations/id/", dir,
"Router annotations by hexdigest."),
3396 PREFIX(
"dir/server/", dir,
"Router descriptors as retrieved from a DirPort."),
3397 PREFIX(
"dir/status/", dir,
3398 "v2 networkstatus docs as retrieved from a DirPort."),
3399 ITEM(
"dir/status-vote/current/consensus", dir,
3400 "v3 Networkstatus consensus as retrieved from a DirPort."),
3401 ITEM(
"exit-policy/default", policies,
3402 "The default value appended to the configured exit policy."),
3403 ITEM(
"exit-policy/reject-private/default", policies,
3404 "The default rules appended to the configured exit policy by" 3405 " ExitPolicyRejectPrivate."),
3406 ITEM(
"exit-policy/reject-private/relay", policies,
3407 "The relay-specific rules appended to the configured exit policy by" 3408 " ExitPolicyRejectPrivate and/or ExitPolicyRejectLocalInterfaces."),
3409 ITEM(
"exit-policy/full", policies,
"The entire exit policy of onion router"),
3410 ITEM(
"exit-policy/ipv4", policies,
"IPv4 parts of exit policy"),
3411 ITEM(
"exit-policy/ipv6", policies,
"IPv6 parts of exit policy"),
3412 PREFIX(
"ip-to-country/", geoip,
"Perform a GEOIP lookup"),
3413 ITEM(
"onions/current", onions,
3414 "Onion services owned by the current control connection."),
3415 ITEM(
"onions/detached", onions,
3416 "Onion services detached from the control connection."),
3417 ITEM(
"sr/current", sr,
"Get current shared random value."),
3418 ITEM(
"sr/previous", sr,
"Get previous shared random value."),
3419 { NULL, NULL, NULL, 0 }
3442 smartlist_free(lines);
3453 const char *question,
char **answer,
3454 const char **err_out)
3488 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
3490 const char *errmsg = NULL;
3494 errmsg =
"Internal error";
3507 } SMARTLIST_FOREACH_END(q);
3509 if (smartlist_len(unrecognized)) {
3511 for (i=0; i < smartlist_len(unrecognized)-1; ++i)
3514 (
char *)smartlist_get(unrecognized, i));
3518 (
char *)smartlist_get(unrecognized, i));
3522 for (i = 0; i < smartlist_len(answers); i += 2) {
3523 char *k = smartlist_get(answers, i);
3524 char *v = smartlist_get(answers, i+1);
3525 if (!strchr(v,
'\n') && !strchr(v,
'\r')) {
3534 connection_buf_add(esc, esc_len,
TO_CONN(conn));
3542 smartlist_free(answers);
3544 smartlist_free(questions);
3546 smartlist_free(unrecognized);
3556 string += strlen(
"purpose=");
3558 if (!strcasecmp(
string,
"general"))
3560 else if (!strcasecmp(
string,
"controller"))
3573 const char *body,
int min_args,
int max_args)
3577 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
3578 if (smartlist_len(args) < min_args) {
3581 }
else if (max_args >= 0 && smartlist_len(args) > max_args) {
3588 smartlist_free(args);
3599 for (i = start_at; i < smartlist_len(sl); ++i) {
3600 const char *elt = smartlist_get(sl, i);
3614 return strchr(s,
'=') && s[0] !=
'$';
3630 router_nicknames = smartlist_new();
3636 zero_circ = !strcmp(
"0", (
char*)smartlist_get(args,0));
3646 smartlist_free(args);
3651 if ((smartlist_len(args) == 1) ||
3652 (smartlist_len(args) >= 2 &&
is_keyval_pair(smartlist_get(args, 1)))) {
3662 smartlist_free(args);
3669 if (!zero_circ && !(circ =
get_circ(smartlist_get(args,0)))) {
3671 (
char*)smartlist_get(args, 0));
3673 smartlist_free(args);
3677 if (smartlist_len(args) < 2) {
3679 "512 syntax error: not enough arguments.\r\n");
3681 smartlist_free(args);
3688 smartlist_free(args);
3690 nodes = smartlist_new();
3691 int first_node = zero_circ;
3693 const node_t *node = node_get_by_nickname(n, 0);
3704 } SMARTLIST_FOREACH_END(n);
3705 if (!smartlist_len(nodes)) {
3716 first_node = zero_circ;
3721 tor_assert_nonfatal(first_node);
3723 "controller tried to connect to a node that lacks a suitable " 3724 "descriptor, or which doesn't have any " 3725 "addresses that are allowed by the firewall configuration; " 3726 "circuit marked for closing.");
3727 circuit_mark_for_close(
TO_CIRCUIT(circ), -END_CIRC_REASON_CONNECTFAILED);
3735 extend_info_free(info);
3743 circuit_mark_for_close(
TO_CIRCUIT(circ), -err_reason);
3754 "send_next_onion_skin failed; circuit marked for closing.");
3755 circuit_mark_for_close(
TO_CIRCUIT(circ), -err_reason);
3768 smartlist_free(router_nicknames);
3769 smartlist_free(nodes);
3777 uint32_t len,
const char *body)
3780 uint8_t new_purpose;
3788 if (!(circ =
get_circ(smartlist_get(args,0)))) {
3790 (
char*)smartlist_get(args, 0));
3813 smartlist_free(args);
3829 int hop=0, hop_line_ok=1;
3836 zero_circ = !strcmp(
"0", (
char*)smartlist_get(args,1));
3838 if (!(ap_conn =
get_stream(smartlist_get(args, 0)))) {
3840 (
char*)smartlist_get(args, 0));
3841 }
else if (!zero_circ && !(circ =
get_circ(smartlist_get(args, 1)))) {
3843 (
char*)smartlist_get(args, 1));
3847 hopstring += strlen(
"HOP=");
3849 &hop_line_ok, NULL);
3856 smartlist_free(args);
3857 if (!ap_conn || (!zero_circ && !circ) || !hop_line_ok)
3864 "555 Connection is not managed by controller.\r\n",
3879 CONNECTION_AP_EXPECT_NONPENDING(ap_conn);
3885 "551 Can't attach stream to non-open origin circuit\r\n",
3892 "551 Can't attach stream to this one-hop circuit.\r\n", conn);
3896 if (circ && hop>0) {
3901 "551 Circuit doesn't have %d hops.\r\n", hop);
3920 const char *msg=NULL;
3921 uint8_t purpose = ROUTER_PURPOSE_GENERAL;
3924 const char *cp = memchr(body,
'\n', len);
3932 char *cmdline = tor_memdup_nulterm(body, cp-body);
3935 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
3938 option += strlen(
"purpose=");
3940 if (purpose == ROUTER_PURPOSE_UNKNOWN) {
3946 option += strlen(
"cache=");
3947 if (!strcasecmp(option,
"no"))
3949 else if (!strcasecmp(option,
"yes"))
3958 "512 Unexpected argument \"%s\" to postdescriptor\r\n", option);
3961 } SMARTLIST_FOREACH_END(option);
3967 if (!msg) msg =
"Could not parse descriptor";
3971 if (!msg) msg =
"Descriptor not added";
3982 smartlist_free(args);
3994 char *new_addr = NULL;
3995 uint16_t new_port = 0;
4003 if (!(ap_conn =
get_stream(smartlist_get(args, 0)))
4006 (
char*)smartlist_get(args, 0));
4009 if (smartlist_len(args) > 2) {
4011 10, 1, 65535, &ok, NULL);
4015 (
char*)smartlist_get(args, 2));
4017 new_addr = tor_strdup(smartlist_get(args, 1));
4022 smartlist_free(args);
4051 else if (!(ap_conn =
get_stream(smartlist_get(args, 0))))
4053 (
char*)smartlist_get(args, 0));
4059 (
char*)smartlist_get(args, 1));
4064 smartlist_free(args);
4068 connection_mark_unattached_ap(ap_conn, reason);
4088 if (!(circ=
get_circ(smartlist_get(args, 0))))
4090 (
char*)smartlist_get(args, 0));
4093 for (i=1; i < smartlist_len(args); ++i) {
4094 if (!strcasecmp(smartlist_get(args, i),
"IfUnused"))
4097 log_info(
LD_CONTROL,
"Skipping unknown option %s",
4098 (
char*)smartlist_get(args,i));
4102 smartlist_free(args);
4107 circuit_mark_for_close(
TO_CIRCUIT(circ), END_CIRC_REASON_REQUESTED);
4125 log_warn(
LD_CONTROL,
"Controller asked us to resolve an address, but " 4126 "isn't listening for ADDRMAP events. It probably won't see " 4129 args = smartlist_new();
4131 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4134 if (modearg && !strcasecmp(modearg,
"mode=reverse"))
4137 failed = smartlist_new();
4152 smartlist_free(args);
4153 smartlist_free(failed);
4162 const char *bad_arg = NULL;
4167 args = smartlist_new();
4169 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4183 connection_mark_for_close(
TO_CONN(conn));
4204 if (!cookies && !passwd)
4207 smartlist_free(mlist);
4211 "250-PROTOCOLINFO 1\r\n" 4212 "250-AUTH METHODS=%s%s%s\r\n" 4213 "250-VERSION Tor=%s\r\n" 4216 cookies?
" COOKIEFILE=":
"",
4217 cookies?esc_cfile:
"",
4226 smartlist_free(args);
4235 const char *cp = body;
4237 size_t client_nonce_len;
4240 char server_nonce[SAFECOOKIE_SERVER_NONCE_LEN];
4241 char server_nonce_encoded[(2*SAFECOOKIE_SERVER_NONCE_LEN) + 1];
4243 cp += strspn(cp,
" \t\n\r");
4245 cp += strlen(
"SAFECOOKIE");
4248 "authentication\r\n", conn);
4249 connection_mark_for_close(
TO_CONN(conn));
4256 connection_mark_for_close(
TO_CONN(conn));
4260 cp += strspn(cp,
" \t\n\r");
4264 &client_nonce, &client_nonce_len);
4265 if (newcp == NULL) {
4268 connection_mark_for_close(
TO_CONN(conn));
4273 size_t client_nonce_encoded_len = strspn(cp,
"0123456789ABCDEFabcdef");
4275 client_nonce_len = client_nonce_encoded_len / 2;
4276 client_nonce = tor_malloc_zero(client_nonce_len);
4279 cp, client_nonce_encoded_len)
4280 != (
int) client_nonce_len) {
4283 connection_mark_for_close(
TO_CONN(conn));
4288 cp += client_nonce_encoded_len;
4291 cp += strspn(cp,
" \t\n\r");
4296 connection_mark_for_close(
TO_CONN(conn));
4300 crypto_rand(server_nonce, SAFECOOKIE_SERVER_NONCE_LEN);
4309 SAFECOOKIE_SERVER_NONCE_LEN);
4310 char *tmp = tor_malloc_zero(tmp_len);
4315 server_nonce, SAFECOOKIE_SERVER_NONCE_LEN);
4318 SAFECOOKIE_SERVER_TO_CONTROLLER_CONSTANT,
4319 strlen(SAFECOOKIE_SERVER_TO_CONTROLLER_CONSTANT),
4324 SAFECOOKIE_CONTROLLER_TO_SERVER_CONSTANT,
4325 strlen(SAFECOOKIE_CONTROLLER_TO_SERVER_CONSTANT),
4334 base16_encode(server_hash_encoded,
sizeof(server_hash_encoded),
4335 server_hash,
sizeof(server_hash));
4336 base16_encode(server_nonce_encoded,
sizeof(server_nonce_encoded),
4337 server_nonce,
sizeof(server_nonce));
4340 "250 AUTHCHALLENGE SERVERHASH=%s " 4341 "SERVERNONCE=%s\r\n",
4342 server_hash_encoded,
4343 server_nonce_encoded);
4359 args = smartlist_new();
4361 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4363 if (!strcasecmp(arg,
"VERBOSE_NAMES"))
4365 else if (!strcasecmp(arg,
"EXTENDED_EVENTS"))
4373 } SMARTLIST_FOREACH_END(arg);
4380 smartlist_free(args);
4392 args = smartlist_new();
4394 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4396 static int have_warned = 0;
4397 if (! have_warned) {
4398 log_warn(
LD_CONTROL,
"DROPGUARDS is dangerous; make sure you understand " 4399 "the risks before using it. It may be removed in a future " 4404 if (smartlist_len(args)) {
4412 smartlist_free(args);
4422 char digest[
DIGEST_LEN], *hsaddress = NULL, *arg1 = NULL, *desc_id = NULL;
4425 static const char *hsfetch_command =
"HSFETCH";
4426 static const char *v2_str =
"v2-";
4427 const size_t v2_str_len = strlen(v2_str);
4437 arg1 = smartlist_get(args, 0);
4454 static const char *opt_server =
"SERVER=";
4457 for (i = 1; i < smartlist_len(args); ++i) {
4458 const char *arg = smartlist_get(args, i);
4464 server = arg + strlen(opt_server);
4473 hsdirs = smartlist_new();
4484 rend_query = rend_data_client_create(hsaddress, desc_id, NULL,
4486 if (rend_query == NULL) {
4493 if (desc_id && (!hsdirs || !smartlist_len(hsdirs))) {
4511 smartlist_free(args);
4513 smartlist_free(hsdirs);
4514 rend_data_free(rend_query);
4525 static const char *opt_server =
"SERVER=";
4526 static const char *opt_hsaddress =
"HSADDRESS=";
4528 const char *encoded_desc = body;
4529 size_t encoded_desc_len = len;
4530 const char *onion_address = NULL;
4532 char *cp = memchr(body,
'\n', len);
4537 char *argline = tor_strndup(body, cp-body);
4548 encoded_desc_len = len-(cp-body);
4551 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
4554 const char *server = arg + strlen(opt_server);
4557 if (!node || !node->rs) {
4564 hs_dirs = smartlist_new();
4567 const char *address = arg + strlen(opt_hsaddress);
4568 if (!hs_address_is_valid(address)) {
4572 onion_address = address;
4578 } SMARTLIST_FOREACH_END(arg);
4582 if (onion_address) {
4583 char *desc_str = NULL;
4585 if (hs_control_hspost_command(desc_str, onion_address, hs_dirs) < 0) {
4602 char *intro_content = NULL;
4604 size_t encoded_size;
4605 const char *next_desc;
4607 &intro_size, &encoded_size,
4622 smartlist_free(descs);
4625 rend_service_descriptor_free(parsed);
4631 rend_encoded_v2_service_descriptor_free(desc);
4634 smartlist_free(hs_dirs);
4636 smartlist_free(args);
4657 add_onion_helper_add_service(
int hs_version,
4658 add_onion_secret_key_t *pk,
4660 int max_streams_close_circuit,
int auth_type,
4669 switch (hs_version) {
4670 case HS_VERSION_TWO:
4672 max_streams_close_circuit, auth_type,
4673 auth_clients, address_out);
4675 case HS_VERSION_THREE:
4676 ret = hs_service_add_ephemeral(pk->v3, port_cfgs, max_streams,
4677 max_streams_close_circuit, address_out);
4680 tor_assert_unreached();
4699 arg_len = smartlist_len(args);
4710 int max_streams = 0;
4711 int max_streams_close_circuit = 0;
4714 int non_anonymous = 0;
4715 for (
int i = 1; i < arg_len; i++) {
4716 static const char *port_prefix =
"Port=";
4717 static const char *flags_prefix =
"Flags=";
4718 static const char *max_s_prefix =
"MaxStreams=";
4719 static const char *auth_prefix =
"ClientAuth=";
4721 const char *arg = smartlist_get(args, (
int)i);
4724 const char *port_str = arg + strlen(port_prefix);
4735 const char *max_s_str = arg + strlen(max_s_prefix);
4737 max_streams = (int)
tor_parse_long(max_s_str, 10, 0, 65535, &ok, NULL);
4756 static const char *discard_flag =
"DiscardPK";
4757 static const char *detach_flag =
"Detach";
4758 static const char *max_s_close_flag =
"MaxStreamsCloseCircuit";
4759 static const char *basicauth_flag =
"BasicAuth";
4760 static const char *non_anonymous_flag =
"NonAnonymous";
4766 SPLIT_IGNORE_BLANK, 0);
4767 if (smartlist_len(flags) < 1) {
4773 if (!strcasecmp(flag, discard_flag)) {
4775 }
else if (!strcasecmp(flag, detach_flag)) {
4777 }
else if (!strcasecmp(flag, max_s_close_flag)) {
4778 max_streams_close_circuit = 1;
4779 }
else if (!strcasecmp(flag, basicauth_flag)) {
4780 auth_type = REND_BASIC_AUTH;
4781 }
else if (!strcasecmp(flag, non_anonymous_flag)) {
4785 "512 Invalid 'Flags' argument: %s\r\n",
4790 } SMARTLIST_FOREACH_END(flag);
4792 smartlist_free(flags);
4796 char *err_msg = NULL;
4800 &created, &err_msg);
4809 if (auth_clients != NULL) {
4812 if (strcmp(ac->client_name, client->client_name) == 0) {
4816 } SMARTLIST_FOREACH_END(ac);
4819 "512 Duplicate name in ClientAuth\r\n");
4820 rend_authorized_client_free(client);
4824 auth_clients = smartlist_new();
4825 auth_created_clients = smartlist_new();
4836 if (smartlist_len(port_cfgs) == 0) {
4839 }
else if (auth_type == REND_NO_AUTH && auth_clients != NULL) {
4842 }
else if (auth_type != REND_NO_AUTH && auth_clients == NULL) {
4845 }
else if ((auth_type == REND_BASIC_AUTH &&
4846 smartlist_len(auth_clients) > 512) ||
4847 (auth_type == REND_STEALTH_AUTH &&
4848 smartlist_len(auth_clients) > 16)) {
4851 }
else if (non_anonymous != rend_service_non_anonymous_mode_enabled(
4862 non_anonymous ?
"" :
"non-");
4868 add_onion_secret_key_t pk = { NULL };
4869 const char *key_new_alg = NULL;
4870 char *key_new_blob = NULL;
4871 char *err_msg = NULL;
4874 &key_new_alg, &key_new_blob, &pk, &hs_version,
4886 if (hs_version == HS_VERSION_THREE && auth_clients) {
4896 char *service_id = NULL;
4897 int ret = add_onion_helper_add_service(hs_version, &pk, port_cfgs,
4899 max_streams_close_circuit, auth_type,
4900 auth_clients, &service_id);
4902 auth_clients = NULL;
4921 key_new_alg, key_new_blob);
4923 if (auth_created_clients) {
4929 ac->client_name, encoded);
4930 memwipe(encoded, 0, strlen(encoded));
4955 memwipe(key_new_blob, 0, strlen(key_new_blob));
4962 rend_service_port_config_free(p));
4963 smartlist_free(port_cfgs);
4968 rend_authorized_client_free(ac));
4969 smartlist_free(auth_clients);
4971 if (auth_created_clients) {
4973 smartlist_free(auth_created_clients);
4980 smartlist_free(args);
4995 const char **key_new_alg_out,
char **key_new_blob_out,
4996 add_onion_secret_key_t *decoded_key,
int *hs_version,
5001 const char *key_new_alg = NULL;
5002 char *key_new_blob = NULL;
5003 char *err_msg = NULL;
5007 if (smartlist_len(key_args) != 2) {
5008 err_msg = tor_strdup(
"512 Invalid key type/blob\r\n");
5013 static const char *key_type_new =
"NEW";
5014 static const char *key_type_best =
"BEST";
5015 static const char *key_type_rsa1024 =
"RSA1024";
5016 static const char *key_type_ed25519_v3 =
"ED25519-V3";
5018 const char *key_type = smartlist_get(key_args, 0);
5019 const char *key_blob = smartlist_get(key_args, 1);
5021 if (!strcasecmp(key_type_rsa1024, key_type)) {
5025 err_msg = tor_strdup(
"512 Failed to decode RSA key\r\n");
5030 err_msg = tor_strdup(
"512 Invalid RSA key size\r\n");
5033 decoded_key->v2 = pk;
5034 *hs_version = HS_VERSION_TWO;
5035 }
else if (!strcasecmp(key_type_ed25519_v3, key_type)) {
5039 strlen(key_blob)) !=
sizeof(sk->
seckey)) {
5041 err_msg = tor_strdup(
"512 Failed to decode ED25519-V3 key\r\n");
5044 decoded_key->v3 = sk;
5045 *hs_version = HS_VERSION_THREE;
5046 }
else if (!strcasecmp(key_type_new, key_type)) {
5048 if (!strcasecmp(key_type_rsa1024, key_blob) ||
5049 !strcasecmp(key_type_best, key_blob)) {
5051 pk = crypto_pk_new();
5052 if (crypto_pk_generate_key(pk)) {
5053 tor_asprintf(&err_msg,
"551 Failed to generate %s key\r\n",
5060 tor_asprintf(&err_msg,
"551 Failed to encode %s key\r\n",
5064 key_new_alg = key_type_rsa1024;
5066 decoded_key->v2 = pk;
5067 *hs_version = HS_VERSION_TWO;
5068 }
else if (!strcasecmp(key_type_ed25519_v3, key_blob)) {
5072 tor_asprintf(&err_msg,
"551 Failed to generate %s key\r\n",
5073 key_type_ed25519_v3);
5078 key_new_blob = tor_malloc_zero(len);
5080 sizeof(sk->
seckey), 0) != (len - 1)) {
5083 tor_asprintf(&err_msg,
"551 Failed to encode %s key\r\n",
5084 key_type_ed25519_v3);
5087 key_new_alg = key_type_ed25519_v3;
5089 decoded_key->v3 = sk;
5090 *hs_version = HS_VERSION_THREE;
5092 err_msg = tor_strdup(
"513 Invalid key type\r\n");
5096 err_msg = tor_strdup(
"513 Invalid key type\r\n");
5108 smartlist_free(key_args);
5111 *err_msg_out = err_msg;
5115 *key_new_alg_out = key_new_alg;
5116 *key_new_blob_out = key_new_blob;
5143 if (smartlist_len(auth_args) < 1 || smartlist_len(auth_args) > 2) {
5144 *err_msg = tor_strdup(
"512 Invalid ClientAuth syntax\r\n");
5147 client->client_name = tor_strdup(smartlist_get(auth_args, 0));
5148 if (smartlist_len(auth_args) == 2) {
5149 char *decode_err_msg = NULL;
5151 client->descriptor_cookie,
5152 NULL, &decode_err_msg) < 0) {
5165 *err_msg = tor_strdup(
"512 Invalid name in ClientAuth\r\n");
5172 smartlist_free(auth_args);
5174 rend_authorized_client_free(client);
5194 const char *service_id = smartlist_get(args, 0);
5196 hs_version = HS_VERSION_TWO;
5197 }
else if (hs_address_is_valid(service_id)) {
5198 hs_version = HS_VERSION_THREE;
5219 onion_services = services[i];
5223 if (onion_services == NULL) {
5227 switch (hs_version) {
5228 case HS_VERSION_TWO:
5231 case HS_VERSION_THREE:
5232 ret = hs_service_del_ephemeral(service_id);
5243 log_warn(
LD_BUG,
"Failed to remove Onion Service %s.",
5249 char *cp = smartlist_get(onion_services, idx);
5262 smartlist_free(args);
5280 log_info(
LD_CONTROL,
"Control connection reached EOF. Closing.");
5281 connection_mark_for_close(
TO_CONN(conn));
5290 log_notice(
LD_CONTROL,
"Owning controller %s has %s -- exiting now.",
5291 owner_type, loss_manner);
5293 activate_signal(SIGTERM);
5312 }
else if (hs_address_is_valid(cp)) {
5313 hs_service_del_ephemeral(cp);
5318 } SMARTLIST_FOREACH_END(cp);
5333 if (!strcasecmp(cmd,
"PROTOCOLINFO"))
5336 if (!strcasecmp(cmd,
"AUTHCHALLENGE"))
5338 if (!strcasecmp(cmd,
"AUTHENTICATE") ||
5339 !strcasecmp(cmd,
"QUIT"))
5347 #define MAX_COMMAND_LINE_LENGTH (1024*1024) 5356 return peek_buf_has_control0_command(conn->
inbuf);
5362 return peek_buf_has_http_command(conn->
inbuf);
5365 static const char CONTROLPORT_IS_NOT_AN_HTTP_PROXY_MSG[] =
5366 "HTTP/1.0 501 Tor ControlPort is not an HTTP proxy" 5367 "\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n" 5370 "<title>Tor's ControlPort is not an HTTP proxy</title>\n" 5373 "<h1>Tor's ControlPort is not an HTTP proxy</h1>\n" 5375 "It appears you have configured your web browser to use Tor's control port" 5376 " as an HTTP proxy.\n" 5377 "This is not correct: Tor's default SOCKS proxy port is 9050.\n" 5378 "Please configure your client accordingly.\n" 5381 "See <a href=\"https://www.torproject.org/documentation.html\">" 5382 "https://www.torproject.org/documentation.html</a> for more " 5384 "<!-- Plus this comment, to make the body response more than 512 bytes, so " 5385 " IE will be willing to display it. Comment comment comment comment " 5386 " comment comment comment comment comment comment comment comment.-->\n" 5398 uint32_t cmd_data_len;
5419 strlcpy(buf+6,
"The v0 control protocol is not supported by Tor 0.1.2.17 " 5420 "and later; upgrade your controller.",
5422 body_len = 2+strlen(buf+6)+2;
5424 connection_buf_add(buf, 4+body_len,
TO_CONN(conn));
5426 connection_mark_and_flush(
TO_CONN(conn));
5432 peek_connection_has_http_command(
TO_CONN(conn))) {
5434 log_notice(
LD_CONTROL,
"Received HTTP request on ControlPort");
5435 connection_mark_and_flush(
TO_CONN(conn));
5455 connection_stop_reading(
TO_CONN(conn));
5456 connection_mark_and_flush(
TO_CONN(conn));
5495 while ((
size_t)cmd_len < data_len
5502 data_len -= (cmd_len+1);
5503 while (TOR_ISSPACE(*args)) {
5509 if (
TO_CONN(conn)->marked_for_close) {
5516 connection_mark_and_flush(
TO_CONN(conn));
5523 connection_mark_for_close(
TO_CONN(conn));
5527 if (data_len >= UINT32_MAX) {
5529 connection_mark_for_close(
TO_CONN(conn));
5536 cmd_data_len = (uint32_t)data_len;
5540 }
else if (!strcasecmp(conn->
incoming_cmd,
"RESETCONF")) {
5543 }
else if (!strcasecmp(conn->
incoming_cmd,
"GETCONF")) {
5546 }
else if (!strcasecmp(conn->
incoming_cmd,
"+LOADCONF")) {
5549 }
else if (!strcasecmp(conn->
incoming_cmd,
"SETEVENTS")) {
5552 }
else if (!strcasecmp(conn->
incoming_cmd,
"AUTHENTICATE")) {
5555 }
else if (!strcasecmp(conn->
incoming_cmd,
"SAVECONF")) {
5558 }
else if (!strcasecmp(conn->
incoming_cmd,
"SIGNAL")) {
5561 }
else if (!strcasecmp(conn->
incoming_cmd,
"TAKEOWNERSHIP")) {
5564 }
else if (!strcasecmp(conn->
incoming_cmd,
"DROPOWNERSHIP")) {
5567 }
else if (!strcasecmp(conn->
incoming_cmd,
"MAPADDRESS")) {
5570 }
else if (!strcasecmp(conn->
incoming_cmd,
"GETINFO")) {
5573 }
else if (!strcasecmp(conn->
incoming_cmd,
"EXTENDCIRCUIT")) {
5576 }
else if (!strcasecmp(conn->
incoming_cmd,
"SETCIRCUITPURPOSE")) {
5579 }
else if (!strcasecmp(conn->
incoming_cmd,
"SETROUTERPURPOSE")) {
5581 }
else if (!strcasecmp(conn->
incoming_cmd,
"ATTACHSTREAM")) {
5584 }
else if (!strcasecmp(conn->
incoming_cmd,
"+POSTDESCRIPTOR")) {
5587 }
else if (!strcasecmp(conn->
incoming_cmd,
"REDIRECTSTREAM")) {
5590 }
else if (!strcasecmp(conn->
incoming_cmd,
"CLOSESTREAM")) {
5593 }
else if (!strcasecmp(conn->
incoming_cmd,
"CLOSECIRCUIT")) {
5596 }
else if (!strcasecmp(conn->
incoming_cmd,
"USEFEATURE")) {
5599 }
else if (!strcasecmp(conn->
incoming_cmd,
"RESOLVE")) {
5602 }
else if (!strcasecmp(conn->
incoming_cmd,
"PROTOCOLINFO")) {
5605 }
else if (!strcasecmp(conn->
incoming_cmd,
"AUTHCHALLENGE")) {
5608 }
else if (!strcasecmp(conn->
incoming_cmd,
"DROPGUARDS")) {
5611 }
else if (!strcasecmp(conn->
incoming_cmd,
"HSFETCH")) {
5614 }
else if (!strcasecmp(conn->
incoming_cmd,
"+HSPOST")) {
5617 }
else if (!strcasecmp(conn->
incoming_cmd,
"ADD_ONION")) {
5619 memwipe(args, 0, cmd_data_len);
5622 }
else if (!strcasecmp(conn->
incoming_cmd,
"DEL_ONION")) {
5624 memwipe(args, 0, cmd_data_len);
5643 char reasons[64] =
"";
5651 case CIRC_EVENT_LAUNCHED: status =
"LAUNCHED";
break;
5652 case CIRC_EVENT_BUILT: status =
"BUILT";
break;
5653 case CIRC_EVENT_EXTENDED: status =
"EXTENDED";
break;
5654 case CIRC_EVENT_FAILED: status =
"FAILED";
break;
5655 case CIRC_EVENT_CLOSED: status =
"CLOSED";
break;
5657 log_warn(
LD_BUG,
"Unrecognized status code %d", (
int)tp);
5662 if (tp == CIRC_EVENT_FAILED || tp == CIRC_EVENT_CLOSED) {
5664 char unk_reason_buf[16];
5666 tor_snprintf(unk_reason_buf, 16,
"UNKNOWN_%d", reason_code);
5667 reason_str = unk_reason_buf;
5671 " REASON=DESTROYED REMOTE_REASON=%s", reason_str);
5674 " REASON=%s", reason_str);
5680 const char *sp = strlen(circdesc) ?
" " :
"";
5682 "650 CIRC %lu %s%s%s%s\r\n",
5698 int purpose,
const struct timeval *tv)
5700 const char *event_desc;
5701 char event_tail[160] =
"";
5708 case CIRC_MINOR_EVENT_PURPOSE_CHANGED:
5709 event_desc =
"PURPOSE_CHANGED";
5713 const char *hs_state_str =
5716 " OLD_PURPOSE=%s%s%s",
5718 (hs_state_str != NULL) ?
" OLD_HS_STATE=" :
"",
5719 (hs_state_str != NULL) ? hs_state_str :
"");
5723 case CIRC_MINOR_EVENT_CANNIBALIZED:
5724 event_desc =
"CANNIBALIZED";
5728 const char *hs_state_str =
5730 const struct timeval *old_timestamp_began = tv;
5731 char tbuf[ISO_TIME_USEC_LEN+1];
5735 " OLD_PURPOSE=%s%s%s OLD_TIME_CREATED=%s",
5737 (hs_state_str != NULL) ?
" OLD_HS_STATE=" :
"",
5738 (hs_state_str != NULL) ? hs_state_str :
"",
5744 log_warn(
LD_BUG,
"Unrecognized status code %d", (
int)e);
5751 const char *sp = strlen(circdesc) ?
" " :
"";
5753 "650 CIRC_MINOR %lu %s%s%s%s\r\n",
5773 CIRC_MINOR_EVENT_PURPOSE_CHANGED,
5785 const struct timeval *old_tv_created)
5788 CIRC_MINOR_EVENT_CANNIBALIZED,
5810 ENTRY_TO_EDGE_CONN(conn)) ?
".onion" :
"",
5822 char reason_buf[64];
5823 char addrport_buf[64];
5828 const char *purpose =
"";
5834 if (tp == STREAM_EVENT_CLOSED &&
5840 reason_buf[0] =
'\0';
5843 case STREAM_EVENT_SENT_CONNECT: status =
"SENTCONNECT";
break;
5844 case STREAM_EVENT_SENT_RESOLVE: status =
"SENTRESOLVE";
break;
5845 case STREAM_EVENT_SUCCEEDED: status =
"SUCCEEDED";
break;
5846 case STREAM_EVENT_FAILED: status =
"FAILED";
break;
5847 case STREAM_EVENT_CLOSED: status =
"CLOSED";
break;
5848 case STREAM_EVENT_NEW: status =
"NEW";
break;
5849 case STREAM_EVENT_NEW_RESOLVE: status =
"NEWRESOLVE";
break;
5850 case STREAM_EVENT_FAILED_RETRIABLE: status =
"DETACHED";
break;
5851 case STREAM_EVENT_REMAP: status =
"REMAP";
break;
5853 log_warn(
LD_BUG,
"Unrecognized status code %d", (
int)tp);
5856 if (reason_code && (tp == STREAM_EVENT_FAILED ||
5857 tp == STREAM_EVENT_CLOSED ||
5858 tp == STREAM_EVENT_FAILED_RETRIABLE)) {
5867 " REASON=END REMOTE_REASON=%s", reason_str);
5870 " REASON=%s", reason_str);
5872 }
else if (reason_code && tp == STREAM_EVENT_REMAP) {
5873 switch (reason_code) {
5875 strlcpy(reason_buf,
" SOURCE=CACHE",
sizeof(reason_buf));
5878 strlcpy(reason_buf,
" SOURCE=EXIT",
sizeof(reason_buf));
5881 tor_snprintf(reason_buf,
sizeof(reason_buf),
" REASON=UNKNOWN_%d",
5888 if (tp == STREAM_EVENT_NEW || tp == STREAM_EVENT_NEW_RESOLVE) {
5894 if (strcmp(
ENTRY_TO_CONN(conn)->address,
"(Tor_internal)") != 0) {
5895 tor_snprintf(addrport_buf,
sizeof(addrport_buf),
" SOURCE_ADDR=%s:%d",
5902 addrport_buf[0] =
'\0';
5905 addrport_buf[0] =
'\0';
5908 if (tp == STREAM_EVENT_NEW_RESOLVE) {
5909 purpose =
" PURPOSE=DNS_REQUEST";
5910 }
else if (tp == STREAM_EVENT_NEW) {
5913 int linked_dir_purpose = -1;
5915 linked_dir_purpose = linked->
purpose;
5917 purpose =
" PURPOSE=DIR_UPLOAD";
5919 purpose =
" PURPOSE=DIR_FETCH";
5921 purpose =
" PURPOSE=USER";
5928 "650 STREAM %"PRIu64
" %s %lu %s%s%s%s\r\n",
5933 buf, reason_buf, addrport_buf, purpose);
5972 char ncircs_buf[32] = {0};
5979 case OR_CONN_EVENT_LAUNCHED: status =
"LAUNCHED";
break;
5980 case OR_CONN_EVENT_CONNECTED: status =
"CONNECTED";
break;
5981 case OR_CONN_EVENT_FAILED: status =
"FAILED";
break;
5982 case OR_CONN_EVENT_CLOSED: status =
"CLOSED";
break;
5983 case OR_CONN_EVENT_NEW: status =
"NEW";
break;
5985 log_warn(
LD_BUG,
"Unrecognized status code %d", (
int)tp);
5993 ncircs += connection_or_get_num_circuits(conn);
5994 if (ncircs && (tp == OR_CONN_EVENT_FAILED || tp == OR_CONN_EVENT_CLOSED)) {
5995 tor_snprintf(ncircs_buf,
sizeof(ncircs_buf),
" NCIRCS=%d", ncircs);
6000 "650 ORCONN %s %s%s%s%s ID=%"PRIu64
"\r\n",
6002 reason ?
" REASON=" :
"",
6017 char tbuf[ISO_TIME_USEC_LEN+1];
6022 tor_gettimeofday(&now);
6025 "650 STREAM_BW %"PRIu64
" %lu %lu %s\r\n",
6027 (
unsigned long)edge_conn->
n_read,
6046 char tbuf[ISO_TIME_USEC_LEN+1];
6056 tor_gettimeofday(&now);
6059 "650 STREAM_BW %"PRIu64
" %lu %lu %s\r\n",
6061 (
unsigned long)edge_conn->
n_read,
6067 SMARTLIST_FOREACH_END(conn);
6087 SMARTLIST_FOREACH_END(circ);
6104 char tbuf[ISO_TIME_USEC_LEN+1];
6120 tor_gettimeofday(&now);
6123 "650 CIRC_BW ID=%d READ=%lu WRITTEN=%lu TIME=%s " 6124 "DELIVERED_READ=%lu OVERHEAD_READ=%lu " 6125 "DELIVERED_WRITTEN=%lu OVERHEAD_WRITTEN=%lu\r\n",
6146 const char *conn_type_str;
6147 if (!get_options()->TestingEnableConnBwEvent ||
6152 switch (conn->
type) {
6154 conn_type_str =
"OR";
6157 conn_type_str =
"DIR";
6160 conn_type_str =
"EXIT";
6166 "650 CONN_BW ID=%"PRIu64
" TYPE=%s " 6167 "READ=%lu WRITTEN=%lu\r\n",
6181 if (get_options()->TestingEnableConnBwEvent &&
6196 memset(cell_stats, 0,
sizeof(cell_stats_t));
6199 tor_assert(ent->command <= CELL_COMMAND_MAX_);
6200 if (!ent->removed && !ent->exitward) {
6201 cell_stats->added_cells_appward[ent->command] += 1;
6202 }
else if (!ent->removed && ent->exitward) {
6203 cell_stats->added_cells_exitward[ent->command] += 1;
6204 }
else if (!ent->exitward) {
6205 cell_stats->removed_cells_appward[ent->command] += 1;
6206 cell_stats->total_time_appward[ent->command] += ent->waiting_time * 10;
6208 cell_stats->removed_cells_exitward[ent->command] += 1;
6209 cell_stats->total_time_exitward[ent->command] += ent->waiting_time * 10;
6211 } SMARTLIST_FOREACH_END(ent);
6226 const uint64_t *include_if_non_zero,
6227 const uint64_t *number_to_include)
6231 for (i = 0; i <= CELL_COMMAND_MAX_; i++) {
6232 if (include_if_non_zero[i] > 0) {
6235 (number_to_include[i]));
6238 if (smartlist_len(key_value_strings) > 0) {
6244 smartlist_free(key_value_strings);
6251 cell_stats_t *cell_stats)
6265 cell_stats->added_cells_appward,
6266 cell_stats->added_cells_appward);
6268 cell_stats->removed_cells_appward,
6269 cell_stats->removed_cells_appward);
6271 cell_stats->removed_cells_appward,
6272 cell_stats->total_time_appward);
6280 cell_stats->added_cells_exitward,
6281 cell_stats->added_cells_exitward);
6283 cell_stats->removed_cells_exitward,
6284 cell_stats->removed_cells_exitward);
6286 cell_stats->removed_cells_exitward,
6287 cell_stats->total_time_exitward);
6291 smartlist_free(event_parts);
6299 cell_stats_t *cell_stats;
6301 if (!get_options()->TestingEnableCellStatsEvent ||
6304 cell_stats = tor_malloc(
sizeof(cell_stats_t));
6306 if (!circ->testing_cell_stats)
6311 "650 CELL_STATS %s\r\n", event_string);
6314 SMARTLIST_FOREACH_END(circ);
6320 #define N_BW_EVENTS_TO_CACHE 300 6322 static int next_measurement_idx = 0;
6324 static int n_measurements = 0;
6328 } cached_bw_events[N_BW_EVENTS_TO_CACHE];
6335 cached_bw_events[next_measurement_idx].n_read = n_read;
6336 cached_bw_events[next_measurement_idx].n_written = n_written;
6337 if (++next_measurement_idx == N_BW_EVENTS_TO_CACHE)
6338 next_measurement_idx = 0;
6339 if (n_measurements < N_BW_EVENTS_TO_CACHE)
6344 "650 BW %lu %lu\r\n",
6345 (
unsigned long)n_read,
6346 (
unsigned long)n_written);
6353 get_bw_samples(
void)
6356 int idx = (next_measurement_idx + N_BW_EVENTS_TO_CACHE - n_measurements)
6357 % N_BW_EVENTS_TO_CACHE;
6358 tor_assert(0 <= idx && idx < N_BW_EVENTS_TO_CACHE);
6362 for (i = 0; i < n_measurements; ++i) {
6363 tor_assert(0 <= idx && idx < N_BW_EVENTS_TO_CACHE);
6367 (
unsigned)bwe->n_read,
6368 (
unsigned)bwe->n_written);
6370 idx = (idx + 1) % N_BW_EVENTS_TO_CACHE;
6376 smartlist_free(elements);
6426 if (strchr(msg,
'\n')) {
6428 b = tor_strdup(msg);
6429 for (cp = b; *cp; ++cp)
6430 if (*cp ==
'\r' || *cp ==
'\n')
6438 case LOG_ERR: s =
"ERR";
break;
6439 default: s =
"UnknownLogSeverity";
break;
6491 send_control_event_string(EVENT_NEW_DESC, msg);
6495 smartlist_free(names);
6507 const char *error,
const int cached)
6512 if (expires < 3 || expires == TIME_MAX)
6514 "650 ADDRMAP %s %s NEVER %s%s" 6515 "CACHED=\"%s\"\r\n",
6516 from, to, error?error:
"", error?
" ":
"",
6519 char buf[ISO_TIME_LEN+1];
6520 char buf2[ISO_TIME_LEN+1];