Tor  0.4.7.0-alpha-dev
reasons.c
Go to the documentation of this file.
1 /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
2  * Copyright (c) 2007-2021, The Tor Project, Inc. */
3 /* See LICENSE for licensing information */
4 
5 /**
6  * \file reasons.c
7  * \brief Convert circuit, stream, and orconn error reasons to and/or from
8  * strings and errno values.
9  *
10  * This module is just a bunch of functions full of case statements that
11  * convert from one representation of our error codes to another. These are
12  * mainly used in generating log messages, in sending messages to the
13  * controller in control.c, and in converting errors from one protocol layer
14  * to another.
15  **/
16 
17 #include "core/or/or.h"
18 #include "app/config/config.h"
19 #include "core/or/reasons.h"
21 #include "lib/tls/tortls.h"
22 
23 /***************************** Edge (stream) reasons **********************/
24 
25 /** Convert the reason for ending a stream <b>reason</b> into the format used
26  * in STREAM events. Return NULL if the reason is unrecognized. */
27 const char *
29 {
30  reason &= END_STREAM_REASON_MASK;
31  switch (reason) {
32  case END_STREAM_REASON_MISC: return "MISC";
33  case END_STREAM_REASON_RESOLVEFAILED: return "RESOLVEFAILED";
34  case END_STREAM_REASON_CONNECTREFUSED: return "CONNECTREFUSED";
35  case END_STREAM_REASON_EXITPOLICY: return "EXITPOLICY";
36  case END_STREAM_REASON_DESTROY: return "DESTROY";
37  case END_STREAM_REASON_DONE: return "DONE";
38  case END_STREAM_REASON_TIMEOUT: return "TIMEOUT";
39  case END_STREAM_REASON_NOROUTE: return "NOROUTE";
40  case END_STREAM_REASON_HIBERNATING: return "HIBERNATING";
41  case END_STREAM_REASON_INTERNAL: return "INTERNAL";
42  case END_STREAM_REASON_RESOURCELIMIT: return "RESOURCELIMIT";
43  case END_STREAM_REASON_CONNRESET: return "CONNRESET";
44  case END_STREAM_REASON_TORPROTOCOL: return "TORPROTOCOL";
45  case END_STREAM_REASON_NOTDIRECTORY: return "NOTDIRECTORY";
46 
47  case END_STREAM_REASON_CANT_ATTACH: return "CANT_ATTACH";
48  case END_STREAM_REASON_NET_UNREACHABLE: return "NET_UNREACHABLE";
49  case END_STREAM_REASON_SOCKSPROTOCOL: return "SOCKS_PROTOCOL";
50  // XXXX Controlspec
51  case END_STREAM_REASON_HTTPPROTOCOL: return "HTTP_PROTOCOL";
52 
53  case END_STREAM_REASON_PRIVATE_ADDR: return "PRIVATE_ADDR";
54 
55  default: return NULL;
56  }
57 }
58 
59 /** Translate <b>reason</b>, which came from a relay 'end' cell,
60  * into a static const string describing why the stream is closing.
61  * <b>reason</b> is -1 if no reason was provided.
62  */
63 const char *
65 {
66  switch (reason) {
67  case -1:
68  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
69  "End cell arrived with length 0. Should be at least 1.");
70  return "MALFORMED";
71  case END_STREAM_REASON_MISC: return "misc error";
72  case END_STREAM_REASON_RESOLVEFAILED: return "resolve failed";
73  case END_STREAM_REASON_CONNECTREFUSED: return "connection refused";
74  case END_STREAM_REASON_EXITPOLICY: return "exit policy failed";
75  case END_STREAM_REASON_DESTROY: return "destroyed";
76  case END_STREAM_REASON_DONE: return "closed normally";
77  case END_STREAM_REASON_TIMEOUT: return "gave up (timeout)";
78  case END_STREAM_REASON_NOROUTE: return "no route to host";
79  case END_STREAM_REASON_HIBERNATING: return "server is hibernating";
80  case END_STREAM_REASON_INTERNAL: return "internal error at server";
81  case END_STREAM_REASON_RESOURCELIMIT: return "server out of resources";
82  case END_STREAM_REASON_CONNRESET: return "connection reset";
83  case END_STREAM_REASON_TORPROTOCOL: return "Tor protocol error";
84  case END_STREAM_REASON_NOTDIRECTORY: return "not a directory";
85  default:
86  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
87  "Reason for ending (%d) not recognized.",reason);
88  return "unknown";
89  }
90 }
91 
92 /** Translate <b>reason</b> (as from a relay 'end' cell) into an
93  * appropriate SOCKS5 reply code.
94  *
95  * A reason of 0 means that we're not actually expecting to send
96  * this code back to the socks client; we just call it 'succeeded'
97  * to keep things simple.
98  */
101 {
102  switch (reason & END_STREAM_REASON_MASK) {
103  case 0:
104  return SOCKS5_SUCCEEDED;
105  case END_STREAM_REASON_MISC:
106  return SOCKS5_GENERAL_ERROR;
107  case END_STREAM_REASON_RESOLVEFAILED:
108  return SOCKS5_HOST_UNREACHABLE;
109  case END_STREAM_REASON_CONNECTREFUSED:
110  return SOCKS5_CONNECTION_REFUSED;
111  case END_STREAM_REASON_ENTRYPOLICY:
112  return SOCKS5_NOT_ALLOWED;
113  case END_STREAM_REASON_EXITPOLICY:
114  return SOCKS5_NOT_ALLOWED;
115  case END_STREAM_REASON_DESTROY:
116  return SOCKS5_GENERAL_ERROR;
117  case END_STREAM_REASON_DONE:
118  /* Note that 'DONE' usually indicates a successful close from the other
119  * side of the stream... but if we receive it before a connected cell --
120  * that is, before we have sent a SOCKS reply -- that means that the
121  * other side of the circuit closed the connection before telling us it
122  * was complete. */
123  return SOCKS5_CONNECTION_REFUSED;
124  case END_STREAM_REASON_TIMEOUT:
125  return SOCKS5_TTL_EXPIRED;
126  case END_STREAM_REASON_NOROUTE:
127  return SOCKS5_HOST_UNREACHABLE;
128  case END_STREAM_REASON_RESOURCELIMIT:
129  return SOCKS5_GENERAL_ERROR;
130  case END_STREAM_REASON_HIBERNATING:
131  return SOCKS5_GENERAL_ERROR;
132  case END_STREAM_REASON_INTERNAL:
133  return SOCKS5_GENERAL_ERROR;
134  case END_STREAM_REASON_CONNRESET:
135  return SOCKS5_CONNECTION_REFUSED;
136  case END_STREAM_REASON_TORPROTOCOL:
137  return SOCKS5_GENERAL_ERROR;
138 
140  return SOCKS5_GENERAL_ERROR;
142  return SOCKS5_NET_UNREACHABLE;
144  return SOCKS5_GENERAL_ERROR;
146  // LCOV_EXCL_START
148  return SOCKS5_GENERAL_ERROR;
149  // LCOV_EXCL_STOP
151  return SOCKS5_GENERAL_ERROR;
152 
153  default:
154  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
155  "Reason for ending (%d) not recognized; "
156  "sending generic socks error.", reason);
157  return SOCKS5_GENERAL_ERROR;
158  }
159 }
160 
161 /* We need to use a few macros to deal with the fact that Windows
162  * decided that their sockets interface should be a permakludge.
163  * E_CASE is for errors where windows has both a EFOO and a WSAEFOO
164  * version, and S_CASE is for errors where windows has only a WSAEFOO
165  * version. (The E is for 'error', the S is for 'socket'). */
166 #ifdef _WIN32
167 #define E_CASE(s) case s: case WSA ## s
168 #define S_CASE(s) case WSA ## s
169 #else
170 #define E_CASE(s) case s
171 #define S_CASE(s) case s
172 #endif /* defined(_WIN32) */
173 
174 /** Given an errno from a failed exit connection, return a reason code
175  * appropriate for use in a RELAY END cell. */
176 uint8_t
178 {
179  /* To add new errors here, find out if they exist on Windows, and if a WSA*
180  * equivalent exists on windows. Add a case, an S_CASE, or an E_CASE as
181  * appropriate. */
182  switch (e) {
183  case EPIPE:
184  return END_STREAM_REASON_DONE;
185  E_CASE(EBADF):
186  E_CASE(EFAULT):
187  E_CASE(EINVAL):
188  S_CASE(EISCONN):
189  S_CASE(ENOTSOCK):
190  S_CASE(EPROTONOSUPPORT):
191  S_CASE(EAFNOSUPPORT):
192  S_CASE(ENOTCONN):
193  return END_STREAM_REASON_INTERNAL;
194  S_CASE(ENETUNREACH):
195  S_CASE(EHOSTUNREACH):
196  E_CASE(EACCES):
197  case EPERM:
198  return END_STREAM_REASON_NOROUTE;
199  S_CASE(ECONNREFUSED):
200  return END_STREAM_REASON_CONNECTREFUSED;
201  S_CASE(ECONNRESET):
202  return END_STREAM_REASON_CONNRESET;
203  S_CASE(ETIMEDOUT):
204  return END_STREAM_REASON_TIMEOUT;
205  S_CASE(ENOBUFS):
206  case ENOMEM:
207  case ENFILE:
208  S_CASE(EADDRINUSE):
209  S_CASE(EADDRNOTAVAIL):
210  E_CASE(EMFILE):
211  return END_STREAM_REASON_RESOURCELIMIT;
212  default:
213  log_info(LD_EXIT, "Didn't recognize errno %d (%s); telling the client "
214  "that we are ending a stream for 'misc' reason.",
215  e, tor_socket_strerror(e));
216  return END_STREAM_REASON_MISC;
217  }
218 }
219 
220 /***************************** ORConn reasons *****************************/
221 
222 /** Convert the reason for ending an OR connection <b>r</b> into the format
223  * used in ORCONN events. Return "UNKNOWN" if the reason is unrecognized. */
224 const char *
226 {
227  /* To add new errors here, find out if they exist on Windows, and if a WSA*
228  * equivalent exists on windows. Add a case, an S_CASE, or an E_CASE as
229  * appropriate. */
230  switch (r) {
231  case END_OR_CONN_REASON_DONE:
232  return "DONE";
233  case END_OR_CONN_REASON_REFUSED:
234  return "CONNECTREFUSED";
235  case END_OR_CONN_REASON_OR_IDENTITY:
236  return "IDENTITY";
237  case END_OR_CONN_REASON_CONNRESET:
238  return "CONNECTRESET";
239  case END_OR_CONN_REASON_TIMEOUT:
240  return "TIMEOUT";
241  case END_OR_CONN_REASON_NO_ROUTE:
242  return "NOROUTE";
243  case END_OR_CONN_REASON_IO_ERROR:
244  return "IOERROR";
245  case END_OR_CONN_REASON_RESOURCE_LIMIT:
246  return "RESOURCELIMIT";
247  case END_OR_CONN_REASON_TLS_ERROR:
248  return "TLS_ERROR";
249  case END_OR_CONN_REASON_MISC:
250  return "MISC";
251  case END_OR_CONN_REASON_PT_MISSING:
252  return "PT_MISSING";
253  case 0:
254  return "";
255  default:
256  log_warn(LD_BUG, "Unrecognized or_conn reason code %d", r);
257  return "UNKNOWN";
258  }
259 }
260 
261 /** Convert a TOR_TLS_* error code into an END_OR_CONN_* reason. */
262 int
264 {
265  switch (e) {
266  case TOR_TLS_ERROR_IO:
267  return END_OR_CONN_REASON_IO_ERROR;
268  case TOR_TLS_ERROR_CONNREFUSED:
269  return END_OR_CONN_REASON_REFUSED;
270  case TOR_TLS_ERROR_CONNRESET:
271  return END_OR_CONN_REASON_CONNRESET;
272  case TOR_TLS_ERROR_NO_ROUTE:
273  return END_OR_CONN_REASON_NO_ROUTE;
274  case TOR_TLS_ERROR_TIMEOUT:
275  return END_OR_CONN_REASON_TIMEOUT;
276  case TOR_TLS_WANTREAD:
277  case TOR_TLS_WANTWRITE:
278  case TOR_TLS_CLOSE:
279  case TOR_TLS_DONE:
280  return END_OR_CONN_REASON_DONE;
281  case TOR_TLS_ERROR_MISC:
282  return END_OR_CONN_REASON_TLS_ERROR;
283  default:
284  return END_OR_CONN_REASON_MISC;
285  }
286 }
287 
288 /** Given an errno from a failed ORConn connection, return a reason code
289  * appropriate for use in the controller orconn events. */
290 int
292 {
293  switch (e) {
294  case EPIPE:
295  return END_OR_CONN_REASON_DONE;
296  S_CASE(ENOTCONN):
297  S_CASE(ENETUNREACH):
298  S_CASE(ENETDOWN):
299  S_CASE(EHOSTUNREACH):
300  return END_OR_CONN_REASON_NO_ROUTE;
301  S_CASE(ECONNREFUSED):
302  return END_OR_CONN_REASON_REFUSED;
303  S_CASE(ECONNRESET):
304  return END_OR_CONN_REASON_CONNRESET;
305  S_CASE(ETIMEDOUT):
306  return END_OR_CONN_REASON_TIMEOUT;
307  S_CASE(ENOBUFS):
308  case ENOMEM:
309  case ENFILE:
310  E_CASE(EMFILE):
311  E_CASE(EACCES):
312  E_CASE(EBADF):
313  E_CASE(EFAULT):
314  E_CASE(EINVAL):
315  return END_OR_CONN_REASON_RESOURCE_LIMIT;
316  default:
317  log_info(LD_OR, "Didn't recognize errno %d (%s).",
318  e, tor_socket_strerror(e));
319  return END_OR_CONN_REASON_MISC;
320  }
321 }
322 
323 /***************************** Circuit reasons *****************************/
324 
325 /** Convert a numeric reason for destroying a circuit into a string for a
326  * CIRCUIT event. */
327 const char *
329 {
330  int is_remote = 0;
331 
332  if (reason >= 0 && reason & END_CIRC_REASON_FLAG_REMOTE) {
333  reason &= ~END_CIRC_REASON_FLAG_REMOTE;
334  is_remote = 1;
335  }
336 
337  switch (reason) {
338  case END_CIRC_AT_ORIGIN:
339  /* This shouldn't get passed here; it's a catch-all reason. */
340  return "ORIGIN";
341  case END_CIRC_REASON_NONE:
342  /* This shouldn't get passed here; it's a catch-all reason. */
343  return "NONE";
344  case END_CIRC_REASON_TORPROTOCOL:
345  return "TORPROTOCOL";
346  case END_CIRC_REASON_INTERNAL:
347  return "INTERNAL";
348  case END_CIRC_REASON_REQUESTED:
349  return "REQUESTED";
350  case END_CIRC_REASON_HIBERNATING:
351  return "HIBERNATING";
352  case END_CIRC_REASON_RESOURCELIMIT:
353  return "RESOURCELIMIT";
354  case END_CIRC_REASON_CONNECTFAILED:
355  return "CONNECTFAILED";
356  case END_CIRC_REASON_OR_IDENTITY:
357  return "OR_IDENTITY";
358  case END_CIRC_REASON_CHANNEL_CLOSED:
359  return "CHANNEL_CLOSED";
360  case END_CIRC_REASON_FINISHED:
361  return "FINISHED";
362  case END_CIRC_REASON_TIMEOUT:
363  return "TIMEOUT";
364  case END_CIRC_REASON_DESTROYED:
365  return "DESTROYED";
367  return "NOPATH";
368  case END_CIRC_REASON_NOSUCHSERVICE:
369  return "NOSUCHSERVICE";
371  return "MEASUREMENT_EXPIRED";
372  case END_CIRC_REASON_IP_NOW_REDUNDANT:
373  return "IP_NOW_REDUNDANT";
374  default:
375  if (is_remote) {
376  /*
377  * If it's remote, it's not a bug *here*, so don't use LD_BUG, but
378  * do note that the someone we're talking to is speaking the Tor
379  * protocol with a weird accent.
380  */
381  log_warn(LD_PROTOCOL,
382  "Remote server sent bogus reason code %d", reason);
383  } else {
384  log_warn(LD_BUG,
385  "Unrecognized reason code %d", reason);
386  }
387  return NULL;
388  }
389 }
390 
391 /** Return a string corresponding to a SOCKS4 response code. */
392 const char *
394 {
395  switch (code) {
396  case 0x5a:
397  return "connection accepted";
398  case 0x5b:
399  return "server rejected connection";
400  case 0x5c:
401  return "server cannot connect to identd on this client";
402  case 0x5d:
403  return "user id does not match identd";
404  default:
405  return "invalid SOCKS 4 response code";
406  }
407 }
408 
409 /** Return a string corresponding to a SOCKS5 response code. */
410 const char *
412 {
413  switch (code) {
414  case 0x00:
415  return "connection accepted";
416  case 0x01:
417  return "general SOCKS server failure";
418  case 0x02:
419  return "connection not allowed by ruleset";
420  case 0x03:
421  return "Network unreachable";
422  case 0x04:
423  return "Host unreachable";
424  case 0x05:
425  return "Connection refused";
426  case 0x06:
427  return "TTL expired";
428  case 0x07:
429  return "Command not supported";
430  case 0x08:
431  return "Address type not supported";
432  default:
433  return "unknown reason";
434  }
435 }
436 
437 /** Return a string corresponding to a bandwidth_weight_rule_t */
438 const char *
440 {
441  switch (rule)
442  {
443  case NO_WEIGHTING:
444  return "no weighting";
445  case WEIGHT_FOR_EXIT:
446  return "weight as exit";
447  case WEIGHT_FOR_MID:
448  return "weight as middle node";
449  case WEIGHT_FOR_GUARD:
450  return "weight as guard";
451  case WEIGHT_FOR_DIR:
452  return "weight as directory";
453  default:
454  return "unknown rule";
455  }
456 }
457 
458 /** Given a RELAY_END reason value, convert it to an HTTP response to be
459  * send over an HTTP tunnel connection. */
460 const char *
462 {
463  endreason &= END_STREAM_REASON_MASK;
464  /* XXXX these are probably all wrong. Should they all be 502? */
465  switch (endreason) {
466  case 0:
467  return "HTTP/1.0 200 OK\r\n\r\n";
468  case END_STREAM_REASON_MISC:
469  return "HTTP/1.0 500 Internal Server Error\r\n\r\n";
470  case END_STREAM_REASON_RESOLVEFAILED:
471  return "HTTP/1.0 404 Not Found (resolve failed)\r\n\r\n";
472  case END_STREAM_REASON_NOROUTE:
473  return "HTTP/1.0 404 Not Found (no route)\r\n\r\n";
474  case END_STREAM_REASON_CONNECTREFUSED:
475  return "HTTP/1.0 403 Forbidden (connection refused)\r\n\r\n";
476  case END_STREAM_REASON_EXITPOLICY:
477  return "HTTP/1.0 403 Forbidden (exit policy)\r\n\r\n";
478  case END_STREAM_REASON_DESTROY:
479  return "HTTP/1.0 502 Bad Gateway (destroy cell received)\r\n\r\n";
480  case END_STREAM_REASON_DONE:
481  return "HTTP/1.0 502 Bad Gateway (unexpected close)\r\n\r\n";
482  case END_STREAM_REASON_TIMEOUT:
483  return "HTTP/1.0 504 Gateway Timeout\r\n\r\n";
484  case END_STREAM_REASON_HIBERNATING:
485  return "HTTP/1.0 502 Bad Gateway (hibernating server)\r\n\r\n";
486  case END_STREAM_REASON_INTERNAL:
487  return "HTTP/1.0 502 Bad Gateway (internal error)\r\n\r\n";
488  case END_STREAM_REASON_RESOURCELIMIT:
489  return "HTTP/1.0 502 Bad Gateway (resource limit)\r\n\r\n";
490  case END_STREAM_REASON_CONNRESET:
491  return "HTTP/1.0 403 Forbidden (connection reset)\r\n\r\n";
492  case END_STREAM_REASON_TORPROTOCOL:
493  return "HTTP/1.0 502 Bad Gateway (tor protocol violation)\r\n\r\n";
494  case END_STREAM_REASON_ENTRYPOLICY:
495  return "HTTP/1.0 403 Forbidden (entry policy violation)\r\n\r\n";
496  case END_STREAM_REASON_NOTDIRECTORY: FALLTHROUGH;
497  default:
499  return "HTTP/1.0 500 Internal Server Error (weird end reason)\r\n\r\n";
500  }
501 }
Header file for config.c.
#define log_fn(severity, domain, args,...)
Definition: log.h:283
#define LD_PROTOCOL
Definition: log.h:72
#define LD_OR
Definition: log.h:92
#define LD_BUG
Definition: log.h:86
Header file for node_select.c.
bandwidth_weight_rule_t
Definition: node_select.h:41
Master header file for Tor-specific functionality.
#define END_STREAM_REASON_SOCKSPROTOCOL
Definition: or.h:257
#define END_STREAM_REASON_HTTPPROTOCOL
Definition: or.h:270
#define END_STREAM_REASON_CANT_ATTACH
Definition: or.h:251
#define END_STREAM_REASON_PRIVATE_ADDR
Definition: or.h:266
#define END_CIRC_REASON_NOPATH
Definition: or.h:304
#define END_CIRC_REASON_MEASUREMENT_EXPIRED
Definition: or.h:301
#define END_CIRC_REASON_FLAG_REMOTE
Definition: or.h:329
#define END_STREAM_REASON_MASK
Definition: or.h:273
#define END_CIRC_AT_ORIGIN
Definition: or.h:306
#define END_STREAM_REASON_NET_UNREACHABLE
Definition: or.h:254
int tls_error_to_orconn_end_reason(int e)
Definition: reasons.c:263
const char * stream_end_reason_to_control_string(int reason)
Definition: reasons.c:28
int errno_to_orconn_end_reason(int e)
Definition: reasons.c:291
const char * bandwidth_weight_rule_to_string(bandwidth_weight_rule_t rule)
Definition: reasons.c:439
const char * stream_end_reason_to_string(int reason)
Definition: reasons.c:64
socks5_reply_status_t stream_end_reason_to_socks5_response(int reason)
Definition: reasons.c:100
const char * orconn_end_reason_to_control_string(int r)
Definition: reasons.c:225
const char * end_reason_to_http_connect_response_line(int endreason)
Definition: reasons.c:461
uint8_t errno_to_stream_end_reason(int e)
Definition: reasons.c:177
const char * circuit_end_reason_to_control_string(int reason)
Definition: reasons.c:328
const char * socks4_response_code_to_string(uint8_t code)
Definition: reasons.c:393
const char * socks5_response_code_to_string(uint8_t code)
Definition: reasons.c:411
Header file for reasons.c.
socks5_reply_status_t
Definition: socks5_status.h:20
Headers for tortls.c.
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:176