tor  0.4.1.0-alpha-dev
relay.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
48 #define RELAY_PRIVATE
49 #include "core/or/or.h"
50 #include "feature/client/addressmap.h"
51 #include "lib/err/backtrace.h"
52 #include "lib/buf/buffers.h"
53 #include "core/or/channel.h"
54 #include "feature/client/circpathbias.h"
55 #include "core/or/circuitbuild.h"
56 #include "core/or/circuitlist.h"
57 #include "core/or/circuituse.h"
58 #include "core/or/circuitpadding.h"
59 #include "lib/compress/compress.h"
60 #include "app/config/config.h"
63 #include "core/or/connection_or.h"
68 #include "feature/relay/dns.h"
70 #include "feature/hs/hs_cache.h"
71 #include "core/mainloop/mainloop.h"
74 #include "core/or/onion.h"
75 #include "core/or/policies.h"
76 #include "core/or/reasons.h"
77 #include "core/or/relay.h"
78 #include "core/crypto/relay_crypto.h"
79 #include "feature/rend/rendcache.h"
83 #include "core/or/scheduler.h"
84 
85 #include "core/or/cell_st.h"
86 #include "core/or/cell_queue_st.h"
87 #include "core/or/cpath_build_state_st.h"
88 #include "feature/dircommon/dir_connection_st.h"
89 #include "core/or/destroy_cell_queue_st.h"
90 #include "core/or/entry_connection_st.h"
91 #include "core/or/extend_info_st.h"
92 #include "core/or/or_circuit_st.h"
93 #include "core/or/origin_circuit_st.h"
94 #include "feature/nodelist/routerinfo_st.h"
95 #include "core/or/socks_request_st.h"
96 
98  cell_direction_t cell_direction,
99  crypt_path_t *layer_hint);
100 
102  crypt_path_t *layer_hint);
103 static void circuit_resume_edge_reading(circuit_t *circ,
104  crypt_path_t *layer_hint);
106  circuit_t *circ,
107  crypt_path_t *layer_hint);
109  crypt_path_t *layer_hint);
112  entry_connection_t *conn,
113  node_t *node,
114  const tor_addr_t *addr);
115 
118 #define CELL_QUEUE_HIGHWATER_SIZE 256
119 
121 #define CELL_QUEUE_LOWWATER_SIZE 64
122 
134 
145 static void
147 {
148  if (CIRCUIT_IS_ORIGIN(circ)) {
149  /*
150  * The client state was first set much earlier in
151  * circuit_send_next_onion_skin(), so we can start padding as early as
152  * possible.
153  *
154  * However, if padding turns out to be expensive, we may want to not do
155  * it until actual application traffic starts flowing (which is controlled
156  * via consensus param nf_pad_before_usage).
157  *
158  * So: If we're an origin circuit and we've created a full length circuit,
159  * then any CELL_RELAY cell means application data. Increase the usage
160  * state of the channel to indicate this.
161  *
162  * We want to wait for CELL_RELAY specifically here, so we know that
163  * the channel was definitely being used for data and not for extends.
164  * By default, we pad as soon as a channel has been used for *any*
165  * circuits, so this state is irrelevant to the padding decision in
166  * the default case. However, if padding turns out to be expensive,
167  * we would like the ability to avoid padding until we're absolutely
168  * sure that a channel is used for enough application data to be worth
169  * padding.
170  *
171  * (So it does not matter that CELL_RELAY_EARLY can actually contain
172  * application data. This is only a load reducing option and that edge
173  * case does not matter if we're desperately trying to reduce overhead
174  * anyway. See also consensus parameter nf_pad_before_usage).
175  */
176  if (BUG(!circ->n_chan))
177  return;
178 
179  if (circ->n_chan->channel_usage == CHANNEL_USED_FOR_FULL_CIRCS &&
180  cell->command == CELL_RELAY) {
181  circ->n_chan->channel_usage = CHANNEL_USED_FOR_USER_TRAFFIC;
182  }
183  } else {
184  /* If we're a relay circuit, the question is more complicated. Basically:
185  * we only want to pad connections that carry multihop (anonymous)
186  * circuits.
187  *
188  * We assume we're more than one hop if either the previous hop
189  * is not a client, or if the previous hop is a client and there's
190  * a next hop. Then, circuit traffic starts at RELAY_EARLY, and
191  * user application traffic starts when we see RELAY cells.
192  */
193  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
194 
195  if (BUG(!or_circ->p_chan))
196  return;
197 
198  if (!channel_is_client(or_circ->p_chan) ||
199  (channel_is_client(or_circ->p_chan) && circ->n_chan)) {
200  if (cell->command == CELL_RELAY_EARLY) {
201  if (or_circ->p_chan->channel_usage < CHANNEL_USED_FOR_FULL_CIRCS) {
202  or_circ->p_chan->channel_usage = CHANNEL_USED_FOR_FULL_CIRCS;
203  }
204  } else if (cell->command == CELL_RELAY) {
205  or_circ->p_chan->channel_usage = CHANNEL_USED_FOR_USER_TRAFFIC;
206  }
207  }
208  }
209 }
210 
223 int
225  cell_direction_t cell_direction)
226 {
227  channel_t *chan = NULL;
228  crypt_path_t *layer_hint=NULL;
229  char recognized=0;
230  int reason;
231 
232  tor_assert(cell);
233  tor_assert(circ);
234  tor_assert(cell_direction == CELL_DIRECTION_OUT ||
235  cell_direction == CELL_DIRECTION_IN);
236  if (circ->marked_for_close)
237  return 0;
238 
239  if (relay_decrypt_cell(circ, cell, cell_direction, &layer_hint, &recognized)
240  < 0) {
241  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
242  "relay crypt failed. Dropping connection.");
243  return -END_CIRC_REASON_INTERNAL;
244  }
245 
246  circuit_update_channel_usage(circ, cell);
247 
248  if (recognized) {
249  edge_connection_t *conn = NULL;
250 
252  if (pathbias_check_probe_response(circ, cell) == -1) {
253  pathbias_count_valid_cells(circ, cell);
254  }
255 
256  /* We need to drop this cell no matter what to avoid code that expects
257  * a certain purpose (such as the hidserv code). */
258  return 0;
259  }
260 
261  conn = relay_lookup_conn(circ, cell, cell_direction, layer_hint);
262  if (cell_direction == CELL_DIRECTION_OUT) {
264  log_debug(LD_OR,"Sending away from origin.");
265  if ((reason=connection_edge_process_relay_cell(cell, circ, conn, NULL))
266  < 0) {
267  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
268  "connection_edge_process_relay_cell (away from origin) "
269  "failed.");
270  return reason;
271  }
272  }
273  if (cell_direction == CELL_DIRECTION_IN) {
275  log_debug(LD_OR,"Sending to origin.");
276  if ((reason = connection_edge_process_relay_cell(cell, circ, conn,
277  layer_hint)) < 0) {
278  /* If a client is trying to connect to unknown hidden service port,
279  * END_CIRC_AT_ORIGIN is sent back so we can then close the circuit.
280  * Do not log warn as this is an expected behavior for a service. */
281  if (reason != END_CIRC_AT_ORIGIN) {
282  log_warn(LD_OR,
283  "connection_edge_process_relay_cell (at origin) failed.");
284  }
285  return reason;
286  }
287  }
288  return 0;
289  }
290 
291  /* not recognized. inform circpad and pass it on. */
292  circpad_deliver_unrecognized_cell_events(circ, cell_direction);
293 
294  if (cell_direction == CELL_DIRECTION_OUT) {
295  cell->circ_id = circ->n_circ_id; /* switch it */
296  chan = circ->n_chan;
297  } else if (! CIRCUIT_IS_ORIGIN(circ)) {
298  cell->circ_id = TO_OR_CIRCUIT(circ)->p_circ_id; /* switch it */
299  chan = TO_OR_CIRCUIT(circ)->p_chan;
300  } else {
301  log_fn(LOG_PROTOCOL_WARN, LD_OR,
302  "Dropping unrecognized inbound cell on origin circuit.");
303  /* If we see unrecognized cells on path bias testing circs,
304  * it's bad mojo. Those circuits need to die.
305  * XXX: Shouldn't they always die? */
307  TO_ORIGIN_CIRCUIT(circ)->path_state = PATH_STATE_USE_FAILED;
308  return -END_CIRC_REASON_TORPROTOCOL;
309  } else {
310  return 0;
311  }
312  }
313 
314  if (!chan) {
315  // XXXX Can this splice stuff be done more cleanly?
316  if (! CIRCUIT_IS_ORIGIN(circ) &&
317  TO_OR_CIRCUIT(circ)->rend_splice &&
318  cell_direction == CELL_DIRECTION_OUT) {
319  or_circuit_t *splice_ = TO_OR_CIRCUIT(circ)->rend_splice;
322  cell->circ_id = splice_->p_circ_id;
323  cell->command = CELL_RELAY; /* can't be relay_early anyway */
324  if ((reason = circuit_receive_relay_cell(cell, TO_CIRCUIT(splice_),
325  CELL_DIRECTION_IN)) < 0) {
326  log_warn(LD_REND, "Error relaying cell across rendezvous; closing "
327  "circuits");
328  /* XXXX Do this here, or just return -1? */
329  circuit_mark_for_close(circ, -reason);
330  return reason;
331  }
332  return 0;
333  }
334  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
335  "Didn't recognize cell, but circ stops here! Closing circ.");
336  return -END_CIRC_REASON_TORPROTOCOL;
337  }
338 
339  log_debug(LD_OR,"Passing on unrecognized cell.");
340 
341  ++stats_n_relay_cells_relayed; /* XXXX no longer quite accurate {cells}
342  * we might kill the circ before we relay
343  * the cells. */
344 
345  append_cell_to_circuit_queue(circ, chan, cell, cell_direction, 0);
346  return 0;
347 }
348 
354 circuit_package_relay_cell, (cell_t *cell, circuit_t *circ,
355  cell_direction_t cell_direction,
356  crypt_path_t *layer_hint, streamid_t on_stream,
357  const char *filename, int lineno))
358 {
359  channel_t *chan; /* where to send the cell */
360 
361  if (circ->marked_for_close) {
362  /* Circuit is marked; send nothing. */
363  return 0;
364  }
365 
366  if (cell_direction == CELL_DIRECTION_OUT) {
367  chan = circ->n_chan;
368  if (!chan) {
369  log_warn(LD_BUG,"outgoing relay cell sent from %s:%d has n_chan==NULL."
370  " Dropping. Circuit is in state %s (%d), and is "
371  "%smarked for close. (%s:%d, %d)", filename, lineno,
372  circuit_state_to_string(circ->state), circ->state,
373  circ->marked_for_close ? "" : "not ",
376  if (CIRCUIT_IS_ORIGIN(circ)) {
378  }
379  log_backtrace(LOG_WARN,LD_BUG,"");
380  return 0; /* just drop it */
381  }
382  if (!CIRCUIT_IS_ORIGIN(circ)) {
383  log_warn(LD_BUG,"outgoing relay cell sent from %s:%d on non-origin "
384  "circ. Dropping.", filename, lineno);
385  log_backtrace(LOG_WARN,LD_BUG,"");
386  return 0; /* just drop it */
387  }
388 
389  relay_encrypt_cell_outbound(cell, TO_ORIGIN_CIRCUIT(circ), layer_hint);
390 
391  /* Update circ written totals for control port */
392  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
393  ocirc->n_written_circ_bw = tor_add_u32_nowrap(ocirc->n_written_circ_bw,
395 
396  } else { /* incoming cell */
397  if (CIRCUIT_IS_ORIGIN(circ)) {
398  /* We should never package an _incoming_ cell from the circuit
399  * origin; that means we messed up somewhere. */
400  log_warn(LD_BUG,"incoming relay cell at origin circuit. Dropping.");
401  assert_circuit_ok(circ);
402  return 0; /* just drop it */
403  }
404  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
405  relay_encrypt_cell_inbound(cell, or_circ);
406  chan = or_circ->p_chan;
407  }
409 
410  append_cell_to_circuit_queue(circ, chan, cell, cell_direction, on_stream);
411  return 0;
412 }
413 
417 static edge_connection_t *
419  cell_direction_t cell_direction, crypt_path_t *layer_hint)
420 {
421  edge_connection_t *tmpconn;
422  relay_header_t rh;
423 
424  relay_header_unpack(&rh, cell->payload);
425 
426  if (!rh.stream_id)
427  return NULL;
428 
429  /* IN or OUT cells could have come from either direction, now
430  * that we allow rendezvous *to* an OP.
431  */
432 
433  if (CIRCUIT_IS_ORIGIN(circ)) {
434  for (tmpconn = TO_ORIGIN_CIRCUIT(circ)->p_streams; tmpconn;
435  tmpconn=tmpconn->next_stream) {
436  if (rh.stream_id == tmpconn->stream_id &&
437  !tmpconn->base_.marked_for_close &&
438  tmpconn->cpath_layer == layer_hint) {
439  log_debug(LD_APP,"found conn for stream %d.", rh.stream_id);
440  return tmpconn;
441  }
442  }
443  } else {
444  for (tmpconn = TO_OR_CIRCUIT(circ)->n_streams; tmpconn;
445  tmpconn=tmpconn->next_stream) {
446  if (rh.stream_id == tmpconn->stream_id &&
447  !tmpconn->base_.marked_for_close) {
448  log_debug(LD_EXIT,"found conn for stream %d.", rh.stream_id);
449  if (cell_direction == CELL_DIRECTION_OUT ||
451  return tmpconn;
452  }
453  }
454  for (tmpconn = TO_OR_CIRCUIT(circ)->resolving_streams; tmpconn;
455  tmpconn=tmpconn->next_stream) {
456  if (rh.stream_id == tmpconn->stream_id &&
457  !tmpconn->base_.marked_for_close) {
458  log_debug(LD_EXIT,"found conn for stream %d.", rh.stream_id);
459  return tmpconn;
460  }
461  }
462  }
463  return NULL; /* probably a begin relay cell */
464 }
465 
470 void
471 relay_header_pack(uint8_t *dest, const relay_header_t *src)
472 {
473  set_uint8(dest, src->command);
474  set_uint16(dest+1, htons(src->recognized));
475  set_uint16(dest+3, htons(src->stream_id));
476  memcpy(dest+5, src->integrity, 4);
477  set_uint16(dest+9, htons(src->length));
478 }
479 
483 void
484 relay_header_unpack(relay_header_t *dest, const uint8_t *src)
485 {
486  dest->command = get_uint8(src);
487  dest->recognized = ntohs(get_uint16(src+1));
488  dest->stream_id = ntohs(get_uint16(src+3));
489  memcpy(dest->integrity, src+5, 4);
490  dest->length = ntohs(get_uint16(src+9));
491 }
492 
494 static const char *
495 relay_command_to_string(uint8_t command)
496 {
497  static char buf[64];
498  switch (command) {
499  case RELAY_COMMAND_BEGIN: return "BEGIN";
500  case RELAY_COMMAND_DATA: return "DATA";
501  case RELAY_COMMAND_END: return "END";
502  case RELAY_COMMAND_CONNECTED: return "CONNECTED";
503  case RELAY_COMMAND_SENDME: return "SENDME";
504  case RELAY_COMMAND_EXTEND: return "EXTEND";
505  case RELAY_COMMAND_EXTENDED: return "EXTENDED";
506  case RELAY_COMMAND_TRUNCATE: return "TRUNCATE";
507  case RELAY_COMMAND_TRUNCATED: return "TRUNCATED";
508  case RELAY_COMMAND_DROP: return "DROP";
509  case RELAY_COMMAND_RESOLVE: return "RESOLVE";
510  case RELAY_COMMAND_RESOLVED: return "RESOLVED";
511  case RELAY_COMMAND_BEGIN_DIR: return "BEGIN_DIR";
512  case RELAY_COMMAND_ESTABLISH_INTRO: return "ESTABLISH_INTRO";
513  case RELAY_COMMAND_ESTABLISH_RENDEZVOUS: return "ESTABLISH_RENDEZVOUS";
514  case RELAY_COMMAND_INTRODUCE1: return "INTRODUCE1";
515  case RELAY_COMMAND_INTRODUCE2: return "INTRODUCE2";
516  case RELAY_COMMAND_RENDEZVOUS1: return "RENDEZVOUS1";
517  case RELAY_COMMAND_RENDEZVOUS2: return "RENDEZVOUS2";
518  case RELAY_COMMAND_INTRO_ESTABLISHED: return "INTRO_ESTABLISHED";
519  case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
520  return "RENDEZVOUS_ESTABLISHED";
521  case RELAY_COMMAND_INTRODUCE_ACK: return "INTRODUCE_ACK";
522  case RELAY_COMMAND_EXTEND2: return "EXTEND2";
523  case RELAY_COMMAND_EXTENDED2: return "EXTENDED2";
524  case RELAY_COMMAND_PADDING_NEGOTIATE: return "PADDING_NEGOTIATE";
525  case RELAY_COMMAND_PADDING_NEGOTIATED: return "PADDING_NEGOTIATED";
526  default:
527  tor_snprintf(buf, sizeof(buf), "Unrecognized relay command %u",
528  (unsigned)command);
529  return buf;
530  }
531 }
532 
543 relay_send_command_from_edge_,(streamid_t stream_id, circuit_t *circ,
544  uint8_t relay_command, const char *payload,
545  size_t payload_len, crypt_path_t *cpath_layer,
546  const char *filename, int lineno))
547 {
548  cell_t cell;
549  relay_header_t rh;
550  cell_direction_t cell_direction;
551  /* XXXX NM Split this function into a separate versions per circuit type? */
552 
553  tor_assert(circ);
554  tor_assert(payload_len <= RELAY_PAYLOAD_SIZE);
555 
556  memset(&cell, 0, sizeof(cell_t));
557  cell.command = CELL_RELAY;
558  if (CIRCUIT_IS_ORIGIN(circ)) {
559  tor_assert(cpath_layer);
560  cell.circ_id = circ->n_circ_id;
561  cell_direction = CELL_DIRECTION_OUT;
562  } else {
563  tor_assert(! cpath_layer);
564  cell.circ_id = TO_OR_CIRCUIT(circ)->p_circ_id;
565  cell_direction = CELL_DIRECTION_IN;
566  }
567 
568  memset(&rh, 0, sizeof(rh));
569  rh.command = relay_command;
570  rh.stream_id = stream_id;
571  rh.length = payload_len;
572  relay_header_pack(cell.payload, &rh);
573  if (payload_len)
574  memcpy(cell.payload+RELAY_HEADER_SIZE, payload, payload_len);
575 
576  log_debug(LD_OR,"delivering %d cell %s.", relay_command,
577  cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");
578 
579  /* Tell circpad we're sending a relay cell */
580  circpad_deliver_sent_relay_cell_events(circ, relay_command);
581 
582  /* If we are sending an END cell and this circuit is used for a tunneled
583  * directory request, advance its state. */
584  if (relay_command == RELAY_COMMAND_END && circ->dirreq_id)
585  geoip_change_dirreq_state(circ->dirreq_id, DIRREQ_TUNNELED,
587 
588  if (cell_direction == CELL_DIRECTION_OUT && circ->n_chan) {
589  /* if we're using relaybandwidthrate, this conn wants priority */
591  }
592 
593  if (cell_direction == CELL_DIRECTION_OUT) {
594  origin_circuit_t *origin_circ = TO_ORIGIN_CIRCUIT(circ);
595  if (origin_circ->remaining_relay_early_cells > 0 &&
596  (relay_command == RELAY_COMMAND_EXTEND ||
597  relay_command == RELAY_COMMAND_EXTEND2 ||
598  cpath_layer != origin_circ->cpath)) {
599  /* If we've got any relay_early cells left and (we're sending
600  * an extend cell or we're not talking to the first hop), use
601  * one of them. Don't worry about the conn protocol version:
602  * append_cell_to_circuit_queue will fix it up. */
603  cell.command = CELL_RELAY_EARLY;
604  /* If we're out of relay early cells, tell circpad */
605  if (--origin_circ->remaining_relay_early_cells == 0)
607  log_debug(LD_OR, "Sending a RELAY_EARLY cell; %d remaining.",
608  (int)origin_circ->remaining_relay_early_cells);
609  /* Memorize the command that is sent as RELAY_EARLY cell; helps debug
610  * task 878. */
611  origin_circ->relay_early_commands[
612  origin_circ->relay_early_cells_sent++] = relay_command;
613  } else if (relay_command == RELAY_COMMAND_EXTEND ||
614  relay_command == RELAY_COMMAND_EXTEND2) {
615  /* If no RELAY_EARLY cells can be sent over this circuit, log which
616  * commands have been sent as RELAY_EARLY cells before; helps debug
617  * task 878. */
618  smartlist_t *commands_list = smartlist_new();
619  int i = 0;
620  char *commands = NULL;
621  for (; i < origin_circ->relay_early_cells_sent; i++)
622  smartlist_add(commands_list, (char *)
624  commands = smartlist_join_strings(commands_list, ",", 0, NULL);
625  log_warn(LD_BUG, "Uh-oh. We're sending a RELAY_COMMAND_EXTEND cell, "
626  "but we have run out of RELAY_EARLY cells on that circuit. "
627  "Commands sent before: %s", commands);
628  tor_free(commands);
629  smartlist_free(commands_list);
630  }
631 
632  /* Let's assume we're well-behaved: Anything that we decide to send is
633  * valid, delivered data. */
634  circuit_sent_valid_data(origin_circ, rh.length);
635  }
636 
637  if (circuit_package_relay_cell(&cell, circ, cell_direction, cpath_layer,
638  stream_id, filename, lineno) < 0) {
639  log_warn(LD_BUG,"circuit_package_relay_cell failed. Closing.");
640  circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL);
641  return -1;
642  }
643  return 0;
644 }
645 
655 int
657  uint8_t relay_command, const char *payload,
658  size_t payload_len)
659 {
660  /* XXXX NM Split this function into a separate versions per circuit type? */
661  circuit_t *circ;
662  crypt_path_t *cpath_layer = fromconn->cpath_layer;
663  tor_assert(fromconn);
664  circ = fromconn->on_circuit;
665 
666  if (fromconn->base_.marked_for_close) {
667  log_warn(LD_BUG,
668  "called on conn that's already marked for close at %s:%d.",
669  fromconn->base_.marked_for_close_file,
670  fromconn->base_.marked_for_close);
671  return 0;
672  }
673 
674  if (!circ) {
675  if (fromconn->base_.type == CONN_TYPE_AP) {
676  log_info(LD_APP,"no circ. Closing conn.");
677  connection_mark_unattached_ap(EDGE_TO_ENTRY_CONN(fromconn),
678  END_STREAM_REASON_INTERNAL);
679  } else {
680  log_info(LD_EXIT,"no circ. Closing conn.");
681  fromconn->edge_has_sent_end = 1; /* no circ to send to */
682  fromconn->end_reason = END_STREAM_REASON_INTERNAL;
683  connection_mark_for_close(TO_CONN(fromconn));
684  }
685  return -1;
686  }
687 
688  if (circ->marked_for_close) {
689  /* The circuit has been marked, but not freed yet. When it's freed, it
690  * will mark this connection for close. */
691  return -1;
692  }
693 
694 #ifdef MEASUREMENTS_21206
695  /* Keep track of the number of RELAY_DATA cells sent for directory
696  * connections. */
697  connection_t *linked_conn = TO_CONN(fromconn)->linked_conn;
698 
699  if (linked_conn && linked_conn->type == CONN_TYPE_DIR) {
700  ++(TO_DIR_CONN(linked_conn)->data_cells_sent);
701  }
702 #endif /* defined(MEASUREMENTS_21206) */
703 
704  return relay_send_command_from_edge(fromconn->stream_id, circ,
705  relay_command, payload,
706  payload_len, cpath_layer);
707 }
708 
712 #define MAX_RESOLVE_FAILURES 3
713 
716 static int
718 {
719  return reason == END_STREAM_REASON_HIBERNATING ||
720  reason == END_STREAM_REASON_RESOURCELIMIT ||
721  reason == END_STREAM_REASON_EXITPOLICY ||
722  reason == END_STREAM_REASON_RESOLVEFAILED ||
723  reason == END_STREAM_REASON_MISC ||
724  reason == END_STREAM_REASON_NOROUTE;
725 }
726 
731 static int
733  relay_header_t *rh, cell_t *cell, origin_circuit_t *circ,
734  entry_connection_t *conn, crypt_path_t *layer_hint)
735 {
736  node_t *exitrouter;
737  int reason = *(cell->payload+RELAY_HEADER_SIZE);
738  int control_reason;
739  edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(conn);
740  (void) layer_hint; /* unused */
741 
742  if (rh->length > 0) {
743  if (reason == END_STREAM_REASON_TORPROTOCOL ||
744  reason == END_STREAM_REASON_DESTROY) {
745  /* Both of these reasons could mean a failed tag
746  * hit the exit and it complained. Do not probe.
747  * Fail the circuit. */
748  circ->path_state = PATH_STATE_USE_FAILED;
749  return -END_CIRC_REASON_TORPROTOCOL;
750  } else if (reason == END_STREAM_REASON_INTERNAL) {
751  /* We can't infer success or failure, since older Tors report
752  * ENETUNREACH as END_STREAM_REASON_INTERNAL. */
753  } else {
754  /* Path bias: If we get a valid reason code from the exit,
755  * it wasn't due to tagging.
756  *
757  * We rely on recognized+digest being strong enough to make
758  * tags unlikely to allow us to get tagged, yet 'recognized'
759  * reason codes here. */
761  }
762  }
763 
764  /* This end cell is now valid. */
765  circuit_read_valid_data(circ, rh->length);
766 
767  if (rh->length == 0) {
768  reason = END_STREAM_REASON_MISC;
769  }
770 
771  control_reason = reason | END_STREAM_REASON_FLAG_REMOTE;
772 
773  if (edge_reason_is_retriable(reason) &&
774  /* avoid retry if rend */
776  const char *chosen_exit_digest =
778  log_info(LD_APP,"Address '%s' refused due to '%s'. Considering retrying.",
779  safe_str(conn->socks_request->address),
781  exitrouter = node_get_mutable_by_id(chosen_exit_digest);
782  switch (reason) {
783  case END_STREAM_REASON_EXITPOLICY: {
784  tor_addr_t addr;
785  tor_addr_make_unspec(&addr);
786  if (rh->length >= 5) {
787  int ttl = -1;
788  tor_addr_make_unspec(&addr);
789  if (rh->length == 5 || rh->length == 9) {
790  tor_addr_from_ipv4n(&addr,
792  if (rh->length == 9)
793  ttl = (int)ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE+5));
794  } else if (rh->length == 17 || rh->length == 21) {
796  (char*)(cell->payload+RELAY_HEADER_SIZE+1));
797  if (rh->length == 21)
798  ttl = (int)ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE+17));
799  }
800  if (tor_addr_is_null(&addr)) {
801  log_info(LD_APP,"Address '%s' resolved to 0.0.0.0. Closing,",
802  safe_str(conn->socks_request->address));
803  connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
804  return 0;
805  }
806 
807  if ((tor_addr_family(&addr) == AF_INET &&
808  !conn->entry_cfg.ipv4_traffic) ||
809  (tor_addr_family(&addr) == AF_INET6 &&
810  !conn->entry_cfg.ipv6_traffic)) {
811  log_fn(LOG_PROTOCOL_WARN, LD_APP,
812  "Got an EXITPOLICY failure on a connection with a "
813  "mismatched family. Closing.");
814  connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
815  return 0;
816  }
817  if (get_options()->ClientDNSRejectInternalAddresses &&
818  tor_addr_is_internal(&addr, 0)) {
819  log_info(LD_APP,"Address '%s' resolved to internal. Closing,",
820  safe_str(conn->socks_request->address));
821  connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
822  return 0;
823  }
824 
826  conn->socks_request->address, &addr,
827  conn->chosen_exit_name, ttl);
828 
829  {
830  char new_addr[TOR_ADDR_BUF_LEN];
831  tor_addr_to_str(new_addr, &addr, sizeof(new_addr), 1);
832  if (strcmp(conn->socks_request->address, new_addr)) {
833  strlcpy(conn->socks_request->address, new_addr,
834  sizeof(conn->socks_request->address));
835  control_event_stream_status(conn, STREAM_EVENT_REMAP, 0);
836  }
837  }
838  }
839  /* check if the exit *ought* to have allowed it */
840 
842  conn,
843  exitrouter,
844  &addr);
845 
846  if (conn->chosen_exit_optional ||
847  conn->chosen_exit_retries) {
848  /* stop wanting a specific exit */
849  conn->chosen_exit_optional = 0;
850  /* A non-zero chosen_exit_retries can happen if we set a
851  * TrackHostExits for this address under a port that the exit
852  * relay allows, but then try the same address with a different
853  * port that it doesn't allow to exit. We shouldn't unregister
854  * the mapping, since it is probably still wanted on the
855  * original port. But now we give away to the exit relay that
856  * we probably have a TrackHostExits on it. So be it. */
857  conn->chosen_exit_retries = 0;
858  tor_free(conn->chosen_exit_name); /* clears it */
859  }
860  if (connection_ap_detach_retriable(conn, circ, control_reason) >= 0)
861  return 0;
862  /* else, conn will get closed below */
863  break;
864  }
865  case END_STREAM_REASON_CONNECTREFUSED:
866  if (!conn->chosen_exit_optional)
867  break; /* break means it'll close, below */
868  /* Else fall through: expire this circuit, clear the
869  * chosen_exit_name field, and try again. */
870  /* Falls through. */
871  case END_STREAM_REASON_RESOLVEFAILED:
872  case END_STREAM_REASON_TIMEOUT:
873  case END_STREAM_REASON_MISC:
874  case END_STREAM_REASON_NOROUTE:
877  /* We haven't retried too many times; reattach the connection. */
879  /* Mark this circuit "unusable for new streams". */
881 
882  if (conn->chosen_exit_optional) {
883  /* stop wanting a specific exit */
884  conn->chosen_exit_optional = 0;
885  tor_free(conn->chosen_exit_name); /* clears it */
886  }
887  if (connection_ap_detach_retriable(conn, circ, control_reason) >= 0)
888  return 0;
889  /* else, conn will get closed below */
890  } else {
891  log_notice(LD_APP,
892  "Have tried resolving or connecting to address '%s' "
893  "at %d different places. Giving up.",
894  safe_str(conn->socks_request->address),
896  /* clear the failures, so it will have a full try next time */
898  }
899  break;
900  case END_STREAM_REASON_HIBERNATING:
901  case END_STREAM_REASON_RESOURCELIMIT:
902  if (exitrouter) {
904  }
905  if (conn->chosen_exit_optional) {
906  /* stop wanting a specific exit */
907  conn->chosen_exit_optional = 0;
908  tor_free(conn->chosen_exit_name); /* clears it */
909  }
910  if (connection_ap_detach_retriable(conn, circ, control_reason) >= 0)
911  return 0;
912  /* else, will close below */
913  break;
914  } /* end switch */
915  log_info(LD_APP,"Giving up on retrying; conn can't be handled.");
916  }
917 
918  log_info(LD_APP,
919  "Edge got end (%s) before we're connected. Marking for close.",
920  stream_end_reason_to_string(rh->length > 0 ? reason : -1));
922  /* need to test because of detach_retriable */
923  if (!ENTRY_TO_CONN(conn)->marked_for_close)
924  connection_mark_unattached_ap(conn, control_reason);
925  return 0;
926 }
927 
937 static void
939  entry_connection_t *conn,
940  node_t *node,
941  const tor_addr_t *addr)
942 {
943  int make_reject_all = 0;
944  const sa_family_t family = tor_addr_family(addr);
945 
946  if (node) {
947  tor_addr_t tmp;
948  int asked_for_family = tor_addr_parse(&tmp, conn->socks_request->address);
949  if (family == AF_UNSPEC) {
950  make_reject_all = 1;
951  } else if (node_exit_policy_is_exact(node, family) &&
952  asked_for_family != -1 && !conn->chosen_exit_name) {
953  make_reject_all = 1;
954  }
955 
956  if (make_reject_all) {
957  log_info(LD_APP,
958  "Exitrouter %s seems to be more restrictive than its exit "
959  "policy. Not using this router as exit for now.",
960  node_describe(node));
962  }
963  }
964 
965  if (family != AF_UNSPEC)
967 }
968 
972 static void
974 {
975  tor_addr_to_str(conn->socks_request->address, new_addr,
976  sizeof(conn->socks_request->address),
977  1);
978  control_event_stream_status(conn, STREAM_EVENT_REMAP,
980 }
981 
992 STATIC int
994  tor_addr_t *addr_out, int *ttl_out)
995 {
996  uint32_t bytes;
997  const uint8_t *payload = cell->payload + RELAY_HEADER_SIZE;
998 
999  tor_addr_make_unspec(addr_out);
1000  *ttl_out = -1;
1001  if (rh->length == 0)
1002  return 0;
1003  if (rh->length < 4)
1004  return -1;
1005  bytes = ntohl(get_uint32(payload));
1006 
1007  /* If bytes is 0, this is maybe a v6 address. Otherwise it's a v4 address */
1008  if (bytes != 0) {
1009  /* v4 address */
1010  tor_addr_from_ipv4h(addr_out, bytes);
1011  if (rh->length >= 8) {
1012  bytes = ntohl(get_uint32(payload + 4));
1013  if (bytes <= INT32_MAX)
1014  *ttl_out = bytes;
1015  }
1016  } else {
1017  if (rh->length < 25) /* 4 bytes of 0s, 1 addr, 16 ipv4, 4 ttl. */
1018  return -1;
1019  if (get_uint8(payload + 4) != 6)
1020  return -1;
1021  tor_addr_from_ipv6_bytes(addr_out, (char*)(payload + 5));
1022  bytes = ntohl(get_uint32(payload + 21));
1023  if (bytes <= INT32_MAX)
1024  *ttl_out = (int) bytes;
1025  }
1026  return 0;
1027 }
1028 
1030 STATIC void
1031 address_ttl_free_(address_ttl_t *addr)
1032 {
1033  if (!addr)
1034  return;
1035  tor_free(addr->hostname);
1036  tor_free(addr);
1037 }
1038 
1044 STATIC int
1046  smartlist_t *addresses_out, int *errcode_out)
1047 {
1048  const uint8_t *cp;
1049  uint8_t answer_type;
1050  size_t answer_len;
1051  address_ttl_t *addr;
1052  size_t remaining;
1053  int errcode = 0;
1054  smartlist_t *addrs;
1055 
1056  tor_assert(cell);
1057  tor_assert(rh);
1058  tor_assert(addresses_out);
1059  tor_assert(errcode_out);
1060 
1061  *errcode_out = 0;
1062 
1063  if (rh->length > RELAY_PAYLOAD_SIZE)
1064  return -1;
1065 
1066  addrs = smartlist_new();
1067 
1068  cp = cell->payload + RELAY_HEADER_SIZE;
1069 
1070  remaining = rh->length;
1071  while (remaining) {
1072  const uint8_t *cp_orig = cp;
1073  if (remaining < 2)
1074  goto err;
1075  answer_type = *cp++;
1076  answer_len = *cp++;
1077  if (remaining < 2 + answer_len + 4) {
1078  goto err;
1079  }
1080  if (answer_type == RESOLVED_TYPE_IPV4) {
1081  if (answer_len != 4) {
1082  goto err;
1083  }
1084  addr = tor_malloc_zero(sizeof(*addr));
1085  tor_addr_from_ipv4n(&addr->addr, get_uint32(cp));
1086  cp += 4;
1087  addr->ttl = ntohl(get_uint32(cp));
1088  cp += 4;
1089  smartlist_add(addrs, addr);
1090  } else if (answer_type == RESOLVED_TYPE_IPV6) {
1091  if (answer_len != 16)
1092  goto err;
1093  addr = tor_malloc_zero(sizeof(*addr));
1094  tor_addr_from_ipv6_bytes(&addr->addr, (const char*) cp);
1095  cp += 16;
1096  addr->ttl = ntohl(get_uint32(cp));
1097  cp += 4;
1098  smartlist_add(addrs, addr);
1099  } else if (answer_type == RESOLVED_TYPE_HOSTNAME) {
1100  if (answer_len == 0) {
1101  goto err;
1102  }
1103  addr = tor_malloc_zero(sizeof(*addr));
1104  addr->hostname = tor_memdup_nulterm(cp, answer_len);
1105  cp += answer_len;
1106  addr->ttl = ntohl(get_uint32(cp));
1107  cp += 4;
1108  smartlist_add(addrs, addr);
1109  } else if (answer_type == RESOLVED_TYPE_ERROR_TRANSIENT ||
1110  answer_type == RESOLVED_TYPE_ERROR) {
1111  errcode = answer_type;
1112  /* Ignore the error contents */
1113  cp += answer_len + 4;
1114  } else {
1115  cp += answer_len + 4;
1116  }
1117  tor_assert(((ssize_t)remaining) >= (cp - cp_orig));
1118  remaining -= (cp - cp_orig);
1119  }
1120 
1121  if (errcode && smartlist_len(addrs) == 0) {
1122  /* Report an error only if there were no results. */
1123  *errcode_out = errcode;
1124  }
1125 
1126  smartlist_add_all(addresses_out, addrs);
1127  smartlist_free(addrs);
1128 
1129  return 0;
1130 
1131  err:
1132  /* On parse error, don't report any results */
1133  SMARTLIST_FOREACH(addrs, address_ttl_t *, a, address_ttl_free(a));
1134  smartlist_free(addrs);
1135  return -1;
1136 }
1137 
1141 static void
1143  int error_code,
1144  smartlist_t *results)
1145 {
1146  address_ttl_t *addr_ipv4 = NULL;
1147  address_ttl_t *addr_ipv6 = NULL;
1148  address_ttl_t *addr_hostname = NULL;
1149  address_ttl_t *addr_best = NULL;
1150 
1151  /* If it's an error code, that's easy. */
1152  if (error_code) {
1153  tor_assert(error_code == RESOLVED_TYPE_ERROR ||
1154  error_code == RESOLVED_TYPE_ERROR_TRANSIENT);
1155  connection_ap_handshake_socks_resolved(conn,
1156  error_code,0,NULL,-1,-1);
1157  return;
1158  }
1159 
1160  /* Get the first answer of each type. */
1161  SMARTLIST_FOREACH_BEGIN(results, address_ttl_t *, addr) {
1162  if (addr->hostname) {
1163  if (!addr_hostname) {
1164  addr_hostname = addr;
1165  }
1166  } else if (tor_addr_family(&addr->addr) == AF_INET) {
1167  if (!addr_ipv4 && conn->entry_cfg.ipv4_traffic) {
1168  addr_ipv4 = addr;
1169  }
1170  } else if (tor_addr_family(&addr->addr) == AF_INET6) {
1171  if (!addr_ipv6 && conn->entry_cfg.ipv6_traffic) {
1172  addr_ipv6 = addr;
1173  }
1174  }
1175  } SMARTLIST_FOREACH_END(addr);
1176 
1177  /* Now figure out which type we wanted to deliver. */
1178  if (conn->socks_request->command == SOCKS_COMMAND_RESOLVE_PTR) {
1179  if (addr_hostname) {
1180  connection_ap_handshake_socks_resolved(conn,
1181  RESOLVED_TYPE_HOSTNAME,
1182  strlen(addr_hostname->hostname),
1183  (uint8_t*)addr_hostname->hostname,
1184  addr_hostname->ttl,-1);
1185  } else {
1186  connection_ap_handshake_socks_resolved(conn,
1187  RESOLVED_TYPE_ERROR,0,NULL,-1,-1);
1188  }
1189  return;
1190  }
1191 
1192  if (conn->entry_cfg.prefer_ipv6) {
1193  addr_best = addr_ipv6 ? addr_ipv6 : addr_ipv4;
1194  } else {
1195  addr_best = addr_ipv4 ? addr_ipv4 : addr_ipv6;
1196  }
1197 
1198  /* Now convert it to the ugly old interface */
1199  if (! addr_best) {
1200  connection_ap_handshake_socks_resolved(conn,
1201  RESOLVED_TYPE_ERROR,0,NULL,-1,-1);
1202  return;
1203  }
1204 
1206  &addr_best->addr,
1207  addr_best->ttl,
1208  -1);
1209 
1210  remap_event_helper(conn, &addr_best->addr);
1211 }
1212 
1215 STATIC int
1217  const cell_t *cell,
1218  const relay_header_t *rh)
1219 {
1220  entry_connection_t *entry_conn = EDGE_TO_ENTRY_CONN(conn);
1221  smartlist_t *resolved_addresses = NULL;
1222  int errcode = 0;
1223 
1224  if (conn->base_.state != AP_CONN_STATE_RESOLVE_WAIT) {
1225  log_fn(LOG_PROTOCOL_WARN, LD_APP, "Got a 'resolved' cell while "
1226  "not in state resolve_wait. Dropping.");
1227  return 0;
1228  }
1229  tor_assert(SOCKS_COMMAND_IS_RESOLVE(entry_conn->socks_request->command));
1230 
1231  resolved_addresses = smartlist_new();
1232  if (resolved_cell_parse(cell, rh, resolved_addresses, &errcode)) {
1233  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1234  "Dropping malformed 'resolved' cell");
1235  connection_mark_unattached_ap(entry_conn, END_STREAM_REASON_TORPROTOCOL);
1236  goto done;
1237  }
1238 
1239  if (get_options()->ClientDNSRejectInternalAddresses) {
1240  int orig_len = smartlist_len(resolved_addresses);
1241  SMARTLIST_FOREACH_BEGIN(resolved_addresses, address_ttl_t *, addr) {
1242  if (addr->hostname == NULL && tor_addr_is_internal(&addr->addr, 0)) {
1243  log_info(LD_APP, "Got a resolved cell with answer %s; dropping that "
1244  "answer.",
1245  safe_str_client(fmt_addr(&addr->addr)));
1246  address_ttl_free(addr);
1247  SMARTLIST_DEL_CURRENT(resolved_addresses, addr);
1248  }
1249  } SMARTLIST_FOREACH_END(addr);
1250  if (orig_len && smartlist_len(resolved_addresses) == 0) {
1251  log_info(LD_APP, "Got a resolved cell with only private addresses; "
1252  "dropping it.");
1253  connection_ap_handshake_socks_resolved(entry_conn,
1254  RESOLVED_TYPE_ERROR_TRANSIENT,
1255  0, NULL, 0, TIME_MAX);
1256  connection_mark_unattached_ap(entry_conn,
1257  END_STREAM_REASON_TORPROTOCOL);
1258  goto done;
1259  }
1260  }
1261 
1262  /* This is valid data at this point. Count it */
1263  if (conn->on_circuit && CIRCUIT_IS_ORIGIN(conn->on_circuit)) {
1265  rh->length);
1266  }
1267 
1269  errcode,
1270  resolved_addresses);
1271 
1272  connection_mark_unattached_ap(entry_conn,
1273  END_STREAM_REASON_DONE |
1275 
1276  done:
1277  SMARTLIST_FOREACH(resolved_addresses, address_ttl_t *, addr,
1278  address_ttl_free(addr));
1279  smartlist_free(resolved_addresses);
1280  return 0;
1281 }
1282 
1290 static int
1292  relay_header_t *rh, cell_t *cell, circuit_t *circ,
1293  edge_connection_t *conn, crypt_path_t *layer_hint)
1294 {
1295  if (rh->command == RELAY_COMMAND_END) {
1296  if (CIRCUIT_IS_ORIGIN(circ) && conn->base_.type == CONN_TYPE_AP) {
1297  return connection_ap_process_end_not_open(rh, cell,
1298  TO_ORIGIN_CIRCUIT(circ),
1299  EDGE_TO_ENTRY_CONN(conn),
1300  layer_hint);
1301  } else {
1302  /* we just got an 'end', don't need to send one */
1303  conn->edge_has_sent_end = 1;
1304  conn->end_reason = *(cell->payload+RELAY_HEADER_SIZE) |
1306  connection_mark_for_close(TO_CONN(conn));
1307  return 0;
1308  }
1309  }
1310 
1311  if (conn->base_.type == CONN_TYPE_AP &&
1312  rh->command == RELAY_COMMAND_CONNECTED) {
1313  tor_addr_t addr;
1314  int ttl;
1315  entry_connection_t *entry_conn = EDGE_TO_ENTRY_CONN(conn);
1317  if (conn->base_.state != AP_CONN_STATE_CONNECT_WAIT) {
1318  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1319  "Got 'connected' while not in state connect_wait. Dropping.");
1320  return 0;
1321  }
1322  CONNECTION_AP_EXPECT_NONPENDING(entry_conn);
1323  conn->base_.state = AP_CONN_STATE_OPEN;
1324  log_info(LD_APP,"'connected' received for circid %u streamid %d "
1325  "after %d seconds.",
1326  (unsigned)circ->n_circ_id,
1327  rh->stream_id,
1328  (int)(time(NULL) - conn->base_.timestamp_last_read_allowed));
1329  if (connected_cell_parse(rh, cell, &addr, &ttl) < 0) {
1330  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1331  "Got a badly formatted connected cell. Closing.");
1332  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1333  connection_mark_unattached_ap(entry_conn, END_STREAM_REASON_TORPROTOCOL);
1334  return 0;
1335  }
1336  if (tor_addr_family(&addr) != AF_UNSPEC) {
1337  /* The family is not UNSPEC: so we were given an address in the
1338  * connected cell. (This is normal, except for BEGINDIR and onion
1339  * service streams.) */
1340  const sa_family_t family = tor_addr_family(&addr);
1341  if (tor_addr_is_null(&addr) ||
1342  (get_options()->ClientDNSRejectInternalAddresses &&
1343  tor_addr_is_internal(&addr, 0))) {
1344  log_info(LD_APP, "...but it claims the IP address was %s. Closing.",
1345  fmt_addr(&addr));
1346  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1347  connection_mark_unattached_ap(entry_conn,
1348  END_STREAM_REASON_TORPROTOCOL);
1349  return 0;
1350  }
1351 
1352  if ((family == AF_INET && ! entry_conn->entry_cfg.ipv4_traffic) ||
1353  (family == AF_INET6 && ! entry_conn->entry_cfg.ipv6_traffic)) {
1354  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1355  "Got a connected cell to %s with unsupported address family."
1356  " Closing.", fmt_addr(&addr));
1357  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1358  connection_mark_unattached_ap(entry_conn,
1359  END_STREAM_REASON_TORPROTOCOL);
1360  return 0;
1361  }
1362 
1363  client_dns_set_addressmap(entry_conn,
1364  entry_conn->socks_request->address, &addr,
1365  entry_conn->chosen_exit_name, ttl);
1366 
1367  remap_event_helper(entry_conn, &addr);
1368  }
1370  /* don't send a socks reply to transparent conns */
1371  tor_assert(entry_conn->socks_request != NULL);
1372  if (!entry_conn->socks_request->has_finished) {
1373  connection_ap_handshake_socks_reply(entry_conn, NULL, 0, 0);
1374  }
1375 
1376  /* Was it a linked dir conn? If so, a dir request just started to
1377  * fetch something; this could be a bootstrap status milestone. */
1378  log_debug(LD_APP, "considering");
1379  if (TO_CONN(conn)->linked_conn &&
1380  TO_CONN(conn)->linked_conn->type == CONN_TYPE_DIR) {
1381  connection_t *dirconn = TO_CONN(conn)->linked_conn;
1382  log_debug(LD_APP, "it is! %d", dirconn->purpose);
1383  switch (dirconn->purpose) {
1386  control_event_bootstrap(BOOTSTRAP_STATUS_LOADING_KEYS, 0);
1387  break;
1389  control_event_bootstrap(BOOTSTRAP_STATUS_LOADING_STATUS, 0);
1390  break;
1393  if (TO_DIR_CONN(dirconn)->router_purpose == ROUTER_PURPOSE_GENERAL)
1394  control_event_boot_dir(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS,
1396  break;
1397  }
1398  }
1399  /* This is definitely a success, so forget about any pending data we
1400  * had sent. */
1401  if (entry_conn->pending_optimistic_data) {
1402  buf_free(entry_conn->pending_optimistic_data);
1403  entry_conn->pending_optimistic_data = NULL;
1404  }
1405 
1406  /* This is valid data at this point. Count it */
1408 
1409  /* handle anything that might have queued */
1410  if (connection_edge_package_raw_inbuf(conn, 1, NULL) < 0) {
1411  /* (We already sent an end cell if possible) */
1412  connection_mark_for_close(TO_CONN(conn));
1413  return 0;
1414  }
1415  return 0;
1416  }
1417  if (conn->base_.type == CONN_TYPE_AP &&
1418  rh->command == RELAY_COMMAND_RESOLVED) {
1419  return connection_edge_process_resolved_cell(conn, cell, rh);
1420  }
1421 
1422  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1423  "Got an unexpected relay command %d, in state %d (%s). Dropping.",
1424  rh->command, conn->base_.state,
1425  conn_state_to_string(conn->base_.type, conn->base_.state));
1426  return 0; /* for forward compatibility, don't kill the circuit */
1427 // connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1428 // connection_mark_for_close(conn);
1429 // return -1;
1430 }
1431 
1441 STATIC int
1443  edge_connection_t *conn,
1444  crypt_path_t *layer_hint)
1445 {
1446  static int num_seen=0;
1447  relay_header_t rh;
1448  unsigned domain = layer_hint?LD_APP:LD_EXIT;
1449  int reason;
1450  int optimistic_data = 0; /* Set to 1 if we receive data on a stream
1451  * that's in the EXIT_CONN_STATE_RESOLVING
1452  * or EXIT_CONN_STATE_CONNECTING states. */
1453 
1454  tor_assert(cell);
1455  tor_assert(circ);
1456 
1457  relay_header_unpack(&rh, cell->payload);
1458 // log_fn(LOG_DEBUG,"command %d stream %d", rh.command, rh.stream_id);
1459  num_seen++;
1460  log_debug(domain, "Now seen %d relay cells here (command %d, stream %d).",
1461  num_seen, rh.command, rh.stream_id);
1462 
1463  if (rh.length > RELAY_PAYLOAD_SIZE) {
1464  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1465  "Relay cell length field too long. Closing circuit.");
1466  return - END_CIRC_REASON_TORPROTOCOL;
1467  }
1468 
1469  if (rh.stream_id == 0) {
1470  switch (rh.command) {
1471  case RELAY_COMMAND_BEGIN:
1472  case RELAY_COMMAND_CONNECTED:
1473  case RELAY_COMMAND_END:
1474  case RELAY_COMMAND_RESOLVE:
1475  case RELAY_COMMAND_RESOLVED:
1476  case RELAY_COMMAND_BEGIN_DIR:
1477  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Relay command %d with zero "
1478  "stream_id. Dropping.", (int)rh.command);
1479  return 0;
1480  default:
1481  ;
1482  }
1483  }
1484 
1485  /* Tell circpad that we've recieved a recognized cell */
1487 
1488  /* either conn is NULL, in which case we've got a control cell, or else
1489  * conn points to the recognized stream. */
1490  if (conn && !connection_state_is_open(TO_CONN(conn))) {
1491  if (conn->base_.type == CONN_TYPE_EXIT &&
1492  (conn->base_.state == EXIT_CONN_STATE_CONNECTING ||
1493  conn->base_.state == EXIT_CONN_STATE_RESOLVING) &&
1494  rh.command == RELAY_COMMAND_DATA) {
1495  /* Allow DATA cells to be delivered to an exit node in state
1496  * EXIT_CONN_STATE_CONNECTING or EXIT_CONN_STATE_RESOLVING.
1497  * This speeds up HTTP, for example. */
1498  optimistic_data = 1;
1499  } else if (rh.stream_id == 0 && rh.command == RELAY_COMMAND_DATA) {
1500  log_warn(LD_BUG, "Somehow I had a connection that matched a "
1501  "data cell with stream ID 0.");
1502  } else {
1504  &rh, cell, circ, conn, layer_hint);
1505  }
1506  }
1507 
1508  switch (rh.command) {
1509  case RELAY_COMMAND_DROP:
1510  /* Already examined in circpad_deliver_recognized_relay_cell_events */
1511  return 0;
1512  case RELAY_COMMAND_PADDING_NEGOTIATE:
1514  return 0;
1515  case RELAY_COMMAND_PADDING_NEGOTIATED:
1516  if (circpad_handle_padding_negotiated(circ, cell, layer_hint) == 0)
1518  return 0;
1519  case RELAY_COMMAND_BEGIN:
1520  case RELAY_COMMAND_BEGIN_DIR:
1521  if (layer_hint &&
1523  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1524  "Relay begin request unsupported at AP. Dropping.");
1525  return 0;
1526  }
1527  if (circ->purpose == CIRCUIT_PURPOSE_S_REND_JOINED &&
1528  layer_hint != TO_ORIGIN_CIRCUIT(circ)->cpath->prev) {
1529  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1530  "Relay begin request to Hidden Service "
1531  "from intermediary node. Dropping.");
1532  return 0;
1533  }
1534  if (conn) {
1535  log_fn(LOG_PROTOCOL_WARN, domain,
1536  "Begin cell for known stream. Dropping.");
1537  return 0;
1538  }
1539  if (rh.command == RELAY_COMMAND_BEGIN_DIR &&
1541  /* Assign this circuit and its app-ward OR connection a unique ID,
1542  * so that we can measure download times. The local edge and dir
1543  * connection will be assigned the same ID when they are created
1544  * and linked. */
1545  static uint64_t next_id = 0;
1546  circ->dirreq_id = ++next_id;
1547  TO_OR_CIRCUIT(circ)->p_chan->dirreq_id = circ->dirreq_id;
1548  }
1549  return connection_exit_begin_conn(cell, circ);
1550  case RELAY_COMMAND_DATA:
1552  if (( layer_hint && --layer_hint->deliver_window < 0) ||
1553  (!layer_hint && --circ->deliver_window < 0)) {
1554  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1555  "(relay data) circ deliver_window below 0. Killing.");
1556  if (conn) {
1557  /* XXXX Do we actually need to do this? Will killing the circuit
1558  * not send an END and mark the stream for close as appropriate? */
1559  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1560  connection_mark_for_close(TO_CONN(conn));
1561  }
1562  return -END_CIRC_REASON_TORPROTOCOL;
1563  }
1564  log_debug(domain,"circ deliver_window now %d.", layer_hint ?
1565  layer_hint->deliver_window : circ->deliver_window);
1566 
1567  circuit_consider_sending_sendme(circ, layer_hint);
1568 
1569  if (rh.stream_id == 0) {
1570  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Relay data cell with zero "
1571  "stream_id. Dropping.");
1572  return 0;
1573  } else if (!conn) {
1574  if (CIRCUIT_IS_ORIGIN(circ)) {
1575  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1577  rh.stream_id)) {
1578  circuit_read_valid_data(ocirc, rh.length);
1579  log_info(domain,
1580  "data cell on circ %u valid on half-closed "
1581  "stream id %d", ocirc->global_identifier, rh.stream_id);
1582  }
1583  }
1584 
1585  log_info(domain,"data cell dropped, unknown stream (streamid %d).",
1586  rh.stream_id);
1587  return 0;
1588  }
1589 
1590  if (--conn->deliver_window < 0) { /* is it below 0 after decrement? */
1591  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1592  "(relay data) conn deliver_window below 0. Killing.");
1593  return -END_CIRC_REASON_TORPROTOCOL;
1594  }
1595  /* Total all valid application bytes delivered */
1596  if (CIRCUIT_IS_ORIGIN(circ) && rh.length > 0) {
1598  }
1599 
1601  connection_buf_add((char*)(cell->payload + RELAY_HEADER_SIZE),
1602  rh.length, TO_CONN(conn));
1603 
1604 #ifdef MEASUREMENTS_21206
1605  /* Count number of RELAY_DATA cells received on a linked directory
1606  * connection. */
1607  connection_t *linked_conn = TO_CONN(conn)->linked_conn;
1608 
1609  if (linked_conn && linked_conn->type == CONN_TYPE_DIR) {
1610  ++(TO_DIR_CONN(linked_conn)->data_cells_received);
1611  }
1612 #endif /* defined(MEASUREMENTS_21206) */
1613 
1614  if (!optimistic_data) {
1615  /* Only send a SENDME if we're not getting optimistic data; otherwise
1616  * a SENDME could arrive before the CONNECTED.
1617  */
1619  }
1620 
1621  return 0;
1622  case RELAY_COMMAND_END:
1623  reason = rh.length > 0 ?
1624  get_uint8(cell->payload+RELAY_HEADER_SIZE) : END_STREAM_REASON_MISC;
1625  if (!conn) {
1626  if (CIRCUIT_IS_ORIGIN(circ)) {
1627  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1629  rh.stream_id)) {
1630 
1631  circuit_read_valid_data(ocirc, rh.length);
1632  log_info(domain,
1633  "end cell (%s) on circ %u valid on half-closed "
1634  "stream id %d",
1636  ocirc->global_identifier, rh.stream_id);
1637  return 0;
1638  }
1639  }
1640  log_info(domain,"end cell (%s) dropped, unknown stream.",
1641  stream_end_reason_to_string(reason));
1642  return 0;
1643  }
1644 /* XXX add to this log_fn the exit node's nickname? */
1645  log_info(domain,TOR_SOCKET_T_FORMAT": end cell (%s) for stream %d. "
1646  "Removing stream.",
1647  conn->base_.s,
1649  conn->stream_id);
1650  if (conn->base_.type == CONN_TYPE_AP) {
1651  entry_connection_t *entry_conn = EDGE_TO_ENTRY_CONN(conn);
1652  if (entry_conn->socks_request &&
1653  !entry_conn->socks_request->has_finished)
1654  log_warn(LD_BUG,
1655  "open stream hasn't sent socks answer yet? Closing.");
1656  }
1657  /* We just *got* an end; no reason to send one. */
1658  conn->edge_has_sent_end = 1;
1659  if (!conn->end_reason)
1660  conn->end_reason = reason | END_STREAM_REASON_FLAG_REMOTE;
1661  if (!conn->base_.marked_for_close) {
1662  /* only mark it if not already marked. it's possible to
1663  * get the 'end' right around when the client hangs up on us. */
1664  connection_mark_and_flush(TO_CONN(conn));
1665 
1666  /* Total all valid application bytes delivered */
1667  if (CIRCUIT_IS_ORIGIN(circ)) {
1669  }
1670  }
1671  return 0;
1672  case RELAY_COMMAND_EXTEND:
1673  case RELAY_COMMAND_EXTEND2: {
1674  static uint64_t total_n_extend=0, total_nonearly=0;
1675  total_n_extend++;
1676  if (rh.stream_id) {
1677  log_fn(LOG_PROTOCOL_WARN, domain,
1678  "'extend' cell received for non-zero stream. Dropping.");
1679  return 0;
1680  }
1681  if (cell->command != CELL_RELAY_EARLY &&
1682  !networkstatus_get_param(NULL,"AllowNonearlyExtend",0,0,1)) {
1683 #define EARLY_WARNING_INTERVAL 3600
1684  static ratelim_t early_warning_limit =
1685  RATELIM_INIT(EARLY_WARNING_INTERVAL);
1686  char *m;
1687  if (cell->command == CELL_RELAY) {
1688  ++total_nonearly;
1689  if ((m = rate_limit_log(&early_warning_limit, approx_time()))) {
1690  double percentage = ((double)total_nonearly)/total_n_extend;
1691  percentage *= 100;
1692  log_fn(LOG_PROTOCOL_WARN, domain, "EXTEND cell received, "
1693  "but not via RELAY_EARLY. Dropping.%s", m);
1694  log_fn(LOG_PROTOCOL_WARN, domain, " (We have dropped %.02f%% of "
1695  "all EXTEND cells for this reason)", percentage);
1696  tor_free(m);
1697  }
1698  } else {
1699  log_fn(LOG_WARN, domain,
1700  "EXTEND cell received, in a cell with type %d! Dropping.",
1701  cell->command);
1702  }
1703  return 0;
1704  }
1705  return circuit_extend(cell, circ);
1706  }
1707  case RELAY_COMMAND_EXTENDED:
1708  case RELAY_COMMAND_EXTENDED2:
1709  if (!layer_hint) {
1710  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1711  "'extended' unsupported at non-origin. Dropping.");
1712  return 0;
1713  }
1714  log_debug(domain,"Got an extended cell! Yay.");
1715  {
1716  extended_cell_t extended_cell;
1717  if (extended_cell_parse(&extended_cell, rh.command,
1718  (const uint8_t*)cell->payload+RELAY_HEADER_SIZE,
1719  rh.length)<0) {
1720  log_warn(LD_PROTOCOL,
1721  "Can't parse EXTENDED cell; killing circuit.");
1722  return -END_CIRC_REASON_TORPROTOCOL;
1723  }
1724  if ((reason = circuit_finish_handshake(TO_ORIGIN_CIRCUIT(circ),
1725  &extended_cell.created_cell)) < 0) {
1726  circuit_mark_for_close(circ, -reason);
1727  return 0; /* We don't want to cause a warning, so we mark the circuit
1728  * here. */
1729  }
1730  }
1731  if ((reason=circuit_send_next_onion_skin(TO_ORIGIN_CIRCUIT(circ)))<0) {
1732  log_info(domain,"circuit_send_next_onion_skin() failed.");
1733  return reason;
1734  }
1735  /* Total all valid bytes delivered. */
1736  if (CIRCUIT_IS_ORIGIN(circ)) {
1738  }
1739  return 0;
1740  case RELAY_COMMAND_TRUNCATE:
1741  if (layer_hint) {
1742  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1743  "'truncate' unsupported at origin. Dropping.");
1744  return 0;
1745  }
1746  if (circ->n_hop) {
1747  if (circ->n_chan)
1748  log_warn(LD_BUG, "n_chan and n_hop set on the same circuit!");
1749  extend_info_free(circ->n_hop);
1750  circ->n_hop = NULL;
1753  }
1754  if (circ->n_chan) {
1755  uint8_t trunc_reason = get_uint8(cell->payload + RELAY_HEADER_SIZE);
1756  circuit_synchronize_written_or_bandwidth(circ, CIRCUIT_N_CHAN);
1757  circuit_clear_cell_queue(circ, circ->n_chan);
1758  channel_send_destroy(circ->n_circ_id, circ->n_chan,
1759  trunc_reason);
1760  circuit_set_n_circid_chan(circ, 0, NULL);
1761  }
1762  log_debug(LD_EXIT, "Processed 'truncate', replying.");
1763  {
1764  char payload[1];
1765  payload[0] = (char)END_CIRC_REASON_REQUESTED;
1766  relay_send_command_from_edge(0, circ, RELAY_COMMAND_TRUNCATED,
1767  payload, sizeof(payload), NULL);
1768  }
1769  return 0;
1770  case RELAY_COMMAND_TRUNCATED:
1771  if (!layer_hint) {
1772  log_fn(LOG_PROTOCOL_WARN, LD_EXIT,
1773  "'truncated' unsupported at non-origin. Dropping.");
1774  return 0;
1775  }
1776 
1777  /* Count the truncated as valid, for completeness. The
1778  * circuit is being torn down anyway, though. */
1779  if (CIRCUIT_IS_ORIGIN(circ)) {
1781  rh.length);
1782  }
1784  get_uint8(cell->payload + RELAY_HEADER_SIZE));
1785  return 0;
1786  case RELAY_COMMAND_CONNECTED:
1787  if (conn) {
1788  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1789  "'connected' unsupported while open. Closing circ.");
1790  return -END_CIRC_REASON_TORPROTOCOL;
1791  }
1792 
1793  if (CIRCUIT_IS_ORIGIN(circ)) {
1794  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1796  rh.stream_id)) {
1797  circuit_read_valid_data(ocirc, rh.length);
1798  log_info(domain,
1799  "connected cell on circ %u valid on half-closed "
1800  "stream id %d", ocirc->global_identifier, rh.stream_id);
1801  return 0;
1802  }
1803  }
1804 
1805  log_info(domain,
1806  "'connected' received on circid %u for streamid %d, "
1807  "no conn attached anymore. Ignoring.",
1808  (unsigned)circ->n_circ_id, rh.stream_id);
1809  return 0;
1810  case RELAY_COMMAND_SENDME:
1811  if (!rh.stream_id) {
1812  if (layer_hint) {
1813  if (layer_hint->package_window + CIRCWINDOW_INCREMENT >
1814  CIRCWINDOW_START_MAX) {
1815  static struct ratelim_t exit_warn_ratelim = RATELIM_INIT(600);
1816  log_fn_ratelim(&exit_warn_ratelim, LOG_WARN, LD_PROTOCOL,
1817  "Unexpected sendme cell from exit relay. "
1818  "Closing circ.");
1819  return -END_CIRC_REASON_TORPROTOCOL;
1820  }
1821  layer_hint->package_window += CIRCWINDOW_INCREMENT;
1822  log_debug(LD_APP,"circ-level sendme at origin, packagewindow %d.",
1823  layer_hint->package_window);
1824  circuit_resume_edge_reading(circ, layer_hint);
1825 
1826  /* We count circuit-level sendme's as valid delivered data because
1827  * they are rate limited.
1828  */
1829  if (CIRCUIT_IS_ORIGIN(circ)) {
1831  rh.length);
1832  }
1833 
1834  } else {
1835  if (circ->package_window + CIRCWINDOW_INCREMENT >
1836  CIRCWINDOW_START_MAX) {
1837  static struct ratelim_t client_warn_ratelim = RATELIM_INIT(600);
1838  log_fn_ratelim(&client_warn_ratelim,LOG_PROTOCOL_WARN, LD_PROTOCOL,
1839  "Unexpected sendme cell from client. "
1840  "Closing circ (window %d).",
1841  circ->package_window);
1842  return -END_CIRC_REASON_TORPROTOCOL;
1843  }
1845  log_debug(LD_APP,
1846  "circ-level sendme at non-origin, packagewindow %d.",
1847  circ->package_window);
1848  circuit_resume_edge_reading(circ, layer_hint);
1849  }
1850  return 0;
1851  }
1852  if (!conn) {
1853  if (CIRCUIT_IS_ORIGIN(circ)) {
1854  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1856  rh.stream_id)) {
1857  circuit_read_valid_data(ocirc, rh.length);
1858  log_info(domain,
1859  "sendme cell on circ %u valid on half-closed "
1860  "stream id %d", ocirc->global_identifier, rh.stream_id);
1861  }
1862  }
1863 
1864  log_info(domain,"sendme cell dropped, unknown stream (streamid %d).",
1865  rh.stream_id);
1866  return 0;
1867  }
1868 
1869  /* Don't allow the other endpoint to request more than our maximum
1870  * (i.e. initial) stream SENDME window worth of data. Well-behaved
1871  * stock clients will not request more than this max (as per the check
1872  * in the while loop of connection_edge_consider_sending_sendme()).
1873  */
1875  STREAMWINDOW_START_MAX) {
1876  static struct ratelim_t stream_warn_ratelim = RATELIM_INIT(600);
1877  log_fn_ratelim(&stream_warn_ratelim, LOG_PROTOCOL_WARN, LD_PROTOCOL,
1878  "Unexpected stream sendme cell. Closing circ (window %d).",
1879  conn->package_window);
1880  return -END_CIRC_REASON_TORPROTOCOL;
1881  }
1882 
1883  /* At this point, the stream sendme is valid */
1884  if (CIRCUIT_IS_ORIGIN(circ)) {
1886  rh.length);
1887  }
1888 
1890  log_debug(domain,"stream-level sendme, packagewindow now %d.",
1891  conn->package_window);
1893  /* Still waiting for queue to flush; don't touch conn */
1894  return 0;
1895  }
1896  connection_start_reading(TO_CONN(conn));
1897  /* handle whatever might still be on the inbuf */
1898  if (connection_edge_package_raw_inbuf(conn, 1, NULL) < 0) {
1899  /* (We already sent an end cell if possible) */
1900  connection_mark_for_close(TO_CONN(conn));
1901  return 0;
1902  }
1903  return 0;
1904  case RELAY_COMMAND_RESOLVE:
1905  if (layer_hint) {
1906  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1907  "resolve request unsupported at AP; dropping.");
1908  return 0;
1909  } else if (conn) {
1910  log_fn(LOG_PROTOCOL_WARN, domain,
1911  "resolve request for known stream; dropping.");
1912  return 0;
1913  } else if (circ->purpose != CIRCUIT_PURPOSE_OR) {
1914  log_fn(LOG_PROTOCOL_WARN, domain,
1915  "resolve request on circ with purpose %d; dropping",
1916  circ->purpose);
1917  return 0;
1918  }
1920  return 0;
1921  case RELAY_COMMAND_RESOLVED:
1922  if (conn) {
1923  log_fn(LOG_PROTOCOL_WARN, domain,
1924  "'resolved' unsupported while open. Closing circ.");
1925  return -END_CIRC_REASON_TORPROTOCOL;
1926  }
1927 
1928  if (CIRCUIT_IS_ORIGIN(circ)) {
1929  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1931  rh.stream_id)) {
1932  circuit_read_valid_data(ocirc, rh.length);
1933  log_info(domain,
1934  "resolved cell on circ %u valid on half-closed "
1935  "stream id %d", ocirc->global_identifier, rh.stream_id);
1936  return 0;
1937  }
1938  }
1939 
1940  log_info(domain,
1941  "'resolved' received, no conn attached anymore. Ignoring.");
1942  return 0;
1943  case RELAY_COMMAND_ESTABLISH_INTRO:
1944  case RELAY_COMMAND_ESTABLISH_RENDEZVOUS:
1945  case RELAY_COMMAND_INTRODUCE1:
1946  case RELAY_COMMAND_INTRODUCE2:
1947  case RELAY_COMMAND_INTRODUCE_ACK:
1948  case RELAY_COMMAND_RENDEZVOUS1:
1949  case RELAY_COMMAND_RENDEZVOUS2:
1950  case RELAY_COMMAND_INTRO_ESTABLISHED:
1951  case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
1952  rend_process_relay_cell(circ, layer_hint,
1953  rh.command, rh.length,
1954  cell->payload+RELAY_HEADER_SIZE);
1955  return 0;
1956  }
1957  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1958  "Received unknown relay command %d. Perhaps the other side is using "
1959  "a newer version of Tor? Dropping.",
1960  rh.command);
1961  return 0; /* for forward compatibility, don't kill the circuit */
1962 }
1963 
1976 
1987 int
1989  int *max_cells)
1990 {
1991  size_t bytes_to_process, length;
1992  char payload[CELL_PAYLOAD_SIZE];
1993  circuit_t *circ;
1994  const unsigned domain = conn->base_.type == CONN_TYPE_AP ? LD_APP : LD_EXIT;
1995  int sending_from_optimistic = 0;
1996  entry_connection_t *entry_conn =
1997  conn->base_.type == CONN_TYPE_AP ? EDGE_TO_ENTRY_CONN(conn) : NULL;
1998  const int sending_optimistically =
1999  entry_conn &&
2000  conn->base_.type == CONN_TYPE_AP &&
2001  conn->base_.state != AP_CONN_STATE_OPEN;
2002  crypt_path_t *cpath_layer = conn->cpath_layer;
2003 
2004  tor_assert(conn);
2005 
2006  if (conn->base_.marked_for_close) {
2007  log_warn(LD_BUG,
2008  "called on conn that's already marked for close at %s:%d.",
2009  conn->base_.marked_for_close_file, conn->base_.marked_for_close);
2010  return 0;
2011  }
2012 
2013  if (max_cells && *max_cells <= 0)
2014  return 0;
2015 
2016  repeat_connection_edge_package_raw_inbuf:
2017 
2018  circ = circuit_get_by_edge_conn(conn);
2019  if (!circ) {
2020  log_info(domain,"conn has no circuit! Closing.");
2022  return -1;
2023  }
2024 
2025  if (circuit_consider_stop_edge_reading(circ, cpath_layer))
2026  return 0;
2027 
2028  if (conn->package_window <= 0) {
2029  log_info(domain,"called with package_window %d. Skipping.",
2030  conn->package_window);
2031  connection_stop_reading(TO_CONN(conn));
2032  return 0;
2033  }
2034 
2035  sending_from_optimistic = entry_conn &&
2036  entry_conn->sending_optimistic_data != NULL;
2037 
2038  if (PREDICT_UNLIKELY(sending_from_optimistic)) {
2039  bytes_to_process = buf_datalen(entry_conn->sending_optimistic_data);
2040  if (PREDICT_UNLIKELY(!bytes_to_process)) {
2041  log_warn(LD_BUG, "sending_optimistic_data was non-NULL but empty");
2042  bytes_to_process = connection_get_inbuf_len(TO_CONN(conn));
2043  sending_from_optimistic = 0;
2044  }
2045  } else {
2046  bytes_to_process = connection_get_inbuf_len(TO_CONN(conn));
2047  }
2048 
2049  if (!bytes_to_process)
2050  return 0;
2051 
2052  if (!package_partial && bytes_to_process < RELAY_PAYLOAD_SIZE)
2053  return 0;
2054 
2055  if (bytes_to_process > RELAY_PAYLOAD_SIZE) {
2056  length = RELAY_PAYLOAD_SIZE;
2057  } else {
2058  length = bytes_to_process;
2059  }
2060  stats_n_data_bytes_packaged += length;
2062 
2063  if (PREDICT_UNLIKELY(sending_from_optimistic)) {
2064  /* XXXX We could be more efficient here by sometimes packing
2065  * previously-sent optimistic data in the same cell with data
2066  * from the inbuf. */
2067  buf_get_bytes(entry_conn->sending_optimistic_data, payload, length);
2068  if (!buf_datalen(entry_conn->sending_optimistic_data)) {
2069  buf_free(entry_conn->sending_optimistic_data);
2070  entry_conn->sending_optimistic_data = NULL;
2071  }
2072  } else {
2073  connection_buf_get_bytes(payload, length, TO_CONN(conn));
2074  }
2075 
2076  log_debug(domain,TOR_SOCKET_T_FORMAT": Packaging %d bytes (%d waiting).",
2077  conn->base_.s,
2078  (int)length, (int)connection_get_inbuf_len(TO_CONN(conn)));
2079 
2080  if (sending_optimistically && !sending_from_optimistic) {
2081  /* This is new optimistic data; remember it in case we need to detach and
2082  retry */
2083  if (!entry_conn->pending_optimistic_data)
2084  entry_conn->pending_optimistic_data = buf_new();
2085  buf_add(entry_conn->pending_optimistic_data, payload, length);
2086  }
2087 
2088  if (connection_edge_send_command(conn, RELAY_COMMAND_DATA,
2089  payload, length) < 0 ) {
2090  /* circuit got marked for close, don't continue, don't need to mark conn */
2091  return 0;
2092  }
2093 
2094  if (!cpath_layer) { /* non-rendezvous exit */
2095  tor_assert(circ->package_window > 0);
2096  circ->package_window--;
2097  } else { /* we're an AP, or an exit on a rendezvous circ */
2098  tor_assert(cpath_layer->package_window > 0);
2099  cpath_layer->package_window--;
2100  }
2101 
2102  if (--conn->package_window <= 0) { /* is it 0 after decrement? */
2103  connection_stop_reading(TO_CONN(conn));
2104  log_debug(domain,"conn->package_window reached 0.");
2105  circuit_consider_stop_edge_reading(circ, cpath_layer);
2106  return 0; /* don't process the inbuf any more */
2107  }
2108  log_debug(domain,"conn->package_window is now %d",conn->package_window);
2109 
2110  if (max_cells) {
2111  *max_cells -= 1;
2112  if (*max_cells <= 0)
2113  return 0;
2114  }
2115 
2116  /* handle more if there's more, or return 0 if there isn't */
2117  goto repeat_connection_edge_package_raw_inbuf;
2118 }
2119 
2127 void
2129 {
2130  circuit_t *circ;
2131 
2133  return;
2134 
2135  circ = circuit_get_by_edge_conn(conn);
2136  if (!circ) {
2137  /* this can legitimately happen if the destroy has already
2138  * arrived and torn down the circuit */
2139  log_info(LD_APP,"No circuit associated with conn. Skipping.");
2140  return;
2141  }
2142 
2144  log_debug(conn->base_.type == CONN_TYPE_AP ?LD_APP:LD_EXIT,
2145  "Outbuf %d, Queuing stream sendme.",
2146  (int)conn->base_.outbuf_flushlen);
2148  if (connection_edge_send_command(conn, RELAY_COMMAND_SENDME,
2149  NULL, 0) < 0) {
2150  log_warn(LD_APP,"connection_edge_send_command failed. Skipping.");
2151  return; /* the circuit's closed, don't continue */
2152  }
2153  }
2154 }
2155 
2161 static void
2163 {
2165  log_debug(layer_hint?LD_APP:LD_EXIT,"Too big queue, no resuming");
2166  return;
2167  }
2168  log_debug(layer_hint?LD_APP:LD_EXIT,"resuming");
2169 
2170  if (CIRCUIT_IS_ORIGIN(circ))
2172  circ, layer_hint);
2173  else
2175  circ, layer_hint);
2176 }
2177 
2182 static int
2184  circuit_t *circ,
2185  crypt_path_t *layer_hint)
2186 {
2187  edge_connection_t *conn;
2188  int n_packaging_streams, n_streams_left;
2189  int packaged_this_round;
2190  int cells_on_queue;
2191  int cells_per_conn;
2192  edge_connection_t *chosen_stream = NULL;
2193  int max_to_package;
2194 
2195  if (first_conn == NULL) {
2196  /* Don't bother to try to do the rest of this if there are no connections
2197  * to resume. */
2198  return 0;
2199  }
2200 
2201  /* How many cells do we have space for? It will be the minimum of
2202  * the number needed to exhaust the package window, and the minimum
2203  * needed to fill the cell queue. */
2204  max_to_package = circ->package_window;
2205  if (CIRCUIT_IS_ORIGIN(circ)) {
2206  cells_on_queue = circ->n_chan_cells.n;
2207  } else {
2208  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
2209  cells_on_queue = or_circ->p_chan_cells.n;
2210  }
2211  if (CELL_QUEUE_HIGHWATER_SIZE - cells_on_queue < max_to_package)
2212  max_to_package = CELL_QUEUE_HIGHWATER_SIZE - cells_on_queue;
2213 
2214  /* Once we used to start listening on the streams in the order they
2215  * appeared in the linked list. That leads to starvation on the
2216  * streams that appeared later on the list, since the first streams
2217  * would always get to read first. Instead, we just pick a random
2218  * stream on the list, and enable reading for streams starting at that
2219  * point (and wrapping around as if the list were circular). It would
2220  * probably be better to actually remember which streams we've
2221  * serviced in the past, but this is simple and effective. */
2222 
2223  /* Select a stream uniformly at random from the linked list. We
2224  * don't need cryptographic randomness here. */
2225  {
2226  int num_streams = 0;
2227  for (conn = first_conn; conn; conn = conn->next_stream) {
2228  num_streams++;
2229 
2230  if (crypto_fast_rng_one_in_n(get_thread_fast_rng(), num_streams)) {
2231  chosen_stream = conn;
2232  }
2233  /* Invariant: chosen_stream has been chosen uniformly at random from
2234  * among the first num_streams streams on first_conn.
2235  *
2236  * (Note that we iterate over every stream on the circuit, so that after
2237  * we've considered the first stream, we've chosen it with P=1; and
2238  * after we consider the second stream, we've switched to it with P=1/2
2239  * and stayed with the first stream with P=1/2; and after we've
2240  * considered the third stream, we've switched to it with P=1/3 and
2241  * remained with one of the first two streams with P=(2/3), giving each
2242  * one P=(1/2)(2/3) )=(1/3).) */
2243  }
2244  }
2245 
2246  /* Count how many non-marked streams there are that have anything on
2247  * their inbuf, and enable reading on all of the connections. */
2248  n_packaging_streams = 0;
2249  /* Activate reading starting from the chosen stream */
2250  for (conn=chosen_stream; conn; conn = conn->next_stream) {
2251  /* Start reading for the streams starting from here */
2252  if (conn->base_.marked_for_close || conn->package_window <= 0)
2253  continue;
2254  if (!layer_hint || conn->cpath_layer == layer_hint) {
2255  connection_start_reading(TO_CONN(conn));
2256 
2257  if (connection_get_inbuf_len(TO_CONN(conn)) > 0)
2258  ++n_packaging_streams;
2259  }
2260  }
2261  /* Go back and do the ones we skipped, circular-style */
2262  for (conn = first_conn; conn != chosen_stream; conn = conn->next_stream) {
2263  if (conn->base_.marked_for_close || conn->package_window <= 0)
2264  continue;
2265  if (!layer_hint || conn->cpath_layer == layer_hint) {
2266  connection_start_reading(TO_CONN(conn));
2267 
2268  if (connection_get_inbuf_len(TO_CONN(conn)) > 0)
2269  ++n_packaging_streams;
2270  }
2271  }
2272 
2273  if (n_packaging_streams == 0) /* avoid divide-by-zero */
2274  return 0;
2275 
2276  again:
2277 
2278  cells_per_conn = CEIL_DIV(max_to_package, n_packaging_streams);
2279 
2280  packaged_this_round = 0;
2281  n_streams_left = 0;
2282 
2283  /* Iterate over all connections. Package up to cells_per_conn cells on
2284  * each. Update packaged_this_round with the total number of cells
2285  * packaged, and n_streams_left with the number that still have data to
2286  * package.
2287  */
2288  for (conn=first_conn; conn; conn=conn->next_stream) {
2289  if (conn->base_.marked_for_close || conn->package_window <= 0)
2290  continue;
2291  if (!layer_hint || conn->cpath_layer == layer_hint) {
2292  int n = cells_per_conn, r;
2293  /* handle whatever might still be on the inbuf */
2294  r = connection_edge_package_raw_inbuf(conn, 1, &n);
2295 
2296  /* Note how many we packaged */
2297  packaged_this_round += (cells_per_conn-n);
2298 
2299  if (r<0) {
2300  /* Problem while packaging. (We already sent an end cell if
2301  * possible) */
2302  connection_mark_for_close(TO_CONN(conn));
2303  continue;
2304  }
2305 
2306  /* If there's still data to read, we'll be coming back to this stream. */
2307  if (connection_get_inbuf_len(TO_CONN(conn)))
2308  ++n_streams_left;
2309 
2310  /* If the circuit won't accept any more data, return without looking
2311  * at any more of the streams. Any connections that should be stopped
2312  * have already been stopped by connection_edge_package_raw_inbuf. */
2313  if (circuit_consider_stop_edge_reading(circ, layer_hint))
2314  return -1;
2315  /* XXXX should we also stop immediately if we fill up the cell queue?
2316  * Probably. */
2317  }
2318  }
2319 
2320  /* If we made progress, and we are willing to package more, and there are
2321  * any streams left that want to package stuff... try again!
2322  */
2323  if (packaged_this_round && packaged_this_round < max_to_package &&
2324  n_streams_left) {
2325  max_to_package -= packaged_this_round;
2326  n_packaging_streams = n_streams_left;
2327  goto again;
2328  }
2329 
2330  return 0;
2331 }
2332 
2339 static int
2341 {
2342  edge_connection_t *conn = NULL;
2343  unsigned domain = layer_hint ? LD_APP : LD_EXIT;
2344 
2345  if (!layer_hint) {
2346  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
2347  log_debug(domain,"considering circ->package_window %d",
2348  circ->package_window);
2349  if (circ->package_window <= 0) {
2350  log_debug(domain,"yes, not-at-origin. stopped.");
2351  for (conn = or_circ->n_streams; conn; conn=conn->next_stream)
2352  connection_stop_reading(TO_CONN(conn));
2353  return 1;
2354  }
2355  return 0;
2356  }
2357  /* else, layer hint is defined, use it */
2358  log_debug(domain,"considering layer_hint->package_window %d",
2359  layer_hint->package_window);
2360  if (layer_hint->package_window <= 0) {
2361  log_debug(domain,"yes, at-origin. stopped.");
2362  for (conn = TO_ORIGIN_CIRCUIT(circ)->p_streams; conn;
2363  conn=conn->next_stream) {
2364  if (conn->cpath_layer == layer_hint)
2365  connection_stop_reading(TO_CONN(conn));
2366  }
2367  return 1;
2368  }
2369  return 0;
2370 }
2371 
2378 static void
2380 {
2381 // log_fn(LOG_INFO,"Considering: layer_hint is %s",
2382 // layer_hint ? "defined" : "null");
2383  while ((layer_hint ? layer_hint->deliver_window : circ->deliver_window) <=
2385  log_debug(LD_CIRC,"Queuing circuit sendme.");
2386  if (layer_hint)
2387  layer_hint->deliver_window += CIRCWINDOW_INCREMENT;
2388  else
2390  if (relay_send_command_from_edge(0, circ, RELAY_COMMAND_SENDME,
2391  NULL, 0, layer_hint) < 0) {
2392  log_warn(LD_CIRC,
2393  "relay_send_command_from_edge failed. Circuit's closed.");
2394  return; /* the circuit's closed, don't continue */
2395  }
2396  }
2397 }
2398 
2400 static size_t total_cells_allocated = 0;
2401 
2403 static inline void
2405 {
2407  tor_free(cell);
2408 }
2409 
2411 STATIC packed_cell_t *
2413 {
2415  return tor_malloc_zero(sizeof(packed_cell_t));
2416 }
2417 
2419 void
2421 {
2422  if (!cell)
2423  return;
2425 }
2426 
2429 void
2431 {
2432  int n_circs = 0;
2433  int n_cells = 0;
2434  SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, c) {
2435  n_cells += c->n_chan_cells.n;
2436  if (!CIRCUIT_IS_ORIGIN(c))
2437  n_cells += TO_OR_CIRCUIT(c)->p_chan_cells.n;
2438  ++n_circs;
2439  }
2440  SMARTLIST_FOREACH_END(c);
2441  tor_log(severity, LD_MM,
2442  "%d cells allocated on %d circuits. %d cells leaked.",
2443  n_cells, n_circs, (int)total_cells_allocated - n_cells);
2444 }
2445 
2447 static inline packed_cell_t *
2448 packed_cell_copy(const cell_t *cell, int wide_circ_ids)
2449 {
2451  cell_pack(c, cell, wide_circ_ids);
2452  return c;
2453 }
2454 
2456 void
2458 {
2459  TOR_SIMPLEQ_INSERT_TAIL(&queue->head, cell, next);
2460  ++queue->n;
2461 }
2462 
2467 void
2469  int exitward, const cell_t *cell,
2470  int wide_circ_ids, int use_stats)
2471 {
2472  packed_cell_t *copy = packed_cell_copy(cell, wide_circ_ids);
2473  (void)circ;
2474  (void)exitward;
2475  (void)use_stats;
2476 
2478 
2479  cell_queue_append(queue, copy);
2480 }
2481 
2483 void
2485 {
2486  memset(queue, 0, sizeof(cell_queue_t));
2487  TOR_SIMPLEQ_INIT(&queue->head);
2488 }
2489 
2491 void
2493 {
2494  packed_cell_t *cell;
2495  while ((cell = TOR_SIMPLEQ_FIRST(&queue->head))) {
2496  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2498  }
2499  TOR_SIMPLEQ_INIT(&queue->head);
2500  queue->n = 0;
2501 }
2502 
2505 STATIC packed_cell_t *
2507 {
2508  packed_cell_t *cell = TOR_SIMPLEQ_FIRST(&queue->head);
2509  if (!cell)
2510  return NULL;
2511  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2512  --queue->n;
2513  return cell;
2514 }
2515 
2517 void
2519 {
2520  memset(queue, 0, sizeof(destroy_cell_queue_t));
2521  TOR_SIMPLEQ_INIT(&queue->head);
2522 }
2523 
2525 void
2527 {
2528  destroy_cell_t *cell;
2529  while ((cell = TOR_SIMPLEQ_FIRST(&queue->head))) {
2530  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2531  tor_free(cell);
2532  }
2533  TOR_SIMPLEQ_INIT(&queue->head);
2534  queue->n = 0;
2535 }
2536 
2539 STATIC destroy_cell_t *
2541 {
2542  destroy_cell_t *cell = TOR_SIMPLEQ_FIRST(&queue->head);
2543  if (!cell)
2544  return NULL;
2545  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2546  --queue->n;
2547  return cell;
2548 }
2549 
2551 void
2553  circid_t circid,
2554  uint8_t reason)
2555 {
2556  destroy_cell_t *cell = tor_malloc_zero(sizeof(destroy_cell_t));
2557  cell->circid = circid;
2558  cell->reason = reason;
2559  /* Not yet used, but will be required for OOM handling. */
2561 
2562  TOR_SIMPLEQ_INSERT_TAIL(&queue->head, cell, next);
2563  ++queue->n;
2564 }
2565 
2567 static packed_cell_t *
2569 {
2570  packed_cell_t *packed = packed_cell_new();
2571  cell_t cell;
2572  memset(&cell, 0, sizeof(cell));
2573  cell.circ_id = inp->circid;
2574  cell.command = CELL_DESTROY;
2575  cell.payload[0] = inp->reason;
2576  cell_pack(packed, &cell, wide_circ_ids);
2577 
2578  tor_free(inp);
2579  return packed;
2580 }
2581 
2584 size_t
2586 {
2587  return sizeof(packed_cell_t);
2588 }
2589 
2590 /* DOCDOC */
2591 size_t
2592 cell_queues_get_total_allocation(void)
2593 {
2595 }
2596 
2598 #define MEMORY_PRESSURE_INTERVAL (30*60)
2599 
2602 
2605 STATIC int
2607 {
2608  time_t now = time(NULL);
2609  size_t alloc = cell_queues_get_total_allocation();
2611  alloc += buf_get_total_allocation();
2613  const size_t rend_cache_total = rend_cache_get_total_allocation();
2614  alloc += rend_cache_total;
2615  const size_t geoip_client_cache_total =
2616  geoip_client_cache_total_allocation();
2617  alloc += geoip_client_cache_total;
2618  const size_t dns_cache_total = dns_cache_total_allocation();
2619  alloc += dns_cache_total;
2620  if (alloc >= get_options()->MaxMemInQueues_low_threshold) {
2622  if (alloc >= get_options()->MaxMemInQueues) {
2623  /* If we're spending over 20% of the memory limit on hidden service
2624  * descriptors, free them until we're down to 10%. Do the same for geoip
2625  * client cache. */
2626  if (rend_cache_total > get_options()->MaxMemInQueues / 5) {
2627  const size_t bytes_to_remove =
2628  rend_cache_total - (size_t)(get_options()->MaxMemInQueues / 10);
2629  alloc -= hs_cache_handle_oom(now, bytes_to_remove);
2630  }
2631  if (geoip_client_cache_total > get_options()->MaxMemInQueues / 5) {
2632  const size_t bytes_to_remove =
2633  geoip_client_cache_total -
2634  (size_t)(get_options()->MaxMemInQueues / 10);
2635  alloc -= geoip_client_cache_handle_oom(now, bytes_to_remove);
2636  }
2637  if (dns_cache_total > get_options()->MaxMemInQueues / 5) {
2638  const size_t bytes_to_remove =
2639  dns_cache_total - (size_t)(get_options()->MaxMemInQueues / 10);
2640  alloc -= dns_cache_handle_oom(now, bytes_to_remove);
2641  }
2642  circuits_handle_oom(alloc);
2643  return 1;
2644  }
2645  }
2646  return 0;
2647 }
2648 
2651 int
2653 {
2655  < approx_time();
2656 }
2657 
2662 void
2664  const char *file, int lineno)
2665 {
2666  channel_t *chan = NULL;
2667  or_circuit_t *or_circ = NULL;
2668  circuitmux_t *cmux = NULL;
2669 
2670  tor_assert(circ);
2671 
2672  /* Okay, get the channel */
2673  if (direction == CELL_DIRECTION_OUT) {
2674  chan = circ->n_chan;
2675  } else {
2676  or_circ = TO_OR_CIRCUIT(circ);
2677  chan = or_circ->p_chan;
2678  }
2679 
2680  tor_assert(chan);
2681  tor_assert(chan->cmux);
2682 
2683  /* Now get the cmux */
2684  cmux = chan->cmux;
2685 
2686  /* Cmux sanity check */
2687  if (! circuitmux_is_circuit_attached(cmux, circ)) {
2688  log_warn(LD_BUG, "called on non-attached circuit from %s:%d",
2689  file, lineno);
2690  return;
2691  }
2692  tor_assert(circuitmux_attached_circuit_direction(cmux, circ) == direction);
2693 
2694  /* Update the number of cells we have for the circuit mux */
2695  if (direction == CELL_DIRECTION_OUT) {
2696  circuitmux_set_num_cells(cmux, circ, circ->n_chan_cells.n);
2697  } else {
2698  circuitmux_set_num_cells(cmux, circ, or_circ->p_chan_cells.n);
2699  }
2700 }
2701 
2707 void
2709 {
2710  tor_assert(chan);
2711  tor_assert(chan->cmux);
2712 
2713  circuitmux_detach_all_circuits(chan->cmux, circuits_out);
2714  chan->num_n_circuits = 0;
2715  chan->num_p_circuits = 0;
2716 }
2717 
2727 static int
2729  int block, streamid_t stream_id)
2730 {
2731  edge_connection_t *edge = NULL;
2732  int n = 0;
2733  if (circ->n_chan == chan) {
2734  circ->streams_blocked_on_n_chan = block;
2735  if (CIRCUIT_IS_ORIGIN(circ))
2736  edge = TO_ORIGIN_CIRCUIT(circ)->p_streams;
2737  } else {
2738  circ->streams_blocked_on_p_chan = block;
2739  tor_assert(!CIRCUIT_IS_ORIGIN(circ));
2740  edge = TO_OR_CIRCUIT(circ)->n_streams;
2741  }
2742 
2743  for (; edge; edge = edge->next_stream) {
2744  connection_t *conn = TO_CONN(edge);
2745  if (stream_id && edge->stream_id != stream_id)
2746  continue;
2747 
2748  if (edge->edge_blocked_on_circ != block) {
2749  ++n;
2750  edge->edge_blocked_on_circ = block;
2751  }
2752 
2753  if (!conn->read_event) {
2754  /* This connection is a placeholder for something; probably a DNS
2755  * request. It can't actually stop or start reading.*/
2756  continue;
2757  }
2758 
2759  if (block) {
2760  if (connection_is_reading(conn))
2761  connection_stop_reading(conn);
2762  } else {
2763  /* Is this right? */
2764  if (!connection_is_reading(conn))
2765  connection_start_reading(conn);
2766  }
2767  }
2768 
2769  return n;
2770 }
2771 
2773 static uint8_t
2774 packed_cell_get_command(const packed_cell_t *cell, int wide_circ_ids)
2775 {
2776  if (wide_circ_ids) {
2777  return get_uint8(cell->body+4);
2778  } else {
2779  return get_uint8(cell->body+2);
2780  }
2781 }
2782 
2784 circid_t
2785 packed_cell_get_circid(const packed_cell_t *cell, int wide_circ_ids)
2786 {
2787  if (wide_circ_ids) {
2788  return ntohl(get_uint32(cell->body));
2789  } else {
2790  return ntohs(get_uint16(cell->body));
2791  }
2792 }
2793 
2799 channel_flush_from_first_active_circuit, (channel_t *chan, int max))
2800 {
2801  circuitmux_t *cmux = NULL;
2802  int n_flushed = 0;
2803  cell_queue_t *queue;
2804  destroy_cell_queue_t *destroy_queue=NULL;
2805  circuit_t *circ;
2806  or_circuit_t *or_circ;
2807  int streams_blocked;
2808  packed_cell_t *cell;
2809 
2810  /* Get the cmux */
2811  tor_assert(chan);
2812  tor_assert(chan->cmux);
2813  cmux = chan->cmux;
2814 
2815  /* Main loop: pick a circuit, send a cell, update the cmux */
2816  while (n_flushed < max) {
2817  circ = circuitmux_get_first_active_circuit(cmux, &destroy_queue);
2818  if (destroy_queue) {
2819  destroy_cell_t *dcell;
2820  /* this code is duplicated from some of the logic below. Ugly! XXXX */
2821  /* If we are given a destroy_queue here, then it is required to be
2822  * nonempty... */
2823  tor_assert(destroy_queue->n > 0);
2824  dcell = destroy_cell_queue_pop(destroy_queue);
2825  /* ...and pop() will always yield a cell from a nonempty queue. */
2826  tor_assert(dcell);
2827  /* frees dcell */
2828  cell = destroy_cell_to_packed_cell(dcell, chan->wide_circ_ids);
2829  /* Send the DESTROY cell. It is very unlikely that this fails but just
2830  * in case, get rid of the channel. */
2831  if (channel_write_packed_cell(chan, cell) < 0) {
2832  /* The cell has been freed. */
2833  channel_mark_for_close(chan);
2834  continue;
2835  }
2836  /* Update the cmux destroy counter */
2838  cell = NULL;
2839  ++n_flushed;
2840  continue;
2841  }
2842  /* If it returns NULL, no cells left to send */
2843  if (!circ) break;
2844 
2845  if (circ->n_chan == chan) {
2846  queue = &circ->n_chan_cells;
2847  streams_blocked = circ->streams_blocked_on_n_chan;
2848  } else {
2849  or_circ = TO_OR_CIRCUIT(circ);
2850  tor_assert(or_circ->p_chan == chan);
2851  queue = &TO_OR_CIRCUIT(circ)->p_chan_cells;
2852  streams_blocked = circ->streams_blocked_on_p_chan;
2853  }
2854 
2855  /* Circuitmux told us this was active, so it should have cells */
2856  if (/*BUG(*/ queue->n == 0 /*)*/) {
2857  log_warn(LD_BUG, "Found a supposedly active circuit with no cells "
2858  "to send. Trying to recover.");
2859  circuitmux_set_num_cells(cmux, circ, 0);
2860  if (! circ->marked_for_close)
2861  circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL);
2862  continue;
2863  }
2864 
2865  tor_assert(queue->n > 0);
2866 
2867  /*
2868  * Get just one cell here; once we've sent it, that can change the circuit
2869  * selection, so we have to loop around for another even if this circuit
2870  * has more than one.
2871  */
2872  cell = cell_queue_pop(queue);
2873 
2874  /* Calculate the exact time that this cell has spent in the queue. */
2875  if (get_options()->CellStatistics ||
2876  get_options()->TestingEnableCellStatsEvent) {
2877  uint32_t timestamp_now = monotime_coarse_get_stamp();
2878  uint32_t msec_waiting =
2880  timestamp_now - cell->inserted_timestamp);
2881 
2882  if (get_options()->CellStatistics && !CIRCUIT_IS_ORIGIN(circ)) {
2883  or_circ = TO_OR_CIRCUIT(circ);
2884  or_circ->total_cell_waiting_time += msec_waiting;
2885  or_circ->processed_cells++;
2886  }
2887 
2888  if (get_options()->TestingEnableCellStatsEvent) {
2889  uint8_t command = packed_cell_get_command(cell, chan->wide_circ_ids);
2890 
2892  tor_malloc_zero(sizeof(testing_cell_stats_entry_t));
2893  ent->command = command;
2894  ent->waiting_time = msec_waiting / 10;
2895  ent->removed = 1;
2896  if (circ->n_chan == chan)
2897  ent->exitward = 1;
2898  if (!circ->testing_cell_stats)
2899  circ->testing_cell_stats = smartlist_new();
2900  smartlist_add(circ->testing_cell_stats, ent);
2901  }
2902  }
2903 
2904  /* If we just flushed our queue and this circuit is used for a
2905  * tunneled directory request, possibly advance its state. */
2906  if (queue->n == 0 && chan->dirreq_id)
2908  DIRREQ_TUNNELED,
2910 
2911  /* Now send the cell. It is very unlikely that this fails but just in
2912  * case, get rid of the channel. */
2913  if (channel_write_packed_cell(chan, cell) < 0) {
2914  /* The cell has been freed at this point. */
2915  channel_mark_for_close(chan);
2916  continue;
2917  }
2918  cell = NULL;
2919 
2920  /*
2921  * Don't packed_cell_free_unchecked(cell) here because the channel will
2922  * do so when it gets out of the channel queue (probably already did, in
2923  * which case that was an immediate double-free bug).
2924  */
2925 
2926  /* Update the counter */
2927  ++n_flushed;
2928 
2929  /*
2930  * Now update the cmux; tell it we've just sent a cell, and how many
2931  * we have left.
2932  */
2933  circuitmux_notify_xmit_cells(cmux, circ, 1);
2934  circuitmux_set_num_cells(cmux, circ, queue->n);
2935  if (queue->n == 0)
2936  log_debug(LD_GENERAL, "Made a circuit inactive.");
2937 
2938  /* Is the cell queue low enough to unblock all the streams that are waiting
2939  * to write to this circuit? */
2940  if (streams_blocked && queue->n <= CELL_QUEUE_LOWWATER_SIZE)
2941  set_streams_blocked_on_circ(circ, chan, 0, 0); /* unblock streams */
2942 
2943  /* If n_flushed < max still, loop around and pick another circuit */
2944  }
2945 
2946  /* Okay, we're done sending now */
2947  return n_flushed;
2948 }
2949 
2950 /* Minimum value is the maximum circuit window size.
2951  *
2952  * SENDME cells makes it that we can control how many cells can be inflight on
2953  * a circuit from end to end. This logic makes it that on any circuit cell
2954  * queue, we have a maximum of cells possible.
2955  *
2956  * Because the Tor protocol allows for a client to exit at any hop in a
2957  * circuit and a circuit can be of a maximum of 8 hops, so in theory the
2958  * normal worst case will be the circuit window start value times the maximum
2959  * number of hops (8). Having more cells then that means something is wrong.
2960  *
2961  * However, because padding cells aren't counted in the package window, we set
2962  * the maximum size to a reasonably large size for which we expect that we'll
2963  * never reach in theory. And if we ever do because of future changes, we'll
2964  * be able to control it with a consensus parameter.
2965  *
2966  * XXX: Unfortunately, END cells aren't accounted for in the circuit window
2967  * which means that for instance if a client opens 8001 streams, the 8001
2968  * following END cells will queue up in the circuit which will get closed if
2969  * the max limit is 8000. Which is sad because it is allowed by the Tor
2970  * protocol. But, we need an upper bound on circuit queue in order to avoid
2971  * DoS memory pressure so the default size is a middle ground between not
2972  * having any limit and having a very restricted one. This is why we can also
2973  * control it through a consensus parameter. */
2974 #define RELAY_CIRC_CELL_QUEUE_SIZE_MIN CIRCWINDOW_START_MAX
2975 /* We can't have a consensus parameter above this value. */
2976 #define RELAY_CIRC_CELL_QUEUE_SIZE_MAX INT32_MAX
2977 /* Default value is set to a large value so we can handle padding cells
2978  * properly which aren't accounted for in the SENDME window. Default is 50000
2979  * allowed cells in the queue resulting in ~25MB. */
2980 #define RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT \
2981  (50 * RELAY_CIRC_CELL_QUEUE_SIZE_MIN)
2982 
2983 /* The maximum number of cell a circuit queue can contain. This is updated at
2984  * every new consensus and controlled by a parameter. */
2985 static int32_t max_circuit_cell_queue_size =
2986  RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT;
2987 
2988 /* Called when the consensus has changed. At this stage, the global consensus
2989  * object has NOT been updated. It is called from
2990  * notify_before_networkstatus_changes(). */
2991 void
2992 relay_consensus_has_changed(const networkstatus_t *ns)
2993 {
2994  tor_assert(ns);
2995 
2996  /* Update the circuit max cell queue size from the consensus. */
2997  max_circuit_cell_queue_size =
2998  networkstatus_get_param(ns, "circ_max_cell_queue_size",
2999  RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT,
3000  RELAY_CIRC_CELL_QUEUE_SIZE_MIN,
3001  RELAY_CIRC_CELL_QUEUE_SIZE_MAX);
3002 }
3003 
3011 void
3013  cell_t *cell, cell_direction_t direction,
3014  streamid_t fromstream)
3015 {
3016  or_circuit_t *orcirc = NULL;
3017  cell_queue_t *queue;
3018  int streams_blocked;
3019  int exitward;
3020  if (circ->marked_for_close)
3021  return;
3022 
3023  exitward = (direction == CELL_DIRECTION_OUT);
3024  if (exitward) {
3025  queue = &circ->n_chan_cells;
3026  streams_blocked = circ->streams_blocked_on_n_chan;
3027  } else {
3028  orcirc = TO_OR_CIRCUIT(circ);
3029  queue = &orcirc->p_chan_cells;
3030  streams_blocked = circ->streams_blocked_on_p_chan;
3031  }
3032 
3033  if (PREDICT_UNLIKELY(queue->n >= max_circuit_cell_queue_size)) {
3034  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
3035  "%s circuit has %d cells in its queue, maximum allowed is %d. "
3036  "Closing circuit for safety reasons.",
3037  (exitward) ? "Outbound" : "Inbound", queue->n,
3038  max_circuit_cell_queue_size);
3039  circuit_mark_for_close(circ, END_CIRC_REASON_RESOURCELIMIT);
3041  return;
3042  }
3043 
3044  /* Very important that we copy to the circuit queue because all calls to
3045  * this function use the stack for the cell memory. */
3046  cell_queue_append_packed_copy(circ, queue, exitward, cell,
3047  chan->wide_circ_ids, 1);
3048 
3049  /* Check and run the OOM if needed. */
3050  if (PREDICT_UNLIKELY(cell_queues_check_size())) {
3051  /* We ran the OOM handler which might have closed this circuit. */
3052  if (circ->marked_for_close)
3053  return;
3054  }
3055 
3056  /* If we have too many cells on the circuit, we should stop reading from
3057  * the edge streams for a while. */
3058  if (!streams_blocked && queue->n >= CELL_QUEUE_HIGHWATER_SIZE)
3059  set_streams_blocked_on_circ(circ, chan, 1, 0); /* block streams */
3060 
3061  if (streams_blocked && fromstream) {
3062  /* This edge connection is apparently not blocked; block it. */
3063  set_streams_blocked_on_circ(circ, chan, 1, fromstream);
3064  }
3065 
3066  update_circuit_on_cmux(circ, direction);
3067  if (queue->n == 1) {
3068  /* This was the first cell added to the queue. We just made this
3069  * circuit active. */
3070  log_debug(LD_GENERAL, "Made a circuit active.");
3071  }
3072 
3073  /* New way: mark this as having waiting cells for the scheduler */
3074  scheduler_channel_has_waiting_cells(chan);
3075 }
3076 
3084 int
3085 append_address_to_payload(uint8_t *payload_out, const tor_addr_t *addr)
3086 {
3087  uint32_t a;
3088  switch (tor_addr_family(addr)) {
3089  case AF_INET:
3090  payload_out[0] = RESOLVED_TYPE_IPV4;
3091  payload_out[1] = 4;
3092  a = tor_addr_to_ipv4n(addr);
3093  memcpy(payload_out+2, &a, 4);
3094  return 6;
3095  case AF_INET6:
3096  payload_out[0] = RESOLVED_TYPE_IPV6;
3097  payload_out[1] = 16;
3098  memcpy(payload_out+2, tor_addr_to_in6_addr8(addr), 16);
3099  return 18;
3100  case AF_UNSPEC:
3101  default:
3102  return -1;
3103  }
3104 }
3105 
3110 const uint8_t *
3111 decode_address_from_payload(tor_addr_t *addr_out, const uint8_t *payload,
3112  int payload_len)
3113 {
3114  if (payload_len < 2)
3115  return NULL;
3116  if (payload_len < 2+payload[1])
3117  return NULL;
3118 
3119  switch (payload[0]) {
3120  case RESOLVED_TYPE_IPV4:
3121  if (payload[1] != 4)
3122  return NULL;
3123  tor_addr_from_ipv4n(addr_out, get_uint32(payload+2));
3124  break;
3125  case RESOLVED_TYPE_IPV6:
3126  if (payload[1] != 16)
3127  return NULL;
3128  tor_addr_from_ipv6_bytes(addr_out, (char*)(payload+2));
3129  break;
3130  default:
3131  tor_addr_make_unspec(addr_out);
3132  break;
3133  }
3134  return payload + 2 + payload[1];
3135 }
3136 
3138 void
3140 {
3141  cell_queue_t *queue;
3142  cell_direction_t direction;
3143 
3144  if (circ->n_chan == chan) {
3145  queue = &circ->n_chan_cells;
3146  direction = CELL_DIRECTION_OUT;
3147  } else {
3148  or_circuit_t *orcirc = TO_OR_CIRCUIT(circ);
3149  tor_assert(orcirc->p_chan == chan);
3150  queue = &orcirc->p_chan_cells;
3151  direction = CELL_DIRECTION_IN;
3152  }
3153 
3154  /* Clear the queue */
3155  cell_queue_clear(queue);
3156 
3157  /* Update the cell counter in the cmux */
3158  if (chan->cmux && circuitmux_is_circuit_attached(chan->cmux, circ))
3159  update_circuit_on_cmux(circ, direction);
3160 }
3161 
3165 static int
3167 {
3168  if (CIRCUIT_IS_ORIGIN(circ)) {
3169  return circ->streams_blocked_on_n_chan;
3170  } else {
3171  return circ->streams_blocked_on_p_chan;
3172  }
3173 }
#define RELAY_PAYLOAD_SIZE
Definition: or.h:605
tor_socket_t s
Definition: connection_st.h:88
uint64_t stats_n_data_cells_received
Definition: relay.c:1971
void connection_edge_consider_sending_sendme(edge_connection_t *conn)
Definition: relay.c:2128
#define AP_CONN_STATE_CONNECT_WAIT
int channel_is_client(const channel_t *chan)
Definition: channel.c:2913
void tor_addr_from_ipv4n(tor_addr_t *dest, uint32_t v4addr)
Definition: address.c:873
Header file for rendcommon.c.
static int circuit_queue_streams_are_blocked(circuit_t *circ)
Definition: relay.c:3166
STATIC void address_ttl_free_(address_ttl_t *addr)
Definition: relay.c:1031
STATIC destroy_cell_t * destroy_cell_queue_pop(destroy_cell_queue_t *queue)
Definition: relay.c:2540
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
Definition: address.c:328
void geoip_change_dirreq_state(uint64_t dirreq_id, dirreq_type_t type, dirreq_state_t new_state)
Definition: geoip_stats.c:550
STATIC int connected_cell_parse(const relay_header_t *rh, const cell_t *cell, tor_addr_t *addr_out, int *ttl_out)
Definition: relay.c:993
#define AP_CONN_STATE_RESOLVE_WAIT
#define CELL_QUEUE_HIGHWATER_SIZE
Definition: relay.c:118
unsigned int chosen_exit_retries
static int connection_edge_process_relay_cell_not_open(relay_header_t *rh, cell_t *cell, circuit_t *circ, edge_connection_t *conn, crypt_path_t *layer_hint)
Definition: relay.c:1291
STATIC int cell_queues_check_size(void)
Definition: relay.c:2606
unsigned int has_finished
int package_window
Definition: circuit_st.h:101
void client_dns_clear_failures(const char *address)
Definition: addressmap.c:660
uint8_t payload[CELL_PAYLOAD_SIZE]
Definition: cell_st.h:16
#define TOR_ADDR_BUF_LEN
Definition: address.h:205
Common functions for using (pseudo-)random number generators.
Definition: node_st.h:28
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
uint16_t sa_family_t
Definition: inaddr_st.h:77
Header for backtrace.c.
#define TO_CONN(c)
Definition: or.h:735
path_state_bitfield_t path_state
uint64_t stats_n_relay_cells_relayed
Definition: relay.c:126
void tor_addr_make_unspec(tor_addr_t *a)
Definition: address.c:225
STATIC packed_cell_t * packed_cell_new(void)
Definition: relay.c:2412
Header file for geoip_stats.c.
void circuits_handle_oom(size_t current_allocation)
Definition: circuitlist.c:2663
unsigned int removed
Definition: or.h:926
#define EXIT_CONN_STATE_RESOLVING
uint16_t marked_for_close
Definition: circuit_st.h:148
Header file for connection.c.
#define CELL_QUEUE_LOWWATER_SIZE
Definition: relay.c:121
static void set_uint16(void *cp, uint16_t v)
Definition: bytes.h:73
struct or_circuit_t * rend_splice
Definition: or_circuit_st.h:48
uint64_t monotime_coarse_stamp_units_to_approx_msec(uint64_t units)
Definition: compat_time.c:870
circid_t packed_cell_get_circid(const packed_cell_t *cell, int wide_circ_ids)
Definition: relay.c:2785
Definition: cell_st.h:12
#define LD_GENERAL
Definition: log.h:59
void cell_queue_append(cell_queue_t *queue, packed_cell_t *cell)
Definition: relay.c:2457
static int circuit_consider_stop_edge_reading(circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2340
#define CIRCUIT_IS_ORIGIN(c)
Definition: circuitlist.h:143
int circuit_finish_handshake(origin_circuit_t *circ, const created_cell_t *reply)
uint8_t state
Definition: connection_st.h:44
Headers for compress.c.
void control_event_boot_dir(bootstrap_status_t status, int progress)
int connection_exit_begin_resolve(cell_t *cell, or_circuit_t *circ)
MOCK_IMPL(int, circuit_package_relay_cell,(cell_t *cell, circuit_t *circ, cell_direction_t cell_direction, crypt_path_t *layer_hint, streamid_t on_stream, const char *filename, int lineno))
Definition: relay.c:353
#define LOG_INFO
Definition: log.h:42
Header file for describe.c.
static uint32_t tor_addr_to_ipv4n(const tor_addr_t *a)
Definition: address.h:145
Header file for nodelist.c.
int connection_edge_package_raw_inbuf(edge_connection_t *conn, int package_partial, int *max_cells)
Definition: relay.c:1988
#define CIRCWINDOW_START
Definition: or.h:501
static int edge_reason_is_retriable(int reason)
Definition: relay.c:717
crypt_path_t * cpath
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:632
void relay_header_unpack(relay_header_t *dest, const uint8_t *src)
Definition: relay.c:484
Header file for directory.c.
void smartlist_add(smartlist_t *sl, void *element)
static time_t last_time_under_memory_pressure
Definition: relay.c:2601
static packed_cell_t * packed_cell_copy(const cell_t *cell, int wide_circ_ids)
Definition: relay.c:2448
void update_circuit_on_cmux_(circuit_t *circ, cell_direction_t direction, const char *file, int lineno)
Definition: relay.c:2663
char address[MAX_SOCKS_ADDR_LEN]
int circuit_extend(cell_t *cell, circuit_t *circ)
char * rate_limit_log(ratelim_t *lim, time_t now)
Definition: ratelim.c:41
void cell_queue_clear(cell_queue_t *queue)
Definition: relay.c:2492
void circpad_deliver_recognized_relay_cell_events(circuit_t *circ, uint8_t relay_command, crypt_path_t *layer_hint)
cell_direction_t circuitmux_attached_circuit_direction(circuitmux_t *cmux, circuit_t *circ)
Definition: circuitmux.c:598
int circuit_truncated(origin_circuit_t *circ, int reason)
#define TO_CIRCUIT(x)
Definition: or.h:947
Header file for config.c.
STATIC int connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ, edge_connection_t *conn, crypt_path_t *layer_hint)
Definition: relay.c:1442
static void adjust_exit_policy_from_exitpolicy_failure(origin_circuit_t *circ, entry_connection_t *conn, node_t *node, const tor_addr_t *addr)
Definition: relay.c:938
size_t half_streams_get_total_allocation(void)
uint8_t command
Definition: or.h:920
static size_t total_cells_allocated
Definition: relay.c:2400
#define END_STREAM_REASON_CANT_ATTACH
Definition: or.h:250
void circuit_clear_cell_queue(circuit_t *circ, channel_t *chan)
Definition: relay.c:3139
Header file for onion.c.
void circuitmux_detach_all_circuits(circuitmux_t *cmux, smartlist_t *detached_out)
Definition: circuitmux.c:263
void circuit_set_state(circuit_t *circ, uint8_t state)
Definition: circuitlist.c:542
unsigned int num_n_circuits
Definition: channel.h:416
void policies_set_node_exitpolicy_to_reject_all(node_t *node)
Definition: policies.c:2205
channel_usage_info_t channel_usage
Definition: channel.h:228
int channel_write_packed_cell(channel_t *chan, packed_cell_t *cell)
Definition: channel.c:1470
#define crypto_fast_rng_one_in_n(rng, n)
Definition: crypto_rand.h:80
#define tor_free(p)
Definition: malloc.h:52
void circpad_deliver_unrecognized_cell_events(circuit_t *circ, cell_direction_t dir)
void channel_mark_for_close(channel_t *chan)
Definition: channel.c:1134
int connection_is_reading(connection_t *conn)
Definition: mainloop.c:512
void client_dns_set_addressmap(entry_connection_t *for_conn, const char *address, const tor_addr_t *val, const char *exitname, int ttl)
Definition: addressmap.c:724
#define SMARTLIST_DEL_CURRENT(sl, var)
const char * conn_state_to_string(int type, int state)
Definition: connection.c:274
uint16_t recognized
Definition: or.h:639
#define DIR_PURPOSE_FETCH_CONSENSUS
Definition: directory.h:56
Header file for mainloop.c.
#define CIRCUIT_PURPOSE_REND_ESTABLISHED
Definition: circuitlist.h:46
circuitmux_t * cmux
Definition: channel.h:403
uint8_t purpose
Definition: circuit_st.h:96
size_t packed_cell_mem_cost(void)
Definition: relay.c:2585
#define CIRCWINDOW_INCREMENT
Definition: or.h:505
void append_cell_to_circuit_queue(circuit_t *circ, channel_t *chan, cell_t *cell, cell_direction_t direction, streamid_t fromstream)
Definition: relay.c:3012
buf_t * buf_new(void)
Definition: buffers.c:363
uint64_t stats_n_circ_max_cell_reached
Definition: relay.c:133
char body[CELL_MAX_NETWORK_SIZE]
Definition: cell_queue_st.h:16
struct buf_t * pending_optimistic_data
Definition: or.h:919
Header file for scheduler*.c.
unsigned int purpose
Definition: connection_st.h:46
created_cell_t created_cell
Definition: onion.h:69
int connection_edge_send_command(edge_connection_t *fromconn, uint8_t relay_command, const char *payload, size_t payload_len)
Definition: relay.c:656
static packed_cell_t * destroy_cell_to_packed_cell(destroy_cell_t *inp, int wide_circ_ids)
Definition: relay.c:2568
unsigned int remaining_relay_early_cells
#define ENTRY_TO_CONN(c)
Definition: or.h:738
void connection_ap_handshake_socks_reply(entry_connection_t *conn, char *reply, size_t replylen, int endreason)
static uint32_t get_uint32(const void *cp)
Definition: bytes.h:49
cell_queue_t n_chan_cells
Definition: circuit_st.h:70
size_t outbuf_flushlen
Definition: connection_st.h:96
int append_address_to_payload(uint8_t *payload_out, const tor_addr_t *addr)
Definition: relay.c:3085
extend_info_t * n_hop
Definition: circuit_st.h:76
cell_direction_t
Definition: or.h:482
struct create_cell_t * n_chan_create_cell
Definition: circuit_st.h:112
streamid_t stream_id
Definition: or.h:640
socks_request_t * socks_request
#define STREAMWINDOW_START
Definition: or.h:508
void control_event_bootstrap(bootstrap_status_t status, int progress)
struct crypt_path_t * cpath_layer
Header file for policies.c.
channel_t * p_chan
Definition: or_circuit_st.h:35
uint64_t stats_n_data_bytes_received
Definition: relay.c:1975
int count_loading_descriptors_progress(void)
Definition: nodelist.c:2631
uint64_t total_cell_waiting_time
Definition: or_circuit_st.h:71
#define STREAMWINDOW_INCREMENT
Definition: or.h:511
void circuitmux_set_num_cells(circuitmux_t *cmux, circuit_t *circ, unsigned int n_cells)
Definition: circuitmux.c:1045
#define LD_APP
Definition: log.h:75
static edge_connection_t * relay_lookup_conn(circuit_t *circ, cell_t *cell, cell_direction_t cell_direction, crypt_path_t *layer_hint)
Definition: relay.c:418
void destroy_cell_queue_append(destroy_cell_queue_t *queue, circid_t circid, uint8_t reason)
Definition: relay.c:2552
Common functions for cryptographic routines.
Header file for channel.c.
#define DIR_PURPOSE_FETCH_SERVERDESC
Definition: directory.h:38
tor_assert(buffer)
void channel_timestamp_client(channel_t *chan)
Definition: channel.c:3208
edge_connection_t * n_streams
Definition: or_circuit_st.h:37
signed_error_t circpad_handle_padding_negotiated(circuit_t *circ, cell_t *cell, crypt_path_t *layer_hint)
void packed_cell_free_(packed_cell_t *cell)
Definition: relay.c:2420
int connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
int connection_half_edge_is_valid_sendme(const smartlist_t *half_conns, streamid_t stream_id)
#define tor_addr_from_ipv4h(dest, v4addr)
Definition: address.h:287
static void circuit_resume_edge_reading(circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2162
#define LD_CIRC
Definition: log.h:79
uint8_t state
Definition: circuit_st.h:95
void circuit_sent_valid_data(origin_circuit_t *circ, uint16_t relay_body_len)
Definition: circuituse.c:3120
uint64_t stats_n_data_bytes_packaged
Definition: relay.c:1969
uint32_t inserted_timestamp
Definition: cell_queue_st.h:17
circid_t n_circ_id
Definition: circuit_st.h:67
void circuitmux_notify_xmit_destroy(circuitmux_t *cmux)
Definition: circuitmux.c:1210
dir_connection_t * TO_DIR_CONN(connection_t *c)
Definition: directory.c:77
static const char * relay_command_to_string(uint8_t command)
Definition: relay.c:495
Header file for circuitpadding.c.
void circuit_synchronize_written_or_bandwidth(const circuit_t *c, circuit_channel_direction_t dir)
Definition: circuitlist.c:2138
signed_error_t circpad_handle_padding_negotiate(circuit_t *circ, cell_t *cell)
void tor_addr_from_ipv6_bytes(tor_addr_t *dest, const char *ipv6_bytes)
Definition: address.c:884
int buf_get_bytes(buf_t *buf, char *string, size_t string_len)
Definition: buffers.c:634
const char * node_describe(const node_t *node)
Definition: describe.c:101
Header file for rendcache.c.
#define END_CIRC_AT_ORIGIN
Definition: or.h:305
Master header file for Tor-specific functionality.
int client_dns_incr_failures(const char *address)
Definition: addressmap.c:638
#define CIRCUIT_STATE_OPEN
Definition: circuitlist.h:31
void cell_queue_append_packed_copy(circuit_t *circ, cell_queue_t *queue, int exitward, const cell_t *cell, int wide_circ_ids, int use_stats)
Definition: relay.c:2468
uint64_t stats_n_relay_cells_delivered
Definition: relay.c:130
uint16_t streamid_t
Definition: or.h:610
Header file for circuitbuild.c.
#define DIR_PURPOSE_FETCH_CERTIFICATE
Definition: directory.h:59
int control_event_stream_status(entry_connection_t *conn, stream_status_event_t tp, int reason_code)
#define END_STREAM_REASON_FLAG_REMOTE
Definition: or.h:276
uint32_t processed_cells
Definition: or_circuit_st.h:66
void destroy_cell_queue_clear(destroy_cell_queue_t *queue)
Definition: relay.c:2526
int tor_addr_parse(tor_addr_t *addr, const char *src)
Definition: address.c:1196
uint16_t marked_for_close
unsigned int chosen_exit_optional
void circuitmux_notify_xmit_cells(circuitmux_t *cmux, circuit_t *circ, unsigned int n_cells)
Definition: circuitmux.c:1150
uint8_t relay_early_commands[MAX_RELAY_EARLY_CELLS_PER_CIRCUIT]
int connection_buf_get_bytes(char *string, size_t len, connection_t *conn)
Definition: connection.c:3874
int have_been_under_memory_pressure(void)
Definition: relay.c:2652
int buf_add(buf_t *buf, const char *string, size_t string_len)
Definition: buffers.c:525
static uint16_t get_uint16(const void *cp)
Definition: bytes.h:37
circid_t circ_id
Definition: cell_st.h:13
int marked_for_close_reason
Definition: circuit_st.h:156
#define LOG_WARN
Definition: log.h:50
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:769
unsigned int type
Definition: connection_st.h:45
static void circuit_update_channel_usage(circuit_t *circ, cell_t *cell)
Definition: relay.c:146
unsigned int edge_has_sent_end
STATIC packed_cell_t * cell_queue_pop(cell_queue_t *queue)
Definition: relay.c:2506
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:271
Header file for circuituse.c.
void cell_queue_init(cell_queue_t *queue)
Definition: relay.c:2484
smartlist_t * testing_cell_stats
Definition: circuit_st.h:171
smartlist_t * half_streams
static void connection_ap_handshake_socks_got_resolved_cell(entry_connection_t *conn, int error_code, smartlist_t *results)
Definition: relay.c:1142
uint32_t n_written_circ_bw
int pathbias_check_probe_response(circuit_t *circ, const cell_t *cell)
Definition: circpathbias.c:870
circid_t p_circ_id
Definition: or_circuit_st.h:31
#define LD_REND
Definition: log.h:81
Header file for circuitlist.c.
#define CIRCUIT_PURPOSE_PATH_BIAS_TESTING
Definition: circuitlist.h:119
void circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ)
Definition: circuitbuild.c:358
unsigned int streams_blocked_on_p_chan
Definition: circuit_st.h:83
int connection_state_is_open(connection_t *conn)
Definition: connection.c:4631
#define LD_OR
Definition: log.h:89
size_t tor_compress_get_total_allocation(void)
Definition: compress.c:458
#define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED
Definition: or.h:283
const uint8_t * decode_address_from_payload(tor_addr_t *addr_out, const uint8_t *payload, int payload_len)
Definition: relay.c:3111
int connection_edge_is_rendezvous_stream(const edge_connection_t *conn)
unsigned int waiting_time
Definition: or.h:925
#define MAX_RESOLVE_FAILURES
Definition: relay.c:712
int node_exit_policy_is_exact(const node_t *node, sa_family_t family)
Definition: nodelist.c:1437
uint64_t dirreq_id
Definition: circuit_st.h:163
uint16_t length
Definition: or.h:642
uint8_t command
Definition: or.h:638
cpath_build_state_t * build_state
unsigned int streams_blocked_on_n_chan
Definition: circuit_st.h:80
int connection_outbuf_too_full(connection_t *conn)
Definition: connection.c:3912
Header file for connection_edge.c.
#define MEMORY_PRESSURE_INTERVAL
Definition: relay.c:2598
uint64_t stats_n_data_cells_packaged
Definition: relay.c:1965
origin_circuit_t * TO_ORIGIN_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:163
cell_queue_t p_chan_cells
Definition: or_circuit_st.h:33
const char * circuit_state_to_string(int state)
Definition: circuitlist.c:758
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
static int circuit_resume_edge_reading_helper(edge_connection_t *conn, circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2183
#define CELL_PAYLOAD_SIZE
Definition: or.h:576
int circuit_send_next_onion_skin(origin_circuit_t *circ)
Definition: circuitbuild.c:939
crypto_fast_rng_t * get_thread_fast_rng(void)
Header file for relay.c.
edge_connection_t * p_streams
char identity_digest[DIGEST_LEN]
#define SMARTLIST_FOREACH(sl, type, var, cmd)
char integrity[4]
Definition: or.h:641
void relay_header_pack(uint8_t *dest, const relay_header_t *src)
Definition: relay.c:471
time_t timestamp_last_read_allowed
Definition: connection_st.h:98
const char * stream_end_reason_to_string(int reason)
Definition: reasons.c:64
uint64_t dirreq_id
Definition: channel.h:459
#define fmt_addr(a)
Definition: address.h:211
uint32_t circid_t
Definition: or.h:608
#define CIRCUIT_PURPOSE_OR
Definition: circuitlist.h:38
#define log_fn(severity, domain, args,...)
Definition: log.h:266
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
#define CONN_TYPE_EXIT
Definition: connection.h:26
void mark_circuit_unusable_for_new_conns(origin_circuit_t *circ)
Definition: circuituse.c:3096
int connection_half_edge_is_valid_end(smartlist_t *half_conns, streamid_t stream_id)
#define AP_CONN_STATE_OPEN
struct event * read_event
Definition: connection_st.h:91
or_circuit_t * TO_OR_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:151
#define DIR_PURPOSE_FETCH_MICRODESC
Definition: directory.h:70
int connection_edge_end(edge_connection_t *conn, uint8_t reason)
void rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint, int command, size_t length, const uint8_t *payload)
Definition: rendcommon.c:767
int deliver_window
Definition: circuit_st.h:106
void connection_ap_handshake_socks_resolved_addr(entry_connection_t *conn, const tor_addr_t *answer, int ttl, time_t expires)
void destroy_cell_queue_init(destroy_cell_queue_t *queue)
Definition: relay.c:2518
void addr_policy_append_reject_addr(smartlist_t **dest, const tor_addr_t *addr)
Definition: policies.c:1612
time_t approx_time(void)
Definition: approx_time.c:32
int circuitmux_is_circuit_attached(circuitmux_t *cmux, circuit_t *circ)
Definition: circuitmux.c:676
int consensus_is_waiting_for_certs(void)
STATIC int connection_edge_process_resolved_cell(edge_connection_t *conn, const cell_t *cell, const relay_header_t *rh)
Definition: relay.c:1216
smartlist_t * prepend_policy
static uint8_t packed_cell_get_command(const packed_cell_t *cell, int wide_circ_ids)
Definition: relay.c:2774
const char * marked_for_close_file
STATIC int resolved_cell_parse(const cell_t *cell, const relay_header_t *rh, smartlist_t *addresses_out, int *errcode_out)
Definition: relay.c:1045
Header file for hs_cache.c.
#define REMAP_STREAM_SOURCE_EXIT
void circuit_set_n_circid_chan(circuit_t *circ, circid_t id, channel_t *chan)
Definition: circuitlist.c:471
static void remap_event_helper(entry_connection_t *conn, const tor_addr_t *new_addr)
Definition: relay.c:973
int circuit_receive_relay_cell(cell_t *cell, circuit_t *circ, cell_direction_t cell_direction)
Definition: relay.c:224
Header file for buffers.c.
Header file for reasons.c.
int connection_half_edge_is_valid_resolved(smartlist_t *half_conns, streamid_t stream_id)
uint8_t command
Definition: cell_st.h:14
#define CONN_TYPE_DIR
Definition: connection.h:35
unsigned int exitward
Definition: or.h:927
circuit_t * circuit_get_by_edge_conn(edge_connection_t *conn)
Definition: circuitlist.c:1576
Header file for connection_or.c.
struct circuit_t * on_circuit
void cell_pack(packed_cell_t *dst, const cell_t *src, int wide_circ_ids)
unsigned int edge_blocked_on_circ
void circuit_read_valid_data(origin_circuit_t *circ, uint16_t relay_body_len)
Definition: circuituse.c:3141
circuit_t * circuitmux_get_first_active_circuit(circuitmux_t *cmux, destroy_cell_queue_t **destroy_queue_out)
Definition: circuitmux.c:1107
extend_info_t * chosen_exit
#define tor_addr_to_in6_addr8(x)
Definition: address.h:129
void pathbias_count_valid_cells(circuit_t *circ, const cell_t *cell)
Definition: circpathbias.c:930
int extended_cell_parse(extended_cell_t *cell_out, const uint8_t command, const uint8_t *payload, size_t payload_len)
Definition: onion.c:448
struct edge_connection_t * next_stream
#define CIRCUIT_PURPOSE_S_REND_JOINED
Definition: circuitlist.h:109
#define CONN_TYPE_AP
Definition: connection.h:31
int connection_ap_detach_retriable(entry_connection_t *conn, origin_circuit_t *circ, int reason)
static int set_streams_blocked_on_circ(circuit_t *circ, channel_t *chan, int block, streamid_t stream_id)
Definition: relay.c:2728
Header file for control_events.c.
#define LD_PROTOCOL
Definition: log.h:69
#define LD_MM
Definition: log.h:71
void circpad_machine_event_circ_has_no_relay_early(origin_circuit_t *circ)
const char * marked_for_close_file
Definition: circuit_st.h:151
void pathbias_mark_use_success(origin_circuit_t *circ)
Definition: circpathbias.c:652
#define RELAY_HEADER_SIZE
Definition: or.h:603
static void circuit_consider_sending_sendme(circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2379
void circpad_deliver_sent_relay_cell_events(circuit_t *circ, uint8_t relay_command)
static int connection_ap_process_end_not_open(relay_header_t *rh, cell_t *cell, origin_circuit_t *circ, entry_connection_t *conn, crypt_path_t *layer_hint)
Definition: relay.c:732
void channel_unlink_all_circuits(channel_t *chan, smartlist_t *circuits_out)
Definition: relay.c:2708
int channel_send_destroy(circid_t circ_id, channel_t *chan, int reason)
Definition: channel.c:2017
Header file for networkstatus.c.
#define LD_BUG
Definition: log.h:83
Header file for dns.c.
uint32_t monotime_coarse_get_stamp(void)
Definition: compat_time.c:844
#define EXIT_CONN_STATE_CONNECTING
Header file for routerlist.c.
void dump_cell_pool_usage(int severity)
Definition: relay.c:2430
channel_t * n_chan
Definition: circuit_st.h:58
int connection_half_edge_is_valid_connected(const smartlist_t *half_conns, streamid_t stream_id)
int connection_half_edge_is_valid_data(const smartlist_t *half_conns, streamid_t stream_id)
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:179
static void packed_cell_free_unchecked(packed_cell_t *cell)
Definition: relay.c:2404