tor  0.4.2.0-alpha-dev
relay.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
48 #define RELAY_PRIVATE
49 #include "core/or/or.h"
50 #include "feature/client/addressmap.h"
51 #include "lib/err/backtrace.h"
52 #include "lib/buf/buffers.h"
53 #include "core/or/channel.h"
54 #include "feature/client/circpathbias.h"
55 #include "core/or/circuitbuild.h"
56 #include "core/or/circuitlist.h"
57 #include "core/or/circuituse.h"
58 #include "core/or/circuitpadding.h"
59 #include "lib/compress/compress.h"
60 #include "app/config/config.h"
63 #include "core/or/connection_or.h"
68 #include "feature/relay/dns.h"
70 #include "feature/hs/hs_cache.h"
71 #include "core/mainloop/mainloop.h"
74 #include "core/or/onion.h"
75 #include "core/or/policies.h"
76 #include "core/or/reasons.h"
77 #include "core/or/relay.h"
78 #include "core/crypto/relay_crypto.h"
79 #include "feature/rend/rendcache.h"
83 #include "core/or/scheduler.h"
84 
85 #include "core/or/cell_st.h"
86 #include "core/or/cell_queue_st.h"
87 #include "core/or/cpath_build_state_st.h"
88 #include "feature/dircommon/dir_connection_st.h"
89 #include "core/or/destroy_cell_queue_st.h"
90 #include "core/or/entry_connection_st.h"
91 #include "core/or/extend_info_st.h"
92 #include "core/or/or_circuit_st.h"
93 #include "core/or/origin_circuit_st.h"
94 #include "feature/nodelist/routerinfo_st.h"
95 #include "core/or/socks_request_st.h"
96 #include "core/or/sendme.h"
97 
99  cell_direction_t cell_direction,
100  crypt_path_t *layer_hint);
101 
102 static void circuit_resume_edge_reading(circuit_t *circ,
103  crypt_path_t *layer_hint);
105  circuit_t *circ,
106  crypt_path_t *layer_hint);
108  crypt_path_t *layer_hint);
111  entry_connection_t *conn,
112  node_t *node,
113  const tor_addr_t *addr);
114 
117 #define CELL_QUEUE_HIGHWATER_SIZE 256
118 
120 #define CELL_QUEUE_LOWWATER_SIZE 64
121 
133 
144 static void
146 {
147  if (CIRCUIT_IS_ORIGIN(circ)) {
148  /*
149  * The client state was first set much earlier in
150  * circuit_send_next_onion_skin(), so we can start padding as early as
151  * possible.
152  *
153  * However, if padding turns out to be expensive, we may want to not do
154  * it until actual application traffic starts flowing (which is controlled
155  * via consensus param nf_pad_before_usage).
156  *
157  * So: If we're an origin circuit and we've created a full length circuit,
158  * then any CELL_RELAY cell means application data. Increase the usage
159  * state of the channel to indicate this.
160  *
161  * We want to wait for CELL_RELAY specifically here, so we know that
162  * the channel was definitely being used for data and not for extends.
163  * By default, we pad as soon as a channel has been used for *any*
164  * circuits, so this state is irrelevant to the padding decision in
165  * the default case. However, if padding turns out to be expensive,
166  * we would like the ability to avoid padding until we're absolutely
167  * sure that a channel is used for enough application data to be worth
168  * padding.
169  *
170  * (So it does not matter that CELL_RELAY_EARLY can actually contain
171  * application data. This is only a load reducing option and that edge
172  * case does not matter if we're desperately trying to reduce overhead
173  * anyway. See also consensus parameter nf_pad_before_usage).
174  */
175  if (BUG(!circ->n_chan))
176  return;
177 
178  if (circ->n_chan->channel_usage == CHANNEL_USED_FOR_FULL_CIRCS &&
179  cell->command == CELL_RELAY) {
180  circ->n_chan->channel_usage = CHANNEL_USED_FOR_USER_TRAFFIC;
181  }
182  } else {
183  /* If we're a relay circuit, the question is more complicated. Basically:
184  * we only want to pad connections that carry multihop (anonymous)
185  * circuits.
186  *
187  * We assume we're more than one hop if either the previous hop
188  * is not a client, or if the previous hop is a client and there's
189  * a next hop. Then, circuit traffic starts at RELAY_EARLY, and
190  * user application traffic starts when we see RELAY cells.
191  */
192  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
193 
194  if (BUG(!or_circ->p_chan))
195  return;
196 
197  if (!channel_is_client(or_circ->p_chan) ||
198  (channel_is_client(or_circ->p_chan) && circ->n_chan)) {
199  if (cell->command == CELL_RELAY_EARLY) {
200  if (or_circ->p_chan->channel_usage < CHANNEL_USED_FOR_FULL_CIRCS) {
201  or_circ->p_chan->channel_usage = CHANNEL_USED_FOR_FULL_CIRCS;
202  }
203  } else if (cell->command == CELL_RELAY) {
204  or_circ->p_chan->channel_usage = CHANNEL_USED_FOR_USER_TRAFFIC;
205  }
206  }
207  }
208 }
209 
222 int
224  cell_direction_t cell_direction)
225 {
226  channel_t *chan = NULL;
227  crypt_path_t *layer_hint=NULL;
228  char recognized=0;
229  int reason;
230 
231  tor_assert(cell);
232  tor_assert(circ);
233  tor_assert(cell_direction == CELL_DIRECTION_OUT ||
234  cell_direction == CELL_DIRECTION_IN);
235  if (circ->marked_for_close)
236  return 0;
237 
238  if (relay_decrypt_cell(circ, cell, cell_direction, &layer_hint, &recognized)
239  < 0) {
240  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
241  "relay crypt failed. Dropping connection.");
242  return -END_CIRC_REASON_INTERNAL;
243  }
244 
245  circuit_update_channel_usage(circ, cell);
246 
247  if (recognized) {
248  edge_connection_t *conn = NULL;
249 
250  /* Recognized cell, the cell digest has been updated, we'll record it for
251  * the SENDME if need be. */
252  sendme_record_received_cell_digest(circ, layer_hint);
253 
255  if (pathbias_check_probe_response(circ, cell) == -1) {
256  pathbias_count_valid_cells(circ, cell);
257  }
258 
259  /* We need to drop this cell no matter what to avoid code that expects
260  * a certain purpose (such as the hidserv code). */
261  return 0;
262  }
263 
264  conn = relay_lookup_conn(circ, cell, cell_direction, layer_hint);
265  if (cell_direction == CELL_DIRECTION_OUT) {
267  log_debug(LD_OR,"Sending away from origin.");
268  if ((reason=connection_edge_process_relay_cell(cell, circ, conn, NULL))
269  < 0) {
270  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
271  "connection_edge_process_relay_cell (away from origin) "
272  "failed.");
273  return reason;
274  }
275  }
276  if (cell_direction == CELL_DIRECTION_IN) {
278  log_debug(LD_OR,"Sending to origin.");
279  if ((reason = connection_edge_process_relay_cell(cell, circ, conn,
280  layer_hint)) < 0) {
281  /* If a client is trying to connect to unknown hidden service port,
282  * END_CIRC_AT_ORIGIN is sent back so we can then close the circuit.
283  * Do not log warn as this is an expected behavior for a service. */
284  if (reason != END_CIRC_AT_ORIGIN) {
285  log_warn(LD_OR,
286  "connection_edge_process_relay_cell (at origin) failed.");
287  }
288  return reason;
289  }
290  }
291  return 0;
292  }
293 
294  /* not recognized. inform circpad and pass it on. */
295  circpad_deliver_unrecognized_cell_events(circ, cell_direction);
296 
297  if (cell_direction == CELL_DIRECTION_OUT) {
298  cell->circ_id = circ->n_circ_id; /* switch it */
299  chan = circ->n_chan;
300  } else if (! CIRCUIT_IS_ORIGIN(circ)) {
301  cell->circ_id = TO_OR_CIRCUIT(circ)->p_circ_id; /* switch it */
302  chan = TO_OR_CIRCUIT(circ)->p_chan;
303  } else {
304  log_fn(LOG_PROTOCOL_WARN, LD_OR,
305  "Dropping unrecognized inbound cell on origin circuit.");
306  /* If we see unrecognized cells on path bias testing circs,
307  * it's bad mojo. Those circuits need to die.
308  * XXX: Shouldn't they always die? */
310  TO_ORIGIN_CIRCUIT(circ)->path_state = PATH_STATE_USE_FAILED;
311  return -END_CIRC_REASON_TORPROTOCOL;
312  } else {
313  return 0;
314  }
315  }
316 
317  if (!chan) {
318  // XXXX Can this splice stuff be done more cleanly?
319  if (! CIRCUIT_IS_ORIGIN(circ) &&
320  TO_OR_CIRCUIT(circ)->rend_splice &&
321  cell_direction == CELL_DIRECTION_OUT) {
322  or_circuit_t *splice_ = TO_OR_CIRCUIT(circ)->rend_splice;
325  cell->circ_id = splice_->p_circ_id;
326  cell->command = CELL_RELAY; /* can't be relay_early anyway */
327  if ((reason = circuit_receive_relay_cell(cell, TO_CIRCUIT(splice_),
328  CELL_DIRECTION_IN)) < 0) {
329  log_warn(LD_REND, "Error relaying cell across rendezvous; closing "
330  "circuits");
331  /* XXXX Do this here, or just return -1? */
332  circuit_mark_for_close(circ, -reason);
333  return reason;
334  }
335  return 0;
336  }
337  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
338  "Didn't recognize cell, but circ stops here! Closing circ.");
339  return -END_CIRC_REASON_TORPROTOCOL;
340  }
341 
342  log_debug(LD_OR,"Passing on unrecognized cell.");
343 
344  ++stats_n_relay_cells_relayed; /* XXXX no longer quite accurate {cells}
345  * we might kill the circ before we relay
346  * the cells. */
347 
348  append_cell_to_circuit_queue(circ, chan, cell, cell_direction, 0);
349  return 0;
350 }
351 
357 circuit_package_relay_cell, (cell_t *cell, circuit_t *circ,
358  cell_direction_t cell_direction,
359  crypt_path_t *layer_hint, streamid_t on_stream,
360  const char *filename, int lineno))
361 {
362  channel_t *chan; /* where to send the cell */
363 
364  if (circ->marked_for_close) {
365  /* Circuit is marked; send nothing. */
366  return 0;
367  }
368 
369  if (cell_direction == CELL_DIRECTION_OUT) {
370  chan = circ->n_chan;
371  if (!chan) {
372  log_warn(LD_BUG,"outgoing relay cell sent from %s:%d has n_chan==NULL."
373  " Dropping. Circuit is in state %s (%d), and is "
374  "%smarked for close. (%s:%d, %d)", filename, lineno,
375  circuit_state_to_string(circ->state), circ->state,
376  circ->marked_for_close ? "" : "not ",
379  if (CIRCUIT_IS_ORIGIN(circ)) {
381  }
382  log_backtrace(LOG_WARN,LD_BUG,"");
383  return 0; /* just drop it */
384  }
385  if (!CIRCUIT_IS_ORIGIN(circ)) {
386  log_warn(LD_BUG,"outgoing relay cell sent from %s:%d on non-origin "
387  "circ. Dropping.", filename, lineno);
388  log_backtrace(LOG_WARN,LD_BUG,"");
389  return 0; /* just drop it */
390  }
391 
392  relay_encrypt_cell_outbound(cell, TO_ORIGIN_CIRCUIT(circ), layer_hint);
393 
394  /* Update circ written totals for control port */
395  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
396  ocirc->n_written_circ_bw = tor_add_u32_nowrap(ocirc->n_written_circ_bw,
398 
399  } else { /* incoming cell */
400  if (CIRCUIT_IS_ORIGIN(circ)) {
401  /* We should never package an _incoming_ cell from the circuit
402  * origin; that means we messed up somewhere. */
403  log_warn(LD_BUG,"incoming relay cell at origin circuit. Dropping.");
404  assert_circuit_ok(circ);
405  return 0; /* just drop it */
406  }
407  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
408  relay_encrypt_cell_inbound(cell, or_circ);
409  chan = or_circ->p_chan;
410  }
412 
413  append_cell_to_circuit_queue(circ, chan, cell, cell_direction, on_stream);
414  return 0;
415 }
416 
420 static edge_connection_t *
422  cell_direction_t cell_direction, crypt_path_t *layer_hint)
423 {
424  edge_connection_t *tmpconn;
425  relay_header_t rh;
426 
427  relay_header_unpack(&rh, cell->payload);
428 
429  if (!rh.stream_id)
430  return NULL;
431 
432  /* IN or OUT cells could have come from either direction, now
433  * that we allow rendezvous *to* an OP.
434  */
435 
436  if (CIRCUIT_IS_ORIGIN(circ)) {
437  for (tmpconn = TO_ORIGIN_CIRCUIT(circ)->p_streams; tmpconn;
438  tmpconn=tmpconn->next_stream) {
439  if (rh.stream_id == tmpconn->stream_id &&
440  !tmpconn->base_.marked_for_close &&
441  tmpconn->cpath_layer == layer_hint) {
442  log_debug(LD_APP,"found conn for stream %d.", rh.stream_id);
443  return tmpconn;
444  }
445  }
446  } else {
447  for (tmpconn = TO_OR_CIRCUIT(circ)->n_streams; tmpconn;
448  tmpconn=tmpconn->next_stream) {
449  if (rh.stream_id == tmpconn->stream_id &&
450  !tmpconn->base_.marked_for_close) {
451  log_debug(LD_EXIT,"found conn for stream %d.", rh.stream_id);
452  if (cell_direction == CELL_DIRECTION_OUT ||
454  return tmpconn;
455  }
456  }
457  for (tmpconn = TO_OR_CIRCUIT(circ)->resolving_streams; tmpconn;
458  tmpconn=tmpconn->next_stream) {
459  if (rh.stream_id == tmpconn->stream_id &&
460  !tmpconn->base_.marked_for_close) {
461  log_debug(LD_EXIT,"found conn for stream %d.", rh.stream_id);
462  return tmpconn;
463  }
464  }
465  }
466  return NULL; /* probably a begin relay cell */
467 }
468 
473 void
474 relay_header_pack(uint8_t *dest, const relay_header_t *src)
475 {
476  set_uint8(dest, src->command);
477  set_uint16(dest+1, htons(src->recognized));
478  set_uint16(dest+3, htons(src->stream_id));
479  memcpy(dest+5, src->integrity, 4);
480  set_uint16(dest+9, htons(src->length));
481 }
482 
486 void
487 relay_header_unpack(relay_header_t *dest, const uint8_t *src)
488 {
489  dest->command = get_uint8(src);
490  dest->recognized = ntohs(get_uint16(src+1));
491  dest->stream_id = ntohs(get_uint16(src+3));
492  memcpy(dest->integrity, src+5, 4);
493  dest->length = ntohs(get_uint16(src+9));
494 }
495 
497 static const char *
498 relay_command_to_string(uint8_t command)
499 {
500  static char buf[64];
501  switch (command) {
502  case RELAY_COMMAND_BEGIN: return "BEGIN";
503  case RELAY_COMMAND_DATA: return "DATA";
504  case RELAY_COMMAND_END: return "END";
505  case RELAY_COMMAND_CONNECTED: return "CONNECTED";
506  case RELAY_COMMAND_SENDME: return "SENDME";
507  case RELAY_COMMAND_EXTEND: return "EXTEND";
508  case RELAY_COMMAND_EXTENDED: return "EXTENDED";
509  case RELAY_COMMAND_TRUNCATE: return "TRUNCATE";
510  case RELAY_COMMAND_TRUNCATED: return "TRUNCATED";
511  case RELAY_COMMAND_DROP: return "DROP";
512  case RELAY_COMMAND_RESOLVE: return "RESOLVE";
513  case RELAY_COMMAND_RESOLVED: return "RESOLVED";
514  case RELAY_COMMAND_BEGIN_DIR: return "BEGIN_DIR";
515  case RELAY_COMMAND_ESTABLISH_INTRO: return "ESTABLISH_INTRO";
516  case RELAY_COMMAND_ESTABLISH_RENDEZVOUS: return "ESTABLISH_RENDEZVOUS";
517  case RELAY_COMMAND_INTRODUCE1: return "INTRODUCE1";
518  case RELAY_COMMAND_INTRODUCE2: return "INTRODUCE2";
519  case RELAY_COMMAND_RENDEZVOUS1: return "RENDEZVOUS1";
520  case RELAY_COMMAND_RENDEZVOUS2: return "RENDEZVOUS2";
521  case RELAY_COMMAND_INTRO_ESTABLISHED: return "INTRO_ESTABLISHED";
522  case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
523  return "RENDEZVOUS_ESTABLISHED";
524  case RELAY_COMMAND_INTRODUCE_ACK: return "INTRODUCE_ACK";
525  case RELAY_COMMAND_EXTEND2: return "EXTEND2";
526  case RELAY_COMMAND_EXTENDED2: return "EXTENDED2";
527  case RELAY_COMMAND_PADDING_NEGOTIATE: return "PADDING_NEGOTIATE";
528  case RELAY_COMMAND_PADDING_NEGOTIATED: return "PADDING_NEGOTIATED";
529  default:
530  tor_snprintf(buf, sizeof(buf), "Unrecognized relay command %u",
531  (unsigned)command);
532  return buf;
533  }
534 }
535 
538 #define CELL_PADDING_GAP 4
539 
551 STATIC size_t
552 get_pad_cell_offset(size_t data_len)
553 {
554  /* This is never supposed to happen but in case it does, stop right away
555  * because if tor is tricked somehow into not adding random bytes to the
556  * payload with this function returning 0 for a bad data_len, the entire
557  * authenticated SENDME design can be bypassed leading to bad denial of
558  * service attacks. */
559  tor_assert(data_len <= RELAY_PAYLOAD_SIZE);
560 
561  /* If the offset is larger than the cell payload size, we return an offset
562  * of zero indicating that no padding needs to be added. */
563  size_t offset = RELAY_HEADER_SIZE + data_len + CELL_PADDING_GAP;
564  if (offset >= CELL_PAYLOAD_SIZE) {
565  return 0;
566  }
567  return offset;
568 }
569 
570 /* Add random bytes to the unused portion of the payload, to foil attacks
571  * where the other side can predict all of the bytes in the payload and thus
572  * compute the authenticated SENDME cells without seeing the traffic. See
573  * proposal 289. */
574 static void
575 pad_cell_payload(uint8_t *cell_payload, size_t data_len)
576 {
577  size_t pad_offset, pad_len;
578 
579  tor_assert(cell_payload);
580 
581  pad_offset = get_pad_cell_offset(data_len);
582  if (pad_offset == 0) {
583  /* We can't add padding so we are done. */
584  return;
585  }
586 
587  /* Remember here that the cell_payload is the length of the header and
588  * payload size so we offset it using the full length of the cell. */
589  pad_len = CELL_PAYLOAD_SIZE - pad_offset;
591  cell_payload + pad_offset, pad_len);
592 }
593 
604 relay_send_command_from_edge_,(streamid_t stream_id, circuit_t *circ,
605  uint8_t relay_command, const char *payload,
606  size_t payload_len, crypt_path_t *cpath_layer,
607  const char *filename, int lineno))
608 {
609  cell_t cell;
610  relay_header_t rh;
611  cell_direction_t cell_direction;
612  /* XXXX NM Split this function into a separate versions per circuit type? */
613 
614  tor_assert(circ);
615  tor_assert(payload_len <= RELAY_PAYLOAD_SIZE);
616 
617  memset(&cell, 0, sizeof(cell_t));
618  cell.command = CELL_RELAY;
619  if (CIRCUIT_IS_ORIGIN(circ)) {
620  tor_assert(cpath_layer);
621  cell.circ_id = circ->n_circ_id;
622  cell_direction = CELL_DIRECTION_OUT;
623  } else {
624  tor_assert(! cpath_layer);
625  cell.circ_id = TO_OR_CIRCUIT(circ)->p_circ_id;
626  cell_direction = CELL_DIRECTION_IN;
627  }
628 
629  memset(&rh, 0, sizeof(rh));
630  rh.command = relay_command;
631  rh.stream_id = stream_id;
632  rh.length = payload_len;
633  relay_header_pack(cell.payload, &rh);
634  if (payload_len)
635  memcpy(cell.payload+RELAY_HEADER_SIZE, payload, payload_len);
636 
637  /* Add random padding to the cell if we can. */
638  pad_cell_payload(cell.payload, payload_len);
639 
640  log_debug(LD_OR,"delivering %d cell %s.", relay_command,
641  cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");
642 
643  /* Tell circpad we're sending a relay cell */
644  circpad_deliver_sent_relay_cell_events(circ, relay_command);
645 
646  /* If we are sending an END cell and this circuit is used for a tunneled
647  * directory request, advance its state. */
648  if (relay_command == RELAY_COMMAND_END && circ->dirreq_id)
649  geoip_change_dirreq_state(circ->dirreq_id, DIRREQ_TUNNELED,
651 
652  if (cell_direction == CELL_DIRECTION_OUT && circ->n_chan) {
653  /* if we're using relaybandwidthrate, this conn wants priority */
655  }
656 
657  if (cell_direction == CELL_DIRECTION_OUT) {
658  origin_circuit_t *origin_circ = TO_ORIGIN_CIRCUIT(circ);
659  if (origin_circ->remaining_relay_early_cells > 0 &&
660  (relay_command == RELAY_COMMAND_EXTEND ||
661  relay_command == RELAY_COMMAND_EXTEND2 ||
662  cpath_layer != origin_circ->cpath)) {
663  /* If we've got any relay_early cells left and (we're sending
664  * an extend cell or we're not talking to the first hop), use
665  * one of them. Don't worry about the conn protocol version:
666  * append_cell_to_circuit_queue will fix it up. */
667  cell.command = CELL_RELAY_EARLY;
668  /* If we're out of relay early cells, tell circpad */
669  if (--origin_circ->remaining_relay_early_cells == 0)
671  log_debug(LD_OR, "Sending a RELAY_EARLY cell; %d remaining.",
672  (int)origin_circ->remaining_relay_early_cells);
673  /* Memorize the command that is sent as RELAY_EARLY cell; helps debug
674  * task 878. */
675  origin_circ->relay_early_commands[
676  origin_circ->relay_early_cells_sent++] = relay_command;
677  } else if (relay_command == RELAY_COMMAND_EXTEND ||
678  relay_command == RELAY_COMMAND_EXTEND2) {
679  /* If no RELAY_EARLY cells can be sent over this circuit, log which
680  * commands have been sent as RELAY_EARLY cells before; helps debug
681  * task 878. */
682  smartlist_t *commands_list = smartlist_new();
683  int i = 0;
684  char *commands = NULL;
685  for (; i < origin_circ->relay_early_cells_sent; i++)
686  smartlist_add(commands_list, (char *)
688  commands = smartlist_join_strings(commands_list, ",", 0, NULL);
689  log_warn(LD_BUG, "Uh-oh. We're sending a RELAY_COMMAND_EXTEND cell, "
690  "but we have run out of RELAY_EARLY cells on that circuit. "
691  "Commands sent before: %s", commands);
692  tor_free(commands);
693  smartlist_free(commands_list);
694  }
695 
696  /* Let's assume we're well-behaved: Anything that we decide to send is
697  * valid, delivered data. */
698  circuit_sent_valid_data(origin_circ, rh.length);
699  }
700 
701  if (circuit_package_relay_cell(&cell, circ, cell_direction, cpath_layer,
702  stream_id, filename, lineno) < 0) {
703  log_warn(LD_BUG,"circuit_package_relay_cell failed. Closing.");
704  circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL);
705  return -1;
706  }
707 
708  /* If applicable, note the cell digest for the SENDME version 1 purpose if
709  * we need to. This call needs to be after the circuit_package_relay_cell()
710  * because the cell digest is set within that function. */
711  if (relay_command == RELAY_COMMAND_DATA) {
712  sendme_record_cell_digest_on_circ(circ, cpath_layer);
713  }
714 
715  return 0;
716 }
717 
727 int
729  uint8_t relay_command, const char *payload,
730  size_t payload_len)
731 {
732  /* XXXX NM Split this function into a separate versions per circuit type? */
733  circuit_t *circ;
734  crypt_path_t *cpath_layer = fromconn->cpath_layer;
735  tor_assert(fromconn);
736  circ = fromconn->on_circuit;
737 
738  if (fromconn->base_.marked_for_close) {
739  log_warn(LD_BUG,
740  "called on conn that's already marked for close at %s:%d.",
741  fromconn->base_.marked_for_close_file,
742  fromconn->base_.marked_for_close);
743  return 0;
744  }
745 
746  if (!circ) {
747  if (fromconn->base_.type == CONN_TYPE_AP) {
748  log_info(LD_APP,"no circ. Closing conn.");
749  connection_mark_unattached_ap(EDGE_TO_ENTRY_CONN(fromconn),
750  END_STREAM_REASON_INTERNAL);
751  } else {
752  log_info(LD_EXIT,"no circ. Closing conn.");
753  fromconn->edge_has_sent_end = 1; /* no circ to send to */
754  fromconn->end_reason = END_STREAM_REASON_INTERNAL;
755  connection_mark_for_close(TO_CONN(fromconn));
756  }
757  return -1;
758  }
759 
760  if (circ->marked_for_close) {
761  /* The circuit has been marked, but not freed yet. When it's freed, it
762  * will mark this connection for close. */
763  return -1;
764  }
765 
766 #ifdef MEASUREMENTS_21206
767  /* Keep track of the number of RELAY_DATA cells sent for directory
768  * connections. */
769  connection_t *linked_conn = TO_CONN(fromconn)->linked_conn;
770 
771  if (linked_conn && linked_conn->type == CONN_TYPE_DIR) {
772  ++(TO_DIR_CONN(linked_conn)->data_cells_sent);
773  }
774 #endif /* defined(MEASUREMENTS_21206) */
775 
776  return relay_send_command_from_edge(fromconn->stream_id, circ,
777  relay_command, payload,
778  payload_len, cpath_layer);
779 }
780 
784 #define MAX_RESOLVE_FAILURES 3
785 
788 static int
790 {
791  return reason == END_STREAM_REASON_HIBERNATING ||
792  reason == END_STREAM_REASON_RESOURCELIMIT ||
793  reason == END_STREAM_REASON_EXITPOLICY ||
794  reason == END_STREAM_REASON_RESOLVEFAILED ||
795  reason == END_STREAM_REASON_MISC ||
796  reason == END_STREAM_REASON_NOROUTE;
797 }
798 
803 static int
805  relay_header_t *rh, cell_t *cell, origin_circuit_t *circ,
806  entry_connection_t *conn, crypt_path_t *layer_hint)
807 {
808  node_t *exitrouter;
809  int reason = *(cell->payload+RELAY_HEADER_SIZE);
810  int control_reason;
811  edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(conn);
812  (void) layer_hint; /* unused */
813 
814  if (rh->length > 0) {
815  if (reason == END_STREAM_REASON_TORPROTOCOL ||
816  reason == END_STREAM_REASON_DESTROY) {
817  /* Both of these reasons could mean a failed tag
818  * hit the exit and it complained. Do not probe.
819  * Fail the circuit. */
820  circ->path_state = PATH_STATE_USE_FAILED;
821  return -END_CIRC_REASON_TORPROTOCOL;
822  } else if (reason == END_STREAM_REASON_INTERNAL) {
823  /* We can't infer success or failure, since older Tors report
824  * ENETUNREACH as END_STREAM_REASON_INTERNAL. */
825  } else {
826  /* Path bias: If we get a valid reason code from the exit,
827  * it wasn't due to tagging.
828  *
829  * We rely on recognized+digest being strong enough to make
830  * tags unlikely to allow us to get tagged, yet 'recognized'
831  * reason codes here. */
833  }
834  }
835 
836  /* This end cell is now valid. */
837  circuit_read_valid_data(circ, rh->length);
838 
839  if (rh->length == 0) {
840  reason = END_STREAM_REASON_MISC;
841  }
842 
843  control_reason = reason | END_STREAM_REASON_FLAG_REMOTE;
844 
845  if (edge_reason_is_retriable(reason) &&
846  /* avoid retry if rend */
848  const char *chosen_exit_digest =
850  log_info(LD_APP,"Address '%s' refused due to '%s'. Considering retrying.",
851  safe_str(conn->socks_request->address),
853  exitrouter = node_get_mutable_by_id(chosen_exit_digest);
854  switch (reason) {
855  case END_STREAM_REASON_EXITPOLICY: {
856  tor_addr_t addr;
857  tor_addr_make_unspec(&addr);
858  if (rh->length >= 5) {
859  int ttl = -1;
860  tor_addr_make_unspec(&addr);
861  if (rh->length == 5 || rh->length == 9) {
862  tor_addr_from_ipv4n(&addr,
864  if (rh->length == 9)
865  ttl = (int)ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE+5));
866  } else if (rh->length == 17 || rh->length == 21) {
868  (char*)(cell->payload+RELAY_HEADER_SIZE+1));
869  if (rh->length == 21)
870  ttl = (int)ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE+17));
871  }
872  if (tor_addr_is_null(&addr)) {
873  log_info(LD_APP,"Address '%s' resolved to 0.0.0.0. Closing,",
874  safe_str(conn->socks_request->address));
875  connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
876  return 0;
877  }
878 
879  if ((tor_addr_family(&addr) == AF_INET &&
880  !conn->entry_cfg.ipv4_traffic) ||
881  (tor_addr_family(&addr) == AF_INET6 &&
882  !conn->entry_cfg.ipv6_traffic)) {
883  log_fn(LOG_PROTOCOL_WARN, LD_APP,
884  "Got an EXITPOLICY failure on a connection with a "
885  "mismatched family. Closing.");
886  connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
887  return 0;
888  }
889  if (get_options()->ClientDNSRejectInternalAddresses &&
890  tor_addr_is_internal(&addr, 0)) {
891  log_info(LD_APP,"Address '%s' resolved to internal. Closing,",
892  safe_str(conn->socks_request->address));
893  connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
894  return 0;
895  }
896 
898  conn->socks_request->address, &addr,
899  conn->chosen_exit_name, ttl);
900 
901  {
902  char new_addr[TOR_ADDR_BUF_LEN];
903  tor_addr_to_str(new_addr, &addr, sizeof(new_addr), 1);
904  if (strcmp(conn->socks_request->address, new_addr)) {
905  strlcpy(conn->socks_request->address, new_addr,
906  sizeof(conn->socks_request->address));
907  control_event_stream_status(conn, STREAM_EVENT_REMAP, 0);
908  }
909  }
910  }
911  /* check if the exit *ought* to have allowed it */
912 
914  conn,
915  exitrouter,
916  &addr);
917 
918  if (conn->chosen_exit_optional ||
919  conn->chosen_exit_retries) {
920  /* stop wanting a specific exit */
921  conn->chosen_exit_optional = 0;
922  /* A non-zero chosen_exit_retries can happen if we set a
923  * TrackHostExits for this address under a port that the exit
924  * relay allows, but then try the same address with a different
925  * port that it doesn't allow to exit. We shouldn't unregister
926  * the mapping, since it is probably still wanted on the
927  * original port. But now we give away to the exit relay that
928  * we probably have a TrackHostExits on it. So be it. */
929  conn->chosen_exit_retries = 0;
930  tor_free(conn->chosen_exit_name); /* clears it */
931  }
932  if (connection_ap_detach_retriable(conn, circ, control_reason) >= 0)
933  return 0;
934  /* else, conn will get closed below */
935  break;
936  }
937  case END_STREAM_REASON_CONNECTREFUSED:
938  if (!conn->chosen_exit_optional)
939  break; /* break means it'll close, below */
940  /* Else fall through: expire this circuit, clear the
941  * chosen_exit_name field, and try again. */
942  /* Falls through. */
943  case END_STREAM_REASON_RESOLVEFAILED:
944  case END_STREAM_REASON_TIMEOUT:
945  case END_STREAM_REASON_MISC:
946  case END_STREAM_REASON_NOROUTE:
949  /* We haven't retried too many times; reattach the connection. */
951  /* Mark this circuit "unusable for new streams". */
953 
954  if (conn->chosen_exit_optional) {
955  /* stop wanting a specific exit */
956  conn->chosen_exit_optional = 0;
957  tor_free(conn->chosen_exit_name); /* clears it */
958  }
959  if (connection_ap_detach_retriable(conn, circ, control_reason) >= 0)
960  return 0;
961  /* else, conn will get closed below */
962  } else {
963  log_notice(LD_APP,
964  "Have tried resolving or connecting to address '%s' "
965  "at %d different places. Giving up.",
966  safe_str(conn->socks_request->address),
968  /* clear the failures, so it will have a full try next time */
970  }
971  break;
972  case END_STREAM_REASON_HIBERNATING:
973  case END_STREAM_REASON_RESOURCELIMIT:
974  if (exitrouter) {
976  }
977  if (conn->chosen_exit_optional) {
978  /* stop wanting a specific exit */
979  conn->chosen_exit_optional = 0;
980  tor_free(conn->chosen_exit_name); /* clears it */
981  }
982  if (connection_ap_detach_retriable(conn, circ, control_reason) >= 0)
983  return 0;
984  /* else, will close below */
985  break;
986  } /* end switch */
987  log_info(LD_APP,"Giving up on retrying; conn can't be handled.");
988  }
989 
990  log_info(LD_APP,
991  "Edge got end (%s) before we're connected. Marking for close.",
992  stream_end_reason_to_string(rh->length > 0 ? reason : -1));
994  /* need to test because of detach_retriable */
995  if (!ENTRY_TO_CONN(conn)->marked_for_close)
996  connection_mark_unattached_ap(conn, control_reason);
997  return 0;
998 }
999 
1009 static void
1011  entry_connection_t *conn,
1012  node_t *node,
1013  const tor_addr_t *addr)
1014 {
1015  int make_reject_all = 0;
1016  const sa_family_t family = tor_addr_family(addr);
1017 
1018  if (node) {
1019  tor_addr_t tmp;
1020  int asked_for_family = tor_addr_parse(&tmp, conn->socks_request->address);
1021  if (family == AF_UNSPEC) {
1022  make_reject_all = 1;
1023  } else if (node_exit_policy_is_exact(node, family) &&
1024  asked_for_family != -1 && !conn->chosen_exit_name) {
1025  make_reject_all = 1;
1026  }
1027 
1028  if (make_reject_all) {
1029  log_info(LD_APP,
1030  "Exitrouter %s seems to be more restrictive than its exit "
1031  "policy. Not using this router as exit for now.",
1032  node_describe(node));
1034  }
1035  }
1036 
1037  if (family != AF_UNSPEC)
1039 }
1040 
1044 static void
1046 {
1047  tor_addr_to_str(conn->socks_request->address, new_addr,
1048  sizeof(conn->socks_request->address),
1049  1);
1050  control_event_stream_status(conn, STREAM_EVENT_REMAP,
1052 }
1053 
1064 STATIC int
1066  tor_addr_t *addr_out, int *ttl_out)
1067 {
1068  uint32_t bytes;
1069  const uint8_t *payload = cell->payload + RELAY_HEADER_SIZE;
1070 
1071  tor_addr_make_unspec(addr_out);
1072  *ttl_out = -1;
1073  if (rh->length == 0)
1074  return 0;
1075  if (rh->length < 4)
1076  return -1;
1077  bytes = ntohl(get_uint32(payload));
1078 
1079  /* If bytes is 0, this is maybe a v6 address. Otherwise it's a v4 address */
1080  if (bytes != 0) {
1081  /* v4 address */
1082  tor_addr_from_ipv4h(addr_out, bytes);
1083  if (rh->length >= 8) {
1084  bytes = ntohl(get_uint32(payload + 4));
1085  if (bytes <= INT32_MAX)
1086  *ttl_out = bytes;
1087  }
1088  } else {
1089  if (rh->length < 25) /* 4 bytes of 0s, 1 addr, 16 ipv4, 4 ttl. */
1090  return -1;
1091  if (get_uint8(payload + 4) != 6)
1092  return -1;
1093  tor_addr_from_ipv6_bytes(addr_out, (char*)(payload + 5));
1094  bytes = ntohl(get_uint32(payload + 21));
1095  if (bytes <= INT32_MAX)
1096  *ttl_out = (int) bytes;
1097  }
1098  return 0;
1099 }
1100 
1102 STATIC void
1103 address_ttl_free_(address_ttl_t *addr)
1104 {
1105  if (!addr)
1106  return;
1107  tor_free(addr->hostname);
1108  tor_free(addr);
1109 }
1110 
1116 STATIC int
1118  smartlist_t *addresses_out, int *errcode_out)
1119 {
1120  const uint8_t *cp;
1121  uint8_t answer_type;
1122  size_t answer_len;
1123  address_ttl_t *addr;
1124  size_t remaining;
1125  int errcode = 0;
1126  smartlist_t *addrs;
1127 
1128  tor_assert(cell);
1129  tor_assert(rh);
1130  tor_assert(addresses_out);
1131  tor_assert(errcode_out);
1132 
1133  *errcode_out = 0;
1134 
1135  if (rh->length > RELAY_PAYLOAD_SIZE)
1136  return -1;
1137 
1138  addrs = smartlist_new();
1139 
1140  cp = cell->payload + RELAY_HEADER_SIZE;
1141 
1142  remaining = rh->length;
1143  while (remaining) {
1144  const uint8_t *cp_orig = cp;
1145  if (remaining < 2)
1146  goto err;
1147  answer_type = *cp++;
1148  answer_len = *cp++;
1149  if (remaining < 2 + answer_len + 4) {
1150  goto err;
1151  }
1152  if (answer_type == RESOLVED_TYPE_IPV4) {
1153  if (answer_len != 4) {
1154  goto err;
1155  }
1156  addr = tor_malloc_zero(sizeof(*addr));
1157  tor_addr_from_ipv4n(&addr->addr, get_uint32(cp));
1158  cp += 4;
1159  addr->ttl = ntohl(get_uint32(cp));
1160  cp += 4;
1161  smartlist_add(addrs, addr);
1162  } else if (answer_type == RESOLVED_TYPE_IPV6) {
1163  if (answer_len != 16)
1164  goto err;
1165  addr = tor_malloc_zero(sizeof(*addr));
1166  tor_addr_from_ipv6_bytes(&addr->addr, (const char*) cp);
1167  cp += 16;
1168  addr->ttl = ntohl(get_uint32(cp));
1169  cp += 4;
1170  smartlist_add(addrs, addr);
1171  } else if (answer_type == RESOLVED_TYPE_HOSTNAME) {
1172  if (answer_len == 0) {
1173  goto err;
1174  }
1175  addr = tor_malloc_zero(sizeof(*addr));
1176  addr->hostname = tor_memdup_nulterm(cp, answer_len);
1177  cp += answer_len;
1178  addr->ttl = ntohl(get_uint32(cp));
1179  cp += 4;
1180  smartlist_add(addrs, addr);
1181  } else if (answer_type == RESOLVED_TYPE_ERROR_TRANSIENT ||
1182  answer_type == RESOLVED_TYPE_ERROR) {
1183  errcode = answer_type;
1184  /* Ignore the error contents */
1185  cp += answer_len + 4;
1186  } else {
1187  cp += answer_len + 4;
1188  }
1189  tor_assert(((ssize_t)remaining) >= (cp - cp_orig));
1190  remaining -= (cp - cp_orig);
1191  }
1192 
1193  if (errcode && smartlist_len(addrs) == 0) {
1194  /* Report an error only if there were no results. */
1195  *errcode_out = errcode;
1196  }
1197 
1198  smartlist_add_all(addresses_out, addrs);
1199  smartlist_free(addrs);
1200 
1201  return 0;
1202 
1203  err:
1204  /* On parse error, don't report any results */
1205  SMARTLIST_FOREACH(addrs, address_ttl_t *, a, address_ttl_free(a));
1206  smartlist_free(addrs);
1207  return -1;
1208 }
1209 
1213 static void
1215  int error_code,
1216  smartlist_t *results)
1217 {
1218  address_ttl_t *addr_ipv4 = NULL;
1219  address_ttl_t *addr_ipv6 = NULL;
1220  address_ttl_t *addr_hostname = NULL;
1221  address_ttl_t *addr_best = NULL;
1222 
1223  /* If it's an error code, that's easy. */
1224  if (error_code) {
1225  tor_assert(error_code == RESOLVED_TYPE_ERROR ||
1226  error_code == RESOLVED_TYPE_ERROR_TRANSIENT);
1227  connection_ap_handshake_socks_resolved(conn,
1228  error_code,0,NULL,-1,-1);
1229  return;
1230  }
1231 
1232  /* Get the first answer of each type. */
1233  SMARTLIST_FOREACH_BEGIN(results, address_ttl_t *, addr) {
1234  if (addr->hostname) {
1235  if (!addr_hostname) {
1236  addr_hostname = addr;
1237  }
1238  } else if (tor_addr_family(&addr->addr) == AF_INET) {
1239  if (!addr_ipv4 && conn->entry_cfg.ipv4_traffic) {
1240  addr_ipv4 = addr;
1241  }
1242  } else if (tor_addr_family(&addr->addr) == AF_INET6) {
1243  if (!addr_ipv6 && conn->entry_cfg.ipv6_traffic) {
1244  addr_ipv6 = addr;
1245  }
1246  }
1247  } SMARTLIST_FOREACH_END(addr);
1248 
1249  /* Now figure out which type we wanted to deliver. */
1250  if (conn->socks_request->command == SOCKS_COMMAND_RESOLVE_PTR) {
1251  if (addr_hostname) {
1252  connection_ap_handshake_socks_resolved(conn,
1253  RESOLVED_TYPE_HOSTNAME,
1254  strlen(addr_hostname->hostname),
1255  (uint8_t*)addr_hostname->hostname,
1256  addr_hostname->ttl,-1);
1257  } else {
1258  connection_ap_handshake_socks_resolved(conn,
1259  RESOLVED_TYPE_ERROR,0,NULL,-1,-1);
1260  }
1261  return;
1262  }
1263 
1264  if (conn->entry_cfg.prefer_ipv6) {
1265  addr_best = addr_ipv6 ? addr_ipv6 : addr_ipv4;
1266  } else {
1267  addr_best = addr_ipv4 ? addr_ipv4 : addr_ipv6;
1268  }
1269 
1270  /* Now convert it to the ugly old interface */
1271  if (! addr_best) {
1272  connection_ap_handshake_socks_resolved(conn,
1273  RESOLVED_TYPE_ERROR,0,NULL,-1,-1);
1274  return;
1275  }
1276 
1278  &addr_best->addr,
1279  addr_best->ttl,
1280  -1);
1281 
1282  remap_event_helper(conn, &addr_best->addr);
1283 }
1284 
1287 STATIC int
1289  const cell_t *cell,
1290  const relay_header_t *rh)
1291 {
1292  entry_connection_t *entry_conn = EDGE_TO_ENTRY_CONN(conn);
1293  smartlist_t *resolved_addresses = NULL;
1294  int errcode = 0;
1295 
1296  if (conn->base_.state != AP_CONN_STATE_RESOLVE_WAIT) {
1297  log_fn(LOG_PROTOCOL_WARN, LD_APP, "Got a 'resolved' cell while "
1298  "not in state resolve_wait. Dropping.");
1299  return 0;
1300  }
1301  tor_assert(SOCKS_COMMAND_IS_RESOLVE(entry_conn->socks_request->command));
1302 
1303  resolved_addresses = smartlist_new();
1304  if (resolved_cell_parse(cell, rh, resolved_addresses, &errcode)) {
1305  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1306  "Dropping malformed 'resolved' cell");
1307  connection_mark_unattached_ap(entry_conn, END_STREAM_REASON_TORPROTOCOL);
1308  goto done;
1309  }
1310 
1311  if (get_options()->ClientDNSRejectInternalAddresses) {
1312  int orig_len = smartlist_len(resolved_addresses);
1313  SMARTLIST_FOREACH_BEGIN(resolved_addresses, address_ttl_t *, addr) {
1314  if (addr->hostname == NULL && tor_addr_is_internal(&addr->addr, 0)) {
1315  log_info(LD_APP, "Got a resolved cell with answer %s; dropping that "
1316  "answer.",
1317  safe_str_client(fmt_addr(&addr->addr)));
1318  address_ttl_free(addr);
1319  SMARTLIST_DEL_CURRENT(resolved_addresses, addr);
1320  }
1321  } SMARTLIST_FOREACH_END(addr);
1322  if (orig_len && smartlist_len(resolved_addresses) == 0) {
1323  log_info(LD_APP, "Got a resolved cell with only private addresses; "
1324  "dropping it.");
1325  connection_ap_handshake_socks_resolved(entry_conn,
1326  RESOLVED_TYPE_ERROR_TRANSIENT,
1327  0, NULL, 0, TIME_MAX);
1328  connection_mark_unattached_ap(entry_conn,
1329  END_STREAM_REASON_TORPROTOCOL);
1330  goto done;
1331  }
1332  }
1333 
1334  /* This is valid data at this point. Count it */
1335  if (conn->on_circuit && CIRCUIT_IS_ORIGIN(conn->on_circuit)) {
1337  rh->length);
1338  }
1339 
1341  errcode,
1342  resolved_addresses);
1343 
1344  connection_mark_unattached_ap(entry_conn,
1345  END_STREAM_REASON_DONE |
1347 
1348  done:
1349  SMARTLIST_FOREACH(resolved_addresses, address_ttl_t *, addr,
1350  address_ttl_free(addr));
1351  smartlist_free(resolved_addresses);
1352  return 0;
1353 }
1354 
1362 static int
1364  relay_header_t *rh, cell_t *cell, circuit_t *circ,
1365  edge_connection_t *conn, crypt_path_t *layer_hint)
1366 {
1367  if (rh->command == RELAY_COMMAND_END) {
1368  if (CIRCUIT_IS_ORIGIN(circ) && conn->base_.type == CONN_TYPE_AP) {
1369  return connection_ap_process_end_not_open(rh, cell,
1370  TO_ORIGIN_CIRCUIT(circ),
1371  EDGE_TO_ENTRY_CONN(conn),
1372  layer_hint);
1373  } else {
1374  /* we just got an 'end', don't need to send one */
1375  conn->edge_has_sent_end = 1;
1376  conn->end_reason = *(cell->payload+RELAY_HEADER_SIZE) |
1378  connection_mark_for_close(TO_CONN(conn));
1379  return 0;
1380  }
1381  }
1382 
1383  if (conn->base_.type == CONN_TYPE_AP &&
1384  rh->command == RELAY_COMMAND_CONNECTED) {
1385  tor_addr_t addr;
1386  int ttl;
1387  entry_connection_t *entry_conn = EDGE_TO_ENTRY_CONN(conn);
1389  if (conn->base_.state != AP_CONN_STATE_CONNECT_WAIT) {
1390  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1391  "Got 'connected' while not in state connect_wait. Dropping.");
1392  return 0;
1393  }
1394  CONNECTION_AP_EXPECT_NONPENDING(entry_conn);
1395  conn->base_.state = AP_CONN_STATE_OPEN;
1396  log_info(LD_APP,"'connected' received for circid %u streamid %d "
1397  "after %d seconds.",
1398  (unsigned)circ->n_circ_id,
1399  rh->stream_id,
1400  (int)(time(NULL) - conn->base_.timestamp_last_read_allowed));
1401  if (connected_cell_parse(rh, cell, &addr, &ttl) < 0) {
1402  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1403  "Got a badly formatted connected cell. Closing.");
1404  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1405  connection_mark_unattached_ap(entry_conn, END_STREAM_REASON_TORPROTOCOL);
1406  return 0;
1407  }
1408  if (tor_addr_family(&addr) != AF_UNSPEC) {
1409  /* The family is not UNSPEC: so we were given an address in the
1410  * connected cell. (This is normal, except for BEGINDIR and onion
1411  * service streams.) */
1412  const sa_family_t family = tor_addr_family(&addr);
1413  if (tor_addr_is_null(&addr) ||
1414  (get_options()->ClientDNSRejectInternalAddresses &&
1415  tor_addr_is_internal(&addr, 0))) {
1416  log_info(LD_APP, "...but it claims the IP address was %s. Closing.",
1417  fmt_addr(&addr));
1418  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1419  connection_mark_unattached_ap(entry_conn,
1420  END_STREAM_REASON_TORPROTOCOL);
1421  return 0;
1422  }
1423 
1424  if ((family == AF_INET && ! entry_conn->entry_cfg.ipv4_traffic) ||
1425  (family == AF_INET6 && ! entry_conn->entry_cfg.ipv6_traffic)) {
1426  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1427  "Got a connected cell to %s with unsupported address family."
1428  " Closing.", fmt_addr(&addr));
1429  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1430  connection_mark_unattached_ap(entry_conn,
1431  END_STREAM_REASON_TORPROTOCOL);
1432  return 0;
1433  }
1434 
1435  client_dns_set_addressmap(entry_conn,
1436  entry_conn->socks_request->address, &addr,
1437  entry_conn->chosen_exit_name, ttl);
1438 
1439  remap_event_helper(entry_conn, &addr);
1440  }
1442  /* don't send a socks reply to transparent conns */
1443  tor_assert(entry_conn->socks_request != NULL);
1444  if (!entry_conn->socks_request->has_finished) {
1445  connection_ap_handshake_socks_reply(entry_conn, NULL, 0, 0);
1446  }
1447 
1448  /* Was it a linked dir conn? If so, a dir request just started to
1449  * fetch something; this could be a bootstrap status milestone. */
1450  log_debug(LD_APP, "considering");
1451  if (TO_CONN(conn)->linked_conn &&
1452  TO_CONN(conn)->linked_conn->type == CONN_TYPE_DIR) {
1453  connection_t *dirconn = TO_CONN(conn)->linked_conn;
1454  log_debug(LD_APP, "it is! %d", dirconn->purpose);
1455  switch (dirconn->purpose) {
1458  control_event_bootstrap(BOOTSTRAP_STATUS_LOADING_KEYS, 0);
1459  break;
1461  control_event_bootstrap(BOOTSTRAP_STATUS_LOADING_STATUS, 0);
1462  break;
1465  if (TO_DIR_CONN(dirconn)->router_purpose == ROUTER_PURPOSE_GENERAL)
1466  control_event_boot_dir(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS,
1468  break;
1469  }
1470  }
1471  /* This is definitely a success, so forget about any pending data we
1472  * had sent. */
1473  if (entry_conn->pending_optimistic_data) {
1474  buf_free(entry_conn->pending_optimistic_data);
1475  entry_conn->pending_optimistic_data = NULL;
1476  }
1477 
1478  /* This is valid data at this point. Count it */
1480 
1481  /* handle anything that might have queued */
1482  if (connection_edge_package_raw_inbuf(conn, 1, NULL) < 0) {
1483  /* (We already sent an end cell if possible) */
1484  connection_mark_for_close(TO_CONN(conn));
1485  return 0;
1486  }
1487  return 0;
1488  }
1489  if (conn->base_.type == CONN_TYPE_AP &&
1490  rh->command == RELAY_COMMAND_RESOLVED) {
1491  return connection_edge_process_resolved_cell(conn, cell, rh);
1492  }
1493 
1494  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1495  "Got an unexpected relay command %d, in state %d (%s). Dropping.",
1496  rh->command, conn->base_.state,
1497  conn_state_to_string(conn->base_.type, conn->base_.state));
1498  return 0; /* for forward compatibility, don't kill the circuit */
1499 // connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1500 // connection_mark_for_close(conn);
1501 // return -1;
1502 }
1503 
1511 static int
1513  circuit_t *circ, edge_connection_t *conn,
1514  crypt_path_t *layer_hint, int domain)
1515 {
1516  int ret;
1517 
1518  tor_assert(rh);
1519 
1520  if (!rh->stream_id) {
1521  /* Circuit level SENDME cell. */
1522  ret = sendme_process_circuit_level(layer_hint, circ,
1523  cell->payload + RELAY_HEADER_SIZE,
1524  rh->length);
1525  if (ret < 0) {
1526  return ret;
1527  }
1528  /* Resume reading on any streams now that we've processed a valid
1529  * SENDME cell that updated our package window. */
1530  circuit_resume_edge_reading(circ, layer_hint);
1531  /* We are done, the rest of the code is for the stream level. */
1532  return 0;
1533  }
1534 
1535  /* No connection, might be half edge state. We are done if so. */
1536  if (!conn) {
1537  if (CIRCUIT_IS_ORIGIN(circ)) {
1538  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1540  rh->stream_id)) {
1541  circuit_read_valid_data(ocirc, rh->length);
1542  log_info(domain, "Sendme cell on circ %u valid on half-closed "
1543  "stream id %d",
1544  ocirc->global_identifier, rh->stream_id);
1545  }
1546  }
1547 
1548  log_info(domain, "SENDME cell dropped, unknown stream (streamid %d).",
1549  rh->stream_id);
1550  return 0;
1551  }
1552 
1553  /* Stream level SENDME cell. */
1554  ret = sendme_process_stream_level(conn, circ, rh->length);
1555  if (ret < 0) {
1556  /* Means we need to close the circuit with reason ret. */
1557  return ret;
1558  }
1559 
1560  /* We've now processed properly a SENDME cell, all windows have been
1561  * properly updated, we'll read on the edge connection to see if we can
1562  * get data out towards the end point (Exit or client) since we are now
1563  * allowed to deliver more cells. */
1564 
1566  /* Still waiting for queue to flush; don't touch conn */
1567  return 0;
1568  }
1569  connection_start_reading(TO_CONN(conn));
1570  /* handle whatever might still be on the inbuf */
1571  if (connection_edge_package_raw_inbuf(conn, 1, NULL) < 0) {
1572  /* (We already sent an end cell if possible) */
1573  connection_mark_for_close(TO_CONN(conn));
1574  return 0;
1575  }
1576  return 0;
1577 }
1578 
1588 STATIC int
1590  edge_connection_t *conn,
1591  crypt_path_t *layer_hint)
1592 {
1593  static int num_seen=0;
1594  relay_header_t rh;
1595  unsigned domain = layer_hint?LD_APP:LD_EXIT;
1596  int reason;
1597  int optimistic_data = 0; /* Set to 1 if we receive data on a stream
1598  * that's in the EXIT_CONN_STATE_RESOLVING
1599  * or EXIT_CONN_STATE_CONNECTING states. */
1600 
1601  tor_assert(cell);
1602  tor_assert(circ);
1603 
1604  relay_header_unpack(&rh, cell->payload);
1605 // log_fn(LOG_DEBUG,"command %d stream %d", rh.command, rh.stream_id);
1606  num_seen++;
1607  log_debug(domain, "Now seen %d relay cells here (command %d, stream %d).",
1608  num_seen, rh.command, rh.stream_id);
1609 
1610  if (rh.length > RELAY_PAYLOAD_SIZE) {
1611  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1612  "Relay cell length field too long. Closing circuit.");
1613  return - END_CIRC_REASON_TORPROTOCOL;
1614  }
1615 
1616  if (rh.stream_id == 0) {
1617  switch (rh.command) {
1618  case RELAY_COMMAND_BEGIN:
1619  case RELAY_COMMAND_CONNECTED:
1620  case RELAY_COMMAND_END:
1621  case RELAY_COMMAND_RESOLVE:
1622  case RELAY_COMMAND_RESOLVED:
1623  case RELAY_COMMAND_BEGIN_DIR:
1624  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Relay command %d with zero "
1625  "stream_id. Dropping.", (int)rh.command);
1626  return 0;
1627  default:
1628  ;
1629  }
1630  }
1631 
1632  /* Tell circpad that we've received a recognized cell */
1634 
1635  /* either conn is NULL, in which case we've got a control cell, or else
1636  * conn points to the recognized stream. */
1637  if (conn && !connection_state_is_open(TO_CONN(conn))) {
1638  if (conn->base_.type == CONN_TYPE_EXIT &&
1639  (conn->base_.state == EXIT_CONN_STATE_CONNECTING ||
1640  conn->base_.state == EXIT_CONN_STATE_RESOLVING) &&
1641  rh.command == RELAY_COMMAND_DATA) {
1642  /* Allow DATA cells to be delivered to an exit node in state
1643  * EXIT_CONN_STATE_CONNECTING or EXIT_CONN_STATE_RESOLVING.
1644  * This speeds up HTTP, for example. */
1645  optimistic_data = 1;
1646  } else if (rh.stream_id == 0 && rh.command == RELAY_COMMAND_DATA) {
1647  log_warn(LD_BUG, "Somehow I had a connection that matched a "
1648  "data cell with stream ID 0.");
1649  } else {
1651  &rh, cell, circ, conn, layer_hint);
1652  }
1653  }
1654 
1655  switch (rh.command) {
1656  case RELAY_COMMAND_DROP:
1657  /* Already examined in circpad_deliver_recognized_relay_cell_events */
1658  return 0;
1659  case RELAY_COMMAND_PADDING_NEGOTIATE:
1661  return 0;
1662  case RELAY_COMMAND_PADDING_NEGOTIATED:
1663  if (circpad_handle_padding_negotiated(circ, cell, layer_hint) == 0)
1665  return 0;
1666  case RELAY_COMMAND_BEGIN:
1667  case RELAY_COMMAND_BEGIN_DIR:
1668  if (layer_hint &&
1670  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1671  "Relay begin request unsupported at AP. Dropping.");
1672  return 0;
1673  }
1674  if (circ->purpose == CIRCUIT_PURPOSE_S_REND_JOINED &&
1675  layer_hint != TO_ORIGIN_CIRCUIT(circ)->cpath->prev) {
1676  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1677  "Relay begin request to Hidden Service "
1678  "from intermediary node. Dropping.");
1679  return 0;
1680  }
1681  if (conn) {
1682  log_fn(LOG_PROTOCOL_WARN, domain,
1683  "Begin cell for known stream. Dropping.");
1684  return 0;
1685  }
1686  if (rh.command == RELAY_COMMAND_BEGIN_DIR &&
1688  /* Assign this circuit and its app-ward OR connection a unique ID,
1689  * so that we can measure download times. The local edge and dir
1690  * connection will be assigned the same ID when they are created
1691  * and linked. */
1692  static uint64_t next_id = 0;
1693  circ->dirreq_id = ++next_id;
1694  TO_OR_CIRCUIT(circ)->p_chan->dirreq_id = circ->dirreq_id;
1695  }
1696  return connection_exit_begin_conn(cell, circ);
1697  case RELAY_COMMAND_DATA:
1699 
1700  /* Update our circuit-level deliver window that we received a DATA cell.
1701  * If the deliver window goes below 0, we end the circuit and stream due
1702  * to a protocol failure. */
1703  if (sendme_circuit_data_received(circ, layer_hint) < 0) {
1704  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1705  "(relay data) circ deliver_window below 0. Killing.");
1706  connection_edge_end_close(conn, END_STREAM_REASON_TORPROTOCOL);
1707  return -END_CIRC_REASON_TORPROTOCOL;
1708  }
1709 
1710  /* Consider sending a circuit-level SENDME cell. */
1711  sendme_circuit_consider_sending(circ, layer_hint);
1712 
1713  if (rh.stream_id == 0) {
1714  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Relay data cell with zero "
1715  "stream_id. Dropping.");
1716  return 0;
1717  } else if (!conn) {
1718  if (CIRCUIT_IS_ORIGIN(circ)) {
1719  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1721  rh.stream_id)) {
1722  circuit_read_valid_data(ocirc, rh.length);
1723  log_info(domain,
1724  "data cell on circ %u valid on half-closed "
1725  "stream id %d", ocirc->global_identifier, rh.stream_id);
1726  }
1727  }
1728 
1729  log_info(domain,"data cell dropped, unknown stream (streamid %d).",
1730  rh.stream_id);
1731  return 0;
1732  }
1733 
1734  /* Update our stream-level deliver window that we just received a DATA
1735  * cell. Going below 0 means we have a protocol level error so the
1736  * stream and circuit are closed. */
1737 
1738  if (sendme_stream_data_received(conn) < 0) {
1739  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1740  "(relay data) conn deliver_window below 0. Killing.");
1741  connection_edge_end_close(conn, END_STREAM_REASON_TORPROTOCOL);
1742  return -END_CIRC_REASON_TORPROTOCOL;
1743  }
1744  /* Total all valid application bytes delivered */
1745  if (CIRCUIT_IS_ORIGIN(circ) && rh.length > 0) {
1747  }
1748 
1750  connection_buf_add((char*)(cell->payload + RELAY_HEADER_SIZE),
1751  rh.length, TO_CONN(conn));
1752 
1753 #ifdef MEASUREMENTS_21206
1754  /* Count number of RELAY_DATA cells received on a linked directory
1755  * connection. */
1756  connection_t *linked_conn = TO_CONN(conn)->linked_conn;
1757 
1758  if (linked_conn && linked_conn->type == CONN_TYPE_DIR) {
1759  ++(TO_DIR_CONN(linked_conn)->data_cells_received);
1760  }
1761 #endif /* defined(MEASUREMENTS_21206) */
1762 
1763  if (!optimistic_data) {
1764  /* Only send a SENDME if we're not getting optimistic data; otherwise
1765  * a SENDME could arrive before the CONNECTED.
1766  */
1768  }
1769 
1770  return 0;
1771  case RELAY_COMMAND_END:
1772  reason = rh.length > 0 ?
1773  get_uint8(cell->payload+RELAY_HEADER_SIZE) : END_STREAM_REASON_MISC;
1774  if (!conn) {
1775  if (CIRCUIT_IS_ORIGIN(circ)) {
1776  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1778  rh.stream_id)) {
1779 
1780  circuit_read_valid_data(ocirc, rh.length);
1781  log_info(domain,
1782  "end cell (%s) on circ %u valid on half-closed "
1783  "stream id %d",
1785  ocirc->global_identifier, rh.stream_id);
1786  return 0;
1787  }
1788  }
1789  log_info(domain,"end cell (%s) dropped, unknown stream.",
1790  stream_end_reason_to_string(reason));
1791  return 0;
1792  }
1793 /* XXX add to this log_fn the exit node's nickname? */
1794  log_info(domain,TOR_SOCKET_T_FORMAT": end cell (%s) for stream %d. "
1795  "Removing stream.",
1796  conn->base_.s,
1798  conn->stream_id);
1799  if (conn->base_.type == CONN_TYPE_AP) {
1800  entry_connection_t *entry_conn = EDGE_TO_ENTRY_CONN(conn);
1801  if (entry_conn->socks_request &&
1802  !entry_conn->socks_request->has_finished)
1803  log_warn(LD_BUG,
1804  "open stream hasn't sent socks answer yet? Closing.");
1805  }
1806  /* We just *got* an end; no reason to send one. */
1807  conn->edge_has_sent_end = 1;
1808  if (!conn->end_reason)
1809  conn->end_reason = reason | END_STREAM_REASON_FLAG_REMOTE;
1810  if (!conn->base_.marked_for_close) {
1811  /* only mark it if not already marked. it's possible to
1812  * get the 'end' right around when the client hangs up on us. */
1813  connection_mark_and_flush(TO_CONN(conn));
1814 
1815  /* Total all valid application bytes delivered */
1816  if (CIRCUIT_IS_ORIGIN(circ)) {
1818  }
1819  }
1820  return 0;
1821  case RELAY_COMMAND_EXTEND:
1822  case RELAY_COMMAND_EXTEND2: {
1823  static uint64_t total_n_extend=0, total_nonearly=0;
1824  total_n_extend++;
1825  if (rh.stream_id) {
1826  log_fn(LOG_PROTOCOL_WARN, domain,
1827  "'extend' cell received for non-zero stream. Dropping.");
1828  return 0;
1829  }
1830  if (cell->command != CELL_RELAY_EARLY &&
1831  !networkstatus_get_param(NULL,"AllowNonearlyExtend",0,0,1)) {
1832 #define EARLY_WARNING_INTERVAL 3600
1833  static ratelim_t early_warning_limit =
1834  RATELIM_INIT(EARLY_WARNING_INTERVAL);
1835  char *m;
1836  if (cell->command == CELL_RELAY) {
1837  ++total_nonearly;
1838  if ((m = rate_limit_log(&early_warning_limit, approx_time()))) {
1839  double percentage = ((double)total_nonearly)/total_n_extend;
1840  percentage *= 100;
1841  log_fn(LOG_PROTOCOL_WARN, domain, "EXTEND cell received, "
1842  "but not via RELAY_EARLY. Dropping.%s", m);
1843  log_fn(LOG_PROTOCOL_WARN, domain, " (We have dropped %.02f%% of "
1844  "all EXTEND cells for this reason)", percentage);
1845  tor_free(m);
1846  }
1847  } else {
1848  log_fn(LOG_WARN, domain,
1849  "EXTEND cell received, in a cell with type %d! Dropping.",
1850  cell->command);
1851  }
1852  return 0;
1853  }
1854  return circuit_extend(cell, circ);
1855  }
1856  case RELAY_COMMAND_EXTENDED:
1857  case RELAY_COMMAND_EXTENDED2:
1858  if (!layer_hint) {
1859  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1860  "'extended' unsupported at non-origin. Dropping.");
1861  return 0;
1862  }
1863  log_debug(domain,"Got an extended cell! Yay.");
1864  {
1865  extended_cell_t extended_cell;
1866  if (extended_cell_parse(&extended_cell, rh.command,
1867  (const uint8_t*)cell->payload+RELAY_HEADER_SIZE,
1868  rh.length)<0) {
1869  log_warn(LD_PROTOCOL,
1870  "Can't parse EXTENDED cell; killing circuit.");
1871  return -END_CIRC_REASON_TORPROTOCOL;
1872  }
1873  if ((reason = circuit_finish_handshake(TO_ORIGIN_CIRCUIT(circ),
1874  &extended_cell.created_cell)) < 0) {
1875  circuit_mark_for_close(circ, -reason);
1876  return 0; /* We don't want to cause a warning, so we mark the circuit
1877  * here. */
1878  }
1879  }
1880  if ((reason=circuit_send_next_onion_skin(TO_ORIGIN_CIRCUIT(circ)))<0) {
1881  log_info(domain,"circuit_send_next_onion_skin() failed.");
1882  return reason;
1883  }
1884  /* Total all valid bytes delivered. */
1885  if (CIRCUIT_IS_ORIGIN(circ)) {
1887  }
1888  return 0;
1889  case RELAY_COMMAND_TRUNCATE:
1890  if (layer_hint) {
1891  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1892  "'truncate' unsupported at origin. Dropping.");
1893  return 0;
1894  }
1895  if (circ->n_hop) {
1896  if (circ->n_chan)
1897  log_warn(LD_BUG, "n_chan and n_hop set on the same circuit!");
1898  extend_info_free(circ->n_hop);
1899  circ->n_hop = NULL;
1902  }
1903  if (circ->n_chan) {
1904  uint8_t trunc_reason = get_uint8(cell->payload + RELAY_HEADER_SIZE);
1905  circuit_synchronize_written_or_bandwidth(circ, CIRCUIT_N_CHAN);
1906  circuit_clear_cell_queue(circ, circ->n_chan);
1907  channel_send_destroy(circ->n_circ_id, circ->n_chan,
1908  trunc_reason);
1909  circuit_set_n_circid_chan(circ, 0, NULL);
1910  }
1911  log_debug(LD_EXIT, "Processed 'truncate', replying.");
1912  {
1913  char payload[1];
1914  payload[0] = (char)END_CIRC_REASON_REQUESTED;
1915  relay_send_command_from_edge(0, circ, RELAY_COMMAND_TRUNCATED,
1916  payload, sizeof(payload), NULL);
1917  }
1918  return 0;
1919  case RELAY_COMMAND_TRUNCATED:
1920  if (!layer_hint) {
1921  log_fn(LOG_PROTOCOL_WARN, LD_EXIT,
1922  "'truncated' unsupported at non-origin. Dropping.");
1923  return 0;
1924  }
1925 
1926  /* Count the truncated as valid, for completeness. The
1927  * circuit is being torn down anyway, though. */
1928  if (CIRCUIT_IS_ORIGIN(circ)) {
1930  rh.length);
1931  }
1933  get_uint8(cell->payload + RELAY_HEADER_SIZE));
1934  return 0;
1935  case RELAY_COMMAND_CONNECTED:
1936  if (conn) {
1937  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1938  "'connected' unsupported while open. Closing circ.");
1939  return -END_CIRC_REASON_TORPROTOCOL;
1940  }
1941 
1942  if (CIRCUIT_IS_ORIGIN(circ)) {
1943  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1945  rh.stream_id)) {
1946  circuit_read_valid_data(ocirc, rh.length);
1947  log_info(domain,
1948  "connected cell on circ %u valid on half-closed "
1949  "stream id %d", ocirc->global_identifier, rh.stream_id);
1950  return 0;
1951  }
1952  }
1953 
1954  log_info(domain,
1955  "'connected' received on circid %u for streamid %d, "
1956  "no conn attached anymore. Ignoring.",
1957  (unsigned)circ->n_circ_id, rh.stream_id);
1958  return 0;
1959  case RELAY_COMMAND_SENDME:
1960  return process_sendme_cell(&rh, cell, circ, conn, layer_hint, domain);
1961  case RELAY_COMMAND_RESOLVE:
1962  if (layer_hint) {
1963  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1964  "resolve request unsupported at AP; dropping.");
1965  return 0;
1966  } else if (conn) {
1967  log_fn(LOG_PROTOCOL_WARN, domain,
1968  "resolve request for known stream; dropping.");
1969  return 0;
1970  } else if (circ->purpose != CIRCUIT_PURPOSE_OR) {
1971  log_fn(LOG_PROTOCOL_WARN, domain,
1972  "resolve request on circ with purpose %d; dropping",
1973  circ->purpose);
1974  return 0;
1975  }
1977  return 0;
1978  case RELAY_COMMAND_RESOLVED:
1979  if (conn) {
1980  log_fn(LOG_PROTOCOL_WARN, domain,
1981  "'resolved' unsupported while open. Closing circ.");
1982  return -END_CIRC_REASON_TORPROTOCOL;
1983  }
1984 
1985  if (CIRCUIT_IS_ORIGIN(circ)) {
1986  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1988  rh.stream_id)) {
1989  circuit_read_valid_data(ocirc, rh.length);
1990  log_info(domain,
1991  "resolved cell on circ %u valid on half-closed "
1992  "stream id %d", ocirc->global_identifier, rh.stream_id);
1993  return 0;
1994  }
1995  }
1996 
1997  log_info(domain,
1998  "'resolved' received, no conn attached anymore. Ignoring.");
1999  return 0;
2000  case RELAY_COMMAND_ESTABLISH_INTRO:
2001  case RELAY_COMMAND_ESTABLISH_RENDEZVOUS:
2002  case RELAY_COMMAND_INTRODUCE1:
2003  case RELAY_COMMAND_INTRODUCE2:
2004  case RELAY_COMMAND_INTRODUCE_ACK:
2005  case RELAY_COMMAND_RENDEZVOUS1:
2006  case RELAY_COMMAND_RENDEZVOUS2:
2007  case RELAY_COMMAND_INTRO_ESTABLISHED:
2008  case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
2009  rend_process_relay_cell(circ, layer_hint,
2010  rh.command, rh.length,
2011  cell->payload+RELAY_HEADER_SIZE);
2012  return 0;
2013  }
2014  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
2015  "Received unknown relay command %d. Perhaps the other side is using "
2016  "a newer version of Tor? Dropping.",
2017  rh.command);
2018  return 0; /* for forward compatibility, don't kill the circuit */
2019 }
2020 
2033 
2039 void
2041 {
2045 }
2046 
2051 #define RELAY_PAYLOAD_LENGTH_FOR_RANDOM_SENDMES \
2052  (RELAY_PAYLOAD_SIZE - CELL_PADDING_GAP - 16)
2053 
2058 STATIC size_t
2060  int package_partial,
2061  circuit_t *on_circuit)
2062 {
2063  if (!n_available)
2064  return 0;
2065 
2066  /* Do we need to force this payload to have space for randomness? */
2067  const bool force_random_bytes =
2068  (on_circuit->send_randomness_after_n_cells == 0) &&
2069  (! on_circuit->have_sent_sufficiently_random_cell);
2070 
2071  /* At most how much would we like to send in this cell? */
2072  size_t target_length;
2073  if (force_random_bytes) {
2075  } else {
2076  target_length = RELAY_PAYLOAD_SIZE;
2077  }
2078 
2079  /* Decide how many bytes we will actually put into this cell. */
2080  size_t package_length;
2081  if (n_available >= target_length) { /* A full payload is available. */
2082  package_length = target_length;
2083  } else { /* not a full payload available */
2084  if (package_partial)
2085  package_length = n_available; /* just take whatever's available now */
2086  else
2087  return 0; /* nothing to do until we have a full payload */
2088  }
2089 
2090  /* If we reach this point, we will be definitely sending the cell. */
2091  tor_assert_nonfatal(package_length > 0);
2092 
2093  if (package_length <= RELAY_PAYLOAD_LENGTH_FOR_RANDOM_SENDMES) {
2094  /* This cell will have enough randomness in the padding to make a future
2095  * sendme cell unpredictable. */
2096  on_circuit->have_sent_sufficiently_random_cell = 1;
2097  }
2098 
2099  if (on_circuit->send_randomness_after_n_cells == 0) {
2100  /* Either this cell, or some previous cell, had enough padding to
2101  * ensure sendme unpredictability. */
2102  tor_assert_nonfatal(on_circuit->have_sent_sufficiently_random_cell);
2103  /* Pick a new interval in which we need to send randomness. */
2104  circuit_reset_sendme_randomness(on_circuit);
2105  }
2106 
2107  --on_circuit->send_randomness_after_n_cells;
2108 
2109  return package_length;
2110 }
2111 
2122 int
2124  int *max_cells)
2125 {
2126  size_t bytes_to_process, length;
2127  char payload[CELL_PAYLOAD_SIZE];
2128  circuit_t *circ;
2129  const unsigned domain = conn->base_.type == CONN_TYPE_AP ? LD_APP : LD_EXIT;
2130  int sending_from_optimistic = 0;
2131  entry_connection_t *entry_conn =
2132  conn->base_.type == CONN_TYPE_AP ? EDGE_TO_ENTRY_CONN(conn) : NULL;
2133  const int sending_optimistically =
2134  entry_conn &&
2135  conn->base_.type == CONN_TYPE_AP &&
2136  conn->base_.state != AP_CONN_STATE_OPEN;
2137  crypt_path_t *cpath_layer = conn->cpath_layer;
2138 
2139  tor_assert(conn);
2140 
2141  if (conn->base_.marked_for_close) {
2142  log_warn(LD_BUG,
2143  "called on conn that's already marked for close at %s:%d.",
2144  conn->base_.marked_for_close_file, conn->base_.marked_for_close);
2145  return 0;
2146  }
2147 
2148  if (max_cells && *max_cells <= 0)
2149  return 0;
2150 
2151  repeat_connection_edge_package_raw_inbuf:
2152 
2153  circ = circuit_get_by_edge_conn(conn);
2154  if (!circ) {
2155  log_info(domain,"conn has no circuit! Closing.");
2157  return -1;
2158  }
2159 
2160  if (circuit_consider_stop_edge_reading(circ, cpath_layer))
2161  return 0;
2162 
2163  if (conn->package_window <= 0) {
2164  log_info(domain,"called with package_window %d. Skipping.",
2165  conn->package_window);
2166  connection_stop_reading(TO_CONN(conn));
2167  return 0;
2168  }
2169 
2170  sending_from_optimistic = entry_conn &&
2171  entry_conn->sending_optimistic_data != NULL;
2172 
2173  if (PREDICT_UNLIKELY(sending_from_optimistic)) {
2174  bytes_to_process = buf_datalen(entry_conn->sending_optimistic_data);
2175  if (PREDICT_UNLIKELY(!bytes_to_process)) {
2176  log_warn(LD_BUG, "sending_optimistic_data was non-NULL but empty");
2177  bytes_to_process = connection_get_inbuf_len(TO_CONN(conn));
2178  sending_from_optimistic = 0;
2179  }
2180  } else {
2181  bytes_to_process = connection_get_inbuf_len(TO_CONN(conn));
2182  }
2183 
2184  length = connection_edge_get_inbuf_bytes_to_package(bytes_to_process,
2185  package_partial, circ);
2186  if (!length)
2187  return 0;
2188 
2189  /* If we reach this point, we will definitely be packaging bytes into
2190  * a cell. */
2191 
2192  stats_n_data_bytes_packaged += length;
2194 
2195  if (PREDICT_UNLIKELY(sending_from_optimistic)) {
2196  /* XXXX We could be more efficient here by sometimes packing
2197  * previously-sent optimistic data in the same cell with data
2198  * from the inbuf. */
2199  buf_get_bytes(entry_conn->sending_optimistic_data, payload, length);
2200  if (!buf_datalen(entry_conn->sending_optimistic_data)) {
2201  buf_free(entry_conn->sending_optimistic_data);
2202  entry_conn->sending_optimistic_data = NULL;
2203  }
2204  } else {
2205  connection_buf_get_bytes(payload, length, TO_CONN(conn));
2206  }
2207 
2208  log_debug(domain,TOR_SOCKET_T_FORMAT": Packaging %d bytes (%d waiting).",
2209  conn->base_.s,
2210  (int)length, (int)connection_get_inbuf_len(TO_CONN(conn)));
2211 
2212  if (sending_optimistically && !sending_from_optimistic) {
2213  /* This is new optimistic data; remember it in case we need to detach and
2214  retry */
2215  if (!entry_conn->pending_optimistic_data)
2216  entry_conn->pending_optimistic_data = buf_new();
2217  buf_add(entry_conn->pending_optimistic_data, payload, length);
2218  }
2219 
2220  if (connection_edge_send_command(conn, RELAY_COMMAND_DATA,
2221  payload, length) < 0 ) {
2222  /* circuit got marked for close, don't continue, don't need to mark conn */
2223  return 0;
2224  }
2225 
2226  /* Handle the circuit-level SENDME package window. */
2227  if (sendme_note_circuit_data_packaged(circ, cpath_layer) < 0) {
2228  /* Package window has gone under 0. Protocol issue. */
2229  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
2230  "Circuit package window is below 0. Closing circuit.");
2231  conn->end_reason = END_STREAM_REASON_TORPROTOCOL;
2232  return -1;
2233  }
2234 
2235  /* Handle the stream-level SENDME package window. */
2236  if (sendme_note_stream_data_packaged(conn) < 0) {
2237  connection_stop_reading(TO_CONN(conn));
2238  log_debug(domain,"conn->package_window reached 0.");
2239  circuit_consider_stop_edge_reading(circ, cpath_layer);
2240  return 0; /* don't process the inbuf any more */
2241  }
2242  log_debug(domain,"conn->package_window is now %d",conn->package_window);
2243 
2244  if (max_cells) {
2245  *max_cells -= 1;
2246  if (*max_cells <= 0)
2247  return 0;
2248  }
2249 
2250  /* handle more if there's more, or return 0 if there isn't */
2251  goto repeat_connection_edge_package_raw_inbuf;
2252 }
2253 
2259 static void
2261 {
2263  log_debug(layer_hint?LD_APP:LD_EXIT,"Too big queue, no resuming");
2264  return;
2265  }
2266  log_debug(layer_hint?LD_APP:LD_EXIT,"resuming");
2267 
2268  if (CIRCUIT_IS_ORIGIN(circ))
2270  circ, layer_hint);
2271  else
2273  circ, layer_hint);
2274 }
2275 
2280 static int
2282  circuit_t *circ,
2283  crypt_path_t *layer_hint)
2284 {
2285  edge_connection_t *conn;
2286  int n_packaging_streams, n_streams_left;
2287  int packaged_this_round;
2288  int cells_on_queue;
2289  int cells_per_conn;
2290  edge_connection_t *chosen_stream = NULL;
2291  int max_to_package;
2292 
2293  if (first_conn == NULL) {
2294  /* Don't bother to try to do the rest of this if there are no connections
2295  * to resume. */
2296  return 0;
2297  }
2298 
2299  /* How many cells do we have space for? It will be the minimum of
2300  * the number needed to exhaust the package window, and the minimum
2301  * needed to fill the cell queue. */
2302  max_to_package = circ->package_window;
2303  if (CIRCUIT_IS_ORIGIN(circ)) {
2304  cells_on_queue = circ->n_chan_cells.n;
2305  } else {
2306  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
2307  cells_on_queue = or_circ->p_chan_cells.n;
2308  }
2309  if (CELL_QUEUE_HIGHWATER_SIZE - cells_on_queue < max_to_package)
2310  max_to_package = CELL_QUEUE_HIGHWATER_SIZE - cells_on_queue;
2311 
2312  /* Once we used to start listening on the streams in the order they
2313  * appeared in the linked list. That leads to starvation on the
2314  * streams that appeared later on the list, since the first streams
2315  * would always get to read first. Instead, we just pick a random
2316  * stream on the list, and enable reading for streams starting at that
2317  * point (and wrapping around as if the list were circular). It would
2318  * probably be better to actually remember which streams we've
2319  * serviced in the past, but this is simple and effective. */
2320 
2321  /* Select a stream uniformly at random from the linked list. We
2322  * don't need cryptographic randomness here. */
2323  {
2324  int num_streams = 0;
2325  for (conn = first_conn; conn; conn = conn->next_stream) {
2326  num_streams++;
2327 
2328  if (crypto_fast_rng_one_in_n(get_thread_fast_rng(), num_streams)) {
2329  chosen_stream = conn;
2330  }
2331  /* Invariant: chosen_stream has been chosen uniformly at random from
2332  * among the first num_streams streams on first_conn.
2333  *
2334  * (Note that we iterate over every stream on the circuit, so that after
2335  * we've considered the first stream, we've chosen it with P=1; and
2336  * after we consider the second stream, we've switched to it with P=1/2
2337  * and stayed with the first stream with P=1/2; and after we've
2338  * considered the third stream, we've switched to it with P=1/3 and
2339  * remained with one of the first two streams with P=(2/3), giving each
2340  * one P=(1/2)(2/3) )=(1/3).) */
2341  }
2342  }
2343 
2344  /* Count how many non-marked streams there are that have anything on
2345  * their inbuf, and enable reading on all of the connections. */
2346  n_packaging_streams = 0;
2347  /* Activate reading starting from the chosen stream */
2348  for (conn=chosen_stream; conn; conn = conn->next_stream) {
2349  /* Start reading for the streams starting from here */
2350  if (conn->base_.marked_for_close || conn->package_window <= 0)
2351  continue;
2352  if (!layer_hint || conn->cpath_layer == layer_hint) {
2353  connection_start_reading(TO_CONN(conn));
2354 
2355  if (connection_get_inbuf_len(TO_CONN(conn)) > 0)
2356  ++n_packaging_streams;
2357  }
2358  }
2359  /* Go back and do the ones we skipped, circular-style */
2360  for (conn = first_conn; conn != chosen_stream; conn = conn->next_stream) {
2361  if (conn->base_.marked_for_close || conn->package_window <= 0)
2362  continue;
2363  if (!layer_hint || conn->cpath_layer == layer_hint) {
2364  connection_start_reading(TO_CONN(conn));
2365 
2366  if (connection_get_inbuf_len(TO_CONN(conn)) > 0)
2367  ++n_packaging_streams;
2368  }
2369  }
2370 
2371  if (n_packaging_streams == 0) /* avoid divide-by-zero */
2372  return 0;
2373 
2374  again:
2375 
2376  cells_per_conn = CEIL_DIV(max_to_package, n_packaging_streams);
2377 
2378  packaged_this_round = 0;
2379  n_streams_left = 0;
2380 
2381  /* Iterate over all connections. Package up to cells_per_conn cells on
2382  * each. Update packaged_this_round with the total number of cells
2383  * packaged, and n_streams_left with the number that still have data to
2384  * package.
2385  */
2386  for (conn=first_conn; conn; conn=conn->next_stream) {
2387  if (conn->base_.marked_for_close || conn->package_window <= 0)
2388  continue;
2389  if (!layer_hint || conn->cpath_layer == layer_hint) {
2390  int n = cells_per_conn, r;
2391  /* handle whatever might still be on the inbuf */
2392  r = connection_edge_package_raw_inbuf(conn, 1, &n);
2393 
2394  /* Note how many we packaged */
2395  packaged_this_round += (cells_per_conn-n);
2396 
2397  if (r<0) {
2398  /* Problem while packaging. (We already sent an end cell if
2399  * possible) */
2400  connection_mark_for_close(TO_CONN(conn));
2401  continue;
2402  }
2403 
2404  /* If there's still data to read, we'll be coming back to this stream. */
2405  if (connection_get_inbuf_len(TO_CONN(conn)))
2406  ++n_streams_left;
2407 
2408  /* If the circuit won't accept any more data, return without looking
2409  * at any more of the streams. Any connections that should be stopped
2410  * have already been stopped by connection_edge_package_raw_inbuf. */
2411  if (circuit_consider_stop_edge_reading(circ, layer_hint))
2412  return -1;
2413  /* XXXX should we also stop immediately if we fill up the cell queue?
2414  * Probably. */
2415  }
2416  }
2417 
2418  /* If we made progress, and we are willing to package more, and there are
2419  * any streams left that want to package stuff... try again!
2420  */
2421  if (packaged_this_round && packaged_this_round < max_to_package &&
2422  n_streams_left) {
2423  max_to_package -= packaged_this_round;
2424  n_packaging_streams = n_streams_left;
2425  goto again;
2426  }
2427 
2428  return 0;
2429 }
2430 
2437 static int
2439 {
2440  edge_connection_t *conn = NULL;
2441  unsigned domain = layer_hint ? LD_APP : LD_EXIT;
2442 
2443  if (!layer_hint) {
2444  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
2445  log_debug(domain,"considering circ->package_window %d",
2446  circ->package_window);
2447  if (circ->package_window <= 0) {
2448  log_debug(domain,"yes, not-at-origin. stopped.");
2449  for (conn = or_circ->n_streams; conn; conn=conn->next_stream)
2450  connection_stop_reading(TO_CONN(conn));
2451  return 1;
2452  }
2453  return 0;
2454  }
2455  /* else, layer hint is defined, use it */
2456  log_debug(domain,"considering layer_hint->package_window %d",
2457  layer_hint->package_window);
2458  if (layer_hint->package_window <= 0) {
2459  log_debug(domain,"yes, at-origin. stopped.");
2460  for (conn = TO_ORIGIN_CIRCUIT(circ)->p_streams; conn;
2461  conn=conn->next_stream) {
2462  if (conn->cpath_layer == layer_hint)
2463  connection_stop_reading(TO_CONN(conn));
2464  }
2465  return 1;
2466  }
2467  return 0;
2468 }
2469 
2471 static size_t total_cells_allocated = 0;
2472 
2474 static inline void
2476 {
2478  tor_free(cell);
2479 }
2480 
2482 STATIC packed_cell_t *
2484 {
2486  return tor_malloc_zero(sizeof(packed_cell_t));
2487 }
2488 
2490 void
2492 {
2493  if (!cell)
2494  return;
2496 }
2497 
2500 void
2502 {
2503  int n_circs = 0;
2504  int n_cells = 0;
2505  SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, c) {
2506  n_cells += c->n_chan_cells.n;
2507  if (!CIRCUIT_IS_ORIGIN(c))
2508  n_cells += TO_OR_CIRCUIT(c)->p_chan_cells.n;
2509  ++n_circs;
2510  }
2511  SMARTLIST_FOREACH_END(c);
2512  tor_log(severity, LD_MM,
2513  "%d cells allocated on %d circuits. %d cells leaked.",
2514  n_cells, n_circs, (int)total_cells_allocated - n_cells);
2515 }
2516 
2518 static inline packed_cell_t *
2519 packed_cell_copy(const cell_t *cell, int wide_circ_ids)
2520 {
2522  cell_pack(c, cell, wide_circ_ids);
2523  return c;
2524 }
2525 
2527 void
2529 {
2530  TOR_SIMPLEQ_INSERT_TAIL(&queue->head, cell, next);
2531  ++queue->n;
2532 }
2533 
2538 void
2540  int exitward, const cell_t *cell,
2541  int wide_circ_ids, int use_stats)
2542 {
2543  packed_cell_t *copy = packed_cell_copy(cell, wide_circ_ids);
2544  (void)circ;
2545  (void)exitward;
2546  (void)use_stats;
2547 
2549 
2550  cell_queue_append(queue, copy);
2551 }
2552 
2554 void
2556 {
2557  memset(queue, 0, sizeof(cell_queue_t));
2558  TOR_SIMPLEQ_INIT(&queue->head);
2559 }
2560 
2562 void
2564 {
2565  packed_cell_t *cell;
2566  while ((cell = TOR_SIMPLEQ_FIRST(&queue->head))) {
2567  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2569  }
2570  TOR_SIMPLEQ_INIT(&queue->head);
2571  queue->n = 0;
2572 }
2573 
2576 STATIC packed_cell_t *
2578 {
2579  packed_cell_t *cell = TOR_SIMPLEQ_FIRST(&queue->head);
2580  if (!cell)
2581  return NULL;
2582  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2583  --queue->n;
2584  return cell;
2585 }
2586 
2588 void
2590 {
2591  memset(queue, 0, sizeof(destroy_cell_queue_t));
2592  TOR_SIMPLEQ_INIT(&queue->head);
2593 }
2594 
2596 void
2598 {
2599  destroy_cell_t *cell;
2600  while ((cell = TOR_SIMPLEQ_FIRST(&queue->head))) {
2601  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2602  tor_free(cell);
2603  }
2604  TOR_SIMPLEQ_INIT(&queue->head);
2605  queue->n = 0;
2606 }
2607 
2610 STATIC destroy_cell_t *
2612 {
2613  destroy_cell_t *cell = TOR_SIMPLEQ_FIRST(&queue->head);
2614  if (!cell)
2615  return NULL;
2616  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2617  --queue->n;
2618  return cell;
2619 }
2620 
2622 void
2624  circid_t circid,
2625  uint8_t reason)
2626 {
2627  destroy_cell_t *cell = tor_malloc_zero(sizeof(destroy_cell_t));
2628  cell->circid = circid;
2629  cell->reason = reason;
2630  /* Not yet used, but will be required for OOM handling. */
2632 
2633  TOR_SIMPLEQ_INSERT_TAIL(&queue->head, cell, next);
2634  ++queue->n;
2635 }
2636 
2638 static packed_cell_t *
2640 {
2641  packed_cell_t *packed = packed_cell_new();
2642  cell_t cell;
2643  memset(&cell, 0, sizeof(cell));
2644  cell.circ_id = inp->circid;
2645  cell.command = CELL_DESTROY;
2646  cell.payload[0] = inp->reason;
2647  cell_pack(packed, &cell, wide_circ_ids);
2648 
2649  tor_free(inp);
2650  return packed;
2651 }
2652 
2655 size_t
2657 {
2658  return sizeof(packed_cell_t);
2659 }
2660 
2661 /* DOCDOC */
2662 size_t
2663 cell_queues_get_total_allocation(void)
2664 {
2666 }
2667 
2669 #define MEMORY_PRESSURE_INTERVAL (30*60)
2670 
2673 
2676 STATIC int
2678 {
2679  time_t now = time(NULL);
2680  size_t alloc = cell_queues_get_total_allocation();
2682  alloc += buf_get_total_allocation();
2684  const size_t rend_cache_total = rend_cache_get_total_allocation();
2685  alloc += rend_cache_total;
2686  const size_t geoip_client_cache_total =
2687  geoip_client_cache_total_allocation();
2688  alloc += geoip_client_cache_total;
2689  const size_t dns_cache_total = dns_cache_total_allocation();
2690  alloc += dns_cache_total;
2691  if (alloc >= get_options()->MaxMemInQueues_low_threshold) {
2693  if (alloc >= get_options()->MaxMemInQueues) {
2694  /* If we're spending over 20% of the memory limit on hidden service
2695  * descriptors, free them until we're down to 10%. Do the same for geoip
2696  * client cache. */
2697  if (rend_cache_total > get_options()->MaxMemInQueues / 5) {
2698  const size_t bytes_to_remove =
2699  rend_cache_total - (size_t)(get_options()->MaxMemInQueues / 10);
2700  alloc -= hs_cache_handle_oom(now, bytes_to_remove);
2701  }
2702  if (geoip_client_cache_total > get_options()->MaxMemInQueues / 5) {
2703  const size_t bytes_to_remove =
2704  geoip_client_cache_total -
2705  (size_t)(get_options()->MaxMemInQueues / 10);
2706  alloc -= geoip_client_cache_handle_oom(now, bytes_to_remove);
2707  }
2708  if (dns_cache_total > get_options()->MaxMemInQueues / 5) {
2709  const size_t bytes_to_remove =
2710  dns_cache_total - (size_t)(get_options()->MaxMemInQueues / 10);
2711  alloc -= dns_cache_handle_oom(now, bytes_to_remove);
2712  }
2713  circuits_handle_oom(alloc);
2714  return 1;
2715  }
2716  }
2717  return 0;
2718 }
2719 
2722 int
2724 {
2726  < approx_time();
2727 }
2728 
2733 void
2735  const char *file, int lineno)
2736 {
2737  channel_t *chan = NULL;
2738  or_circuit_t *or_circ = NULL;
2739  circuitmux_t *cmux = NULL;
2740 
2741  tor_assert(circ);
2742 
2743  /* Okay, get the channel */
2744  if (direction == CELL_DIRECTION_OUT) {
2745  chan = circ->n_chan;
2746  } else {
2747  or_circ = TO_OR_CIRCUIT(circ);
2748  chan = or_circ->p_chan;
2749  }
2750 
2751  tor_assert(chan);
2752  tor_assert(chan->cmux);
2753 
2754  /* Now get the cmux */
2755  cmux = chan->cmux;
2756 
2757  /* Cmux sanity check */
2758  if (! circuitmux_is_circuit_attached(cmux, circ)) {
2759  log_warn(LD_BUG, "called on non-attached circuit from %s:%d",
2760  file, lineno);
2761  return;
2762  }
2763  tor_assert(circuitmux_attached_circuit_direction(cmux, circ) == direction);
2764 
2765  /* Update the number of cells we have for the circuit mux */
2766  if (direction == CELL_DIRECTION_OUT) {
2767  circuitmux_set_num_cells(cmux, circ, circ->n_chan_cells.n);
2768  } else {
2769  circuitmux_set_num_cells(cmux, circ, or_circ->p_chan_cells.n);
2770  }
2771 }
2772 
2778 void
2780 {
2781  tor_assert(chan);
2782  tor_assert(chan->cmux);
2783 
2784  circuitmux_detach_all_circuits(chan->cmux, circuits_out);
2785  chan->num_n_circuits = 0;
2786  chan->num_p_circuits = 0;
2787 }
2788 
2798 static int
2800  int block, streamid_t stream_id)
2801 {
2802  edge_connection_t *edge = NULL;
2803  int n = 0;
2804  if (circ->n_chan == chan) {
2805  circ->streams_blocked_on_n_chan = block;
2806  if (CIRCUIT_IS_ORIGIN(circ))
2807  edge = TO_ORIGIN_CIRCUIT(circ)->p_streams;
2808  } else {
2809  circ->streams_blocked_on_p_chan = block;
2810  tor_assert(!CIRCUIT_IS_ORIGIN(circ));
2811  edge = TO_OR_CIRCUIT(circ)->n_streams;
2812  }
2813 
2814  for (; edge; edge = edge->next_stream) {
2815  connection_t *conn = TO_CONN(edge);
2816  if (stream_id && edge->stream_id != stream_id)
2817  continue;
2818 
2819  if (edge->edge_blocked_on_circ != block) {
2820  ++n;
2821  edge->edge_blocked_on_circ = block;
2822  }
2823 
2824  if (!conn->read_event) {
2825  /* This connection is a placeholder for something; probably a DNS
2826  * request. It can't actually stop or start reading.*/
2827  continue;
2828  }
2829 
2830  if (block) {
2831  if (connection_is_reading(conn))
2832  connection_stop_reading(conn);
2833  } else {
2834  /* Is this right? */
2835  if (!connection_is_reading(conn))
2836  connection_start_reading(conn);
2837  }
2838  }
2839 
2840  return n;
2841 }
2842 
2844 uint8_t
2845 packed_cell_get_command(const packed_cell_t *cell, int wide_circ_ids)
2846 {
2847  if (wide_circ_ids) {
2848  return get_uint8(cell->body+4);
2849  } else {
2850  return get_uint8(cell->body+2);
2851  }
2852 }
2853 
2855 circid_t
2856 packed_cell_get_circid(const packed_cell_t *cell, int wide_circ_ids)
2857 {
2858  if (wide_circ_ids) {
2859  return ntohl(get_uint32(cell->body));
2860  } else {
2861  return ntohs(get_uint16(cell->body));
2862  }
2863 }
2864 
2870 channel_flush_from_first_active_circuit, (channel_t *chan, int max))
2871 {
2872  circuitmux_t *cmux = NULL;
2873  int n_flushed = 0;
2874  cell_queue_t *queue;
2875  destroy_cell_queue_t *destroy_queue=NULL;
2876  circuit_t *circ;
2877  or_circuit_t *or_circ;
2878  int streams_blocked;
2879  packed_cell_t *cell;
2880 
2881  /* Get the cmux */
2882  tor_assert(chan);
2883  tor_assert(chan->cmux);
2884  cmux = chan->cmux;
2885 
2886  /* Main loop: pick a circuit, send a cell, update the cmux */
2887  while (n_flushed < max) {
2888  circ = circuitmux_get_first_active_circuit(cmux, &destroy_queue);
2889  if (destroy_queue) {
2890  destroy_cell_t *dcell;
2891  /* this code is duplicated from some of the logic below. Ugly! XXXX */
2892  /* If we are given a destroy_queue here, then it is required to be
2893  * nonempty... */
2894  tor_assert(destroy_queue->n > 0);
2895  dcell = destroy_cell_queue_pop(destroy_queue);
2896  /* ...and pop() will always yield a cell from a nonempty queue. */
2897  tor_assert(dcell);
2898  /* frees dcell */
2899  cell = destroy_cell_to_packed_cell(dcell, chan->wide_circ_ids);
2900  /* Send the DESTROY cell. It is very unlikely that this fails but just
2901  * in case, get rid of the channel. */
2902  if (channel_write_packed_cell(chan, cell) < 0) {
2903  /* The cell has been freed. */
2904  channel_mark_for_close(chan);
2905  continue;
2906  }
2907  /* Update the cmux destroy counter */
2909  cell = NULL;
2910  ++n_flushed;
2911  continue;
2912  }
2913  /* If it returns NULL, no cells left to send */
2914  if (!circ) break;
2915 
2916  if (circ->n_chan == chan) {
2917  queue = &circ->n_chan_cells;
2918  streams_blocked = circ->streams_blocked_on_n_chan;
2919  } else {
2920  or_circ = TO_OR_CIRCUIT(circ);
2921  tor_assert(or_circ->p_chan == chan);
2922  queue = &TO_OR_CIRCUIT(circ)->p_chan_cells;
2923  streams_blocked = circ->streams_blocked_on_p_chan;
2924  }
2925 
2926  /* Circuitmux told us this was active, so it should have cells */
2927  if (/*BUG(*/ queue->n == 0 /*)*/) {
2928  log_warn(LD_BUG, "Found a supposedly active circuit with no cells "
2929  "to send. Trying to recover.");
2930  circuitmux_set_num_cells(cmux, circ, 0);
2931  if (! circ->marked_for_close)
2932  circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL);
2933  continue;
2934  }
2935 
2936  tor_assert(queue->n > 0);
2937 
2938  /*
2939  * Get just one cell here; once we've sent it, that can change the circuit
2940  * selection, so we have to loop around for another even if this circuit
2941  * has more than one.
2942  */
2943  cell = cell_queue_pop(queue);
2944 
2945  /* Calculate the exact time that this cell has spent in the queue. */
2946  if (get_options()->CellStatistics ||
2947  get_options()->TestingEnableCellStatsEvent) {
2948  uint32_t timestamp_now = monotime_coarse_get_stamp();
2949  uint32_t msec_waiting =
2951  timestamp_now - cell->inserted_timestamp);
2952 
2953  if (get_options()->CellStatistics && !CIRCUIT_IS_ORIGIN(circ)) {
2954  or_circ = TO_OR_CIRCUIT(circ);
2955  or_circ->total_cell_waiting_time += msec_waiting;
2956  or_circ->processed_cells++;
2957  }
2958 
2959  if (get_options()->TestingEnableCellStatsEvent) {
2960  uint8_t command = packed_cell_get_command(cell, chan->wide_circ_ids);
2961 
2963  tor_malloc_zero(sizeof(testing_cell_stats_entry_t));
2964  ent->command = command;
2965  ent->waiting_time = msec_waiting / 10;
2966  ent->removed = 1;
2967  if (circ->n_chan == chan)
2968  ent->exitward = 1;
2969  if (!circ->testing_cell_stats)
2970  circ->testing_cell_stats = smartlist_new();
2971  smartlist_add(circ->testing_cell_stats, ent);
2972  }
2973  }
2974 
2975  /* If we just flushed our queue and this circuit is used for a
2976  * tunneled directory request, possibly advance its state. */
2977  if (queue->n == 0 && chan->dirreq_id)
2979  DIRREQ_TUNNELED,
2981 
2982  /* Now send the cell. It is very unlikely that this fails but just in
2983  * case, get rid of the channel. */
2984  if (channel_write_packed_cell(chan, cell) < 0) {
2985  /* The cell has been freed at this point. */
2986  channel_mark_for_close(chan);
2987  continue;
2988  }
2989  cell = NULL;
2990 
2991  /*
2992  * Don't packed_cell_free_unchecked(cell) here because the channel will
2993  * do so when it gets out of the channel queue (probably already did, in
2994  * which case that was an immediate double-free bug).
2995  */
2996 
2997  /* Update the counter */
2998  ++n_flushed;
2999 
3000  /*
3001  * Now update the cmux; tell it we've just sent a cell, and how many
3002  * we have left.
3003  */
3004  circuitmux_notify_xmit_cells(cmux, circ, 1);
3005  circuitmux_set_num_cells(cmux, circ, queue->n);
3006  if (queue->n == 0)
3007  log_debug(LD_GENERAL, "Made a circuit inactive.");
3008 
3009  /* Is the cell queue low enough to unblock all the streams that are waiting
3010  * to write to this circuit? */
3011  if (streams_blocked && queue->n <= CELL_QUEUE_LOWWATER_SIZE)
3012  set_streams_blocked_on_circ(circ, chan, 0, 0); /* unblock streams */
3013 
3014  /* If n_flushed < max still, loop around and pick another circuit */
3015  }
3016 
3017  /* Okay, we're done sending now */
3018  return n_flushed;
3019 }
3020 
3021 /* Minimum value is the maximum circuit window size.
3022  *
3023  * SENDME cells makes it that we can control how many cells can be inflight on
3024  * a circuit from end to end. This logic makes it that on any circuit cell
3025  * queue, we have a maximum of cells possible.
3026  *
3027  * Because the Tor protocol allows for a client to exit at any hop in a
3028  * circuit and a circuit can be of a maximum of 8 hops, so in theory the
3029  * normal worst case will be the circuit window start value times the maximum
3030  * number of hops (8). Having more cells then that means something is wrong.
3031  *
3032  * However, because padding cells aren't counted in the package window, we set
3033  * the maximum size to a reasonably large size for which we expect that we'll
3034  * never reach in theory. And if we ever do because of future changes, we'll
3035  * be able to control it with a consensus parameter.
3036  *
3037  * XXX: Unfortunately, END cells aren't accounted for in the circuit window
3038  * which means that for instance if a client opens 8001 streams, the 8001
3039  * following END cells will queue up in the circuit which will get closed if
3040  * the max limit is 8000. Which is sad because it is allowed by the Tor
3041  * protocol. But, we need an upper bound on circuit queue in order to avoid
3042  * DoS memory pressure so the default size is a middle ground between not
3043  * having any limit and having a very restricted one. This is why we can also
3044  * control it through a consensus parameter. */
3045 #define RELAY_CIRC_CELL_QUEUE_SIZE_MIN CIRCWINDOW_START_MAX
3046 /* We can't have a consensus parameter above this value. */
3047 #define RELAY_CIRC_CELL_QUEUE_SIZE_MAX INT32_MAX
3048 /* Default value is set to a large value so we can handle padding cells
3049  * properly which aren't accounted for in the SENDME window. Default is 50000
3050  * allowed cells in the queue resulting in ~25MB. */
3051 #define RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT \
3052  (50 * RELAY_CIRC_CELL_QUEUE_SIZE_MIN)
3053 
3054 /* The maximum number of cell a circuit queue can contain. This is updated at
3055  * every new consensus and controlled by a parameter. */
3056 static int32_t max_circuit_cell_queue_size =
3057  RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT;
3058 
3059 /* Called when the consensus has changed. At this stage, the global consensus
3060  * object has NOT been updated. It is called from
3061  * notify_before_networkstatus_changes(). */
3062 void
3063 relay_consensus_has_changed(const networkstatus_t *ns)
3064 {
3065  tor_assert(ns);
3066 
3067  /* Update the circuit max cell queue size from the consensus. */
3068  max_circuit_cell_queue_size =
3069  networkstatus_get_param(ns, "circ_max_cell_queue_size",
3070  RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT,
3071  RELAY_CIRC_CELL_QUEUE_SIZE_MIN,
3072  RELAY_CIRC_CELL_QUEUE_SIZE_MAX);
3073 }
3074 
3082 void
3084  cell_t *cell, cell_direction_t direction,
3085  streamid_t fromstream)
3086 {
3087  or_circuit_t *orcirc = NULL;
3088  cell_queue_t *queue;
3089  int streams_blocked;
3090  int exitward;
3091  if (circ->marked_for_close)
3092  return;
3093 
3094  exitward = (direction == CELL_DIRECTION_OUT);
3095  if (exitward) {
3096  queue = &circ->n_chan_cells;
3097  streams_blocked = circ->streams_blocked_on_n_chan;
3098  } else {
3099  orcirc = TO_OR_CIRCUIT(circ);
3100  queue = &orcirc->p_chan_cells;
3101  streams_blocked = circ->streams_blocked_on_p_chan;
3102  }
3103 
3104  if (PREDICT_UNLIKELY(queue->n >= max_circuit_cell_queue_size)) {
3105  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
3106  "%s circuit has %d cells in its queue, maximum allowed is %d. "
3107  "Closing circuit for safety reasons.",
3108  (exitward) ? "Outbound" : "Inbound", queue->n,
3109  max_circuit_cell_queue_size);
3110  circuit_mark_for_close(circ, END_CIRC_REASON_RESOURCELIMIT);
3112  return;
3113  }
3114 
3115  /* Very important that we copy to the circuit queue because all calls to
3116  * this function use the stack for the cell memory. */
3117  cell_queue_append_packed_copy(circ, queue, exitward, cell,
3118  chan->wide_circ_ids, 1);
3119 
3120  /* Check and run the OOM if needed. */
3121  if (PREDICT_UNLIKELY(cell_queues_check_size())) {
3122  /* We ran the OOM handler which might have closed this circuit. */
3123  if (circ->marked_for_close)
3124  return;
3125  }
3126 
3127  /* If we have too many cells on the circuit, we should stop reading from
3128  * the edge streams for a while. */
3129  if (!streams_blocked && queue->n >= CELL_QUEUE_HIGHWATER_SIZE)
3130  set_streams_blocked_on_circ(circ, chan, 1, 0); /* block streams */
3131 
3132  if (streams_blocked && fromstream) {
3133  /* This edge connection is apparently not blocked; block it. */
3134  set_streams_blocked_on_circ(circ, chan, 1, fromstream);
3135  }
3136 
3137  update_circuit_on_cmux(circ, direction);
3138  if (queue->n == 1) {
3139  /* This was the first cell added to the queue. We just made this
3140  * circuit active. */
3141  log_debug(LD_GENERAL, "Made a circuit active.");
3142  }
3143 
3144  /* New way: mark this as having waiting cells for the scheduler */
3145  scheduler_channel_has_waiting_cells(chan);
3146 }
3147 
3155 int
3156 append_address_to_payload(uint8_t *payload_out, const tor_addr_t *addr)
3157 {
3158  uint32_t a;
3159  switch (tor_addr_family(addr)) {
3160  case AF_INET:
3161  payload_out[0] = RESOLVED_TYPE_IPV4;
3162  payload_out[1] = 4;
3163  a = tor_addr_to_ipv4n(addr);
3164  memcpy(payload_out+2, &a, 4);
3165  return 6;
3166  case AF_INET6:
3167  payload_out[0] = RESOLVED_TYPE_IPV6;
3168  payload_out[1] = 16;
3169  memcpy(payload_out+2, tor_addr_to_in6_addr8(addr), 16);
3170  return 18;
3171  case AF_UNSPEC:
3172  default:
3173  return -1;
3174  }
3175 }
3176 
3181 const uint8_t *
3182 decode_address_from_payload(tor_addr_t *addr_out, const uint8_t *payload,
3183  int payload_len)
3184 {
3185  if (payload_len < 2)
3186  return NULL;
3187  if (payload_len < 2+payload[1])
3188  return NULL;
3189 
3190  switch (payload[0]) {
3191  case RESOLVED_TYPE_IPV4:
3192  if (payload[1] != 4)
3193  return NULL;
3194  tor_addr_from_ipv4n(addr_out, get_uint32(payload+2));
3195  break;
3196  case RESOLVED_TYPE_IPV6:
3197  if (payload[1] != 16)
3198  return NULL;
3199  tor_addr_from_ipv6_bytes(addr_out, (char*)(payload+2));
3200  break;
3201  default:
3202  tor_addr_make_unspec(addr_out);
3203  break;
3204  }
3205  return payload + 2 + payload[1];
3206 }
3207 
3209 void
3211 {
3212  cell_queue_t *queue;
3213  cell_direction_t direction;
3214 
3215  if (circ->n_chan == chan) {
3216  queue = &circ->n_chan_cells;
3217  direction = CELL_DIRECTION_OUT;
3218  } else {
3219  or_circuit_t *orcirc = TO_OR_CIRCUIT(circ);
3220  tor_assert(orcirc->p_chan == chan);
3221  queue = &orcirc->p_chan_cells;
3222  direction = CELL_DIRECTION_IN;
3223  }
3224 
3225  /* Clear the queue */
3226  cell_queue_clear(queue);
3227 
3228  /* Update the cell counter in the cmux */
3229  if (chan->cmux && circuitmux_is_circuit_attached(chan->cmux, circ))
3230  update_circuit_on_cmux(circ, direction);
3231 }
3232 
3236 static int
3238 {
3239  if (CIRCUIT_IS_ORIGIN(circ)) {
3240  return circ->streams_blocked_on_n_chan;
3241  } else {
3242  return circ->streams_blocked_on_p_chan;
3243  }
3244 }
#define RELAY_PAYLOAD_SIZE
Definition: or.h:605
tor_socket_t s
Definition: connection_st.h:88
uint64_t stats_n_data_cells_received
Definition: relay.c:2028
#define AP_CONN_STATE_CONNECT_WAIT
int channel_is_client(const channel_t *chan)
Definition: channel.c:2924
void tor_addr_from_ipv4n(tor_addr_t *dest, uint32_t v4addr)
Definition: address.c:873
Header file for rendcommon.c.
static int circuit_queue_streams_are_blocked(circuit_t *circ)
Definition: relay.c:3237
STATIC void address_ttl_free_(address_ttl_t *addr)
Definition: relay.c:1103
STATIC destroy_cell_t * destroy_cell_queue_pop(destroy_cell_queue_t *queue)
Definition: relay.c:2611
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
Definition: address.c:328
void geoip_change_dirreq_state(uint64_t dirreq_id, dirreq_type_t type, dirreq_state_t new_state)
Definition: geoip_stats.c:550
STATIC int connected_cell_parse(const relay_header_t *rh, const cell_t *cell, tor_addr_t *addr_out, int *ttl_out)
Definition: relay.c:1065
#define AP_CONN_STATE_RESOLVE_WAIT
#define CELL_QUEUE_HIGHWATER_SIZE
Definition: relay.c:117
unsigned int chosen_exit_retries
static int connection_edge_process_relay_cell_not_open(relay_header_t *rh, cell_t *cell, circuit_t *circ, edge_connection_t *conn, crypt_path_t *layer_hint)
Definition: relay.c:1363
STATIC int cell_queues_check_size(void)
Definition: relay.c:2677
unsigned int has_finished
int package_window
Definition: circuit_st.h:105
void client_dns_clear_failures(const char *address)
Definition: addressmap.c:660
static int process_sendme_cell(const relay_header_t *rh, const cell_t *cell, circuit_t *circ, edge_connection_t *conn, crypt_path_t *layer_hint, int domain)
Definition: relay.c:1512
uint8_t payload[CELL_PAYLOAD_SIZE]
Definition: cell_st.h:16
#define TOR_ADDR_BUF_LEN
Definition: address.h:205
Common functions for using (pseudo-)random number generators.
Definition: node_st.h:28
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
uint16_t sa_family_t
Definition: inaddr_st.h:77
Header for backtrace.c.
#define TO_CONN(c)
Definition: or.h:735
path_state_bitfield_t path_state
uint64_t stats_n_relay_cells_relayed
Definition: relay.c:125
void tor_addr_make_unspec(tor_addr_t *a)
Definition: address.c:225
STATIC packed_cell_t * packed_cell_new(void)
Definition: relay.c:2483
Header file for geoip_stats.c.
void circuits_handle_oom(size_t current_allocation)
Definition: circuitlist.c:2664
unsigned int removed
Definition: or.h:926
#define EXIT_CONN_STATE_RESOLVING
uint16_t marked_for_close
Definition: circuit_st.h:178
Header file for connection.c.
unsigned crypto_fast_rng_get_uint(crypto_fast_rng_t *rng, unsigned limit)
#define CELL_QUEUE_LOWWATER_SIZE
Definition: relay.c:120
static void set_uint16(void *cp, uint16_t v)
Definition: bytes.h:73
struct or_circuit_t * rend_splice
Definition: or_circuit_st.h:48
uint64_t monotime_coarse_stamp_units_to_approx_msec(uint64_t units)
Definition: compat_time.c:870
circid_t packed_cell_get_circid(const packed_cell_t *cell, int wide_circ_ids)
Definition: relay.c:2856
Definition: cell_st.h:12
#define LD_GENERAL
Definition: log.h:59
void cell_queue_append(cell_queue_t *queue, packed_cell_t *cell)
Definition: relay.c:2528
static int circuit_consider_stop_edge_reading(circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2438
#define CIRCUIT_IS_ORIGIN(c)
Definition: circuitlist.h:145
void circuit_reset_sendme_randomness(circuit_t *circ)
Definition: relay.c:2040
int circuit_finish_handshake(origin_circuit_t *circ, const created_cell_t *reply)
#define RELAY_PAYLOAD_LENGTH_FOR_RANDOM_SENDMES
Definition: relay.c:2051
uint8_t state
Definition: connection_st.h:44
Headers for compress.c.
void control_event_boot_dir(bootstrap_status_t status, int progress)
int connection_exit_begin_resolve(cell_t *cell, or_circuit_t *circ)
MOCK_IMPL(int, circuit_package_relay_cell,(cell_t *cell, circuit_t *circ, cell_direction_t cell_direction, crypt_path_t *layer_hint, streamid_t on_stream, const char *filename, int lineno))
Definition: relay.c:356
#define LOG_INFO
Definition: log.h:42
Header file for describe.c.
static uint32_t tor_addr_to_ipv4n(const tor_addr_t *a)
Definition: address.h:145
Header file for nodelist.c.
int connection_edge_package_raw_inbuf(edge_connection_t *conn, int package_partial, int *max_cells)
Definition: relay.c:2123
static int edge_reason_is_retriable(int reason)
Definition: relay.c:789
crypt_path_t * cpath
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:632
void relay_header_unpack(relay_header_t *dest, const uint8_t *src)
Definition: relay.c:487
Header file for directory.c.
void smartlist_add(smartlist_t *sl, void *element)
static time_t last_time_under_memory_pressure
Definition: relay.c:2672
static packed_cell_t * packed_cell_copy(const cell_t *cell, int wide_circ_ids)
Definition: relay.c:2519
void update_circuit_on_cmux_(circuit_t *circ, cell_direction_t direction, const char *file, int lineno)
Definition: relay.c:2734
char address[MAX_SOCKS_ADDR_LEN]
int circuit_extend(cell_t *cell, circuit_t *circ)
char * rate_limit_log(ratelim_t *lim, time_t now)
Definition: ratelim.c:41
void cell_queue_clear(cell_queue_t *queue)
Definition: relay.c:2563
void circpad_deliver_recognized_relay_cell_events(circuit_t *circ, uint8_t relay_command, crypt_path_t *layer_hint)
cell_direction_t circuitmux_attached_circuit_direction(circuitmux_t *cmux, circuit_t *circ)
Definition: circuitmux.c:598
int circuit_truncated(origin_circuit_t *circ, int reason)
#define TO_CIRCUIT(x)
Definition: or.h:947
Header file for config.c.
STATIC int connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ, edge_connection_t *conn, crypt_path_t *layer_hint)
Definition: relay.c:1589
static void adjust_exit_policy_from_exitpolicy_failure(origin_circuit_t *circ, entry_connection_t *conn, node_t *node, const tor_addr_t *addr)
Definition: relay.c:1010
size_t half_streams_get_total_allocation(void)
uint8_t command
Definition: or.h:920
static size_t total_cells_allocated
Definition: relay.c:2471
#define END_STREAM_REASON_CANT_ATTACH
Definition: or.h:250
void circuit_clear_cell_queue(circuit_t *circ, channel_t *chan)
Definition: relay.c:3210
Header file for onion.c.
void circuitmux_detach_all_circuits(circuitmux_t *cmux, smartlist_t *detached_out)
Definition: circuitmux.c:263
void circuit_set_state(circuit_t *circ, uint8_t state)
Definition: circuitlist.c:540
unsigned int num_n_circuits
Definition: channel.h:416
void policies_set_node_exitpolicy_to_reject_all(node_t *node)
Definition: policies.c:2291
channel_usage_info_t channel_usage
Definition: channel.h:228
int channel_write_packed_cell(channel_t *chan, packed_cell_t *cell)
Definition: channel.c:1481
#define crypto_fast_rng_one_in_n(rng, n)
Definition: crypto_rand.h:80
#define tor_free(p)
Definition: malloc.h:52
void circpad_deliver_unrecognized_cell_events(circuit_t *circ, cell_direction_t dir)
void channel_mark_for_close(channel_t *chan)
Definition: channel.c:1134
int connection_is_reading(connection_t *conn)
Definition: mainloop.c:508
void client_dns_set_addressmap(entry_connection_t *for_conn, const char *address, const tor_addr_t *val, const char *exitname, int ttl)
Definition: addressmap.c:724
#define SMARTLIST_DEL_CURRENT(sl, var)
const char * conn_state_to_string(int type, int state)
Definition: connection.c:275
uint16_t recognized
Definition: or.h:639
#define DIR_PURPOSE_FETCH_CONSENSUS
Definition: directory.h:56
Header file for mainloop.c.
#define CIRCUIT_PURPOSE_REND_ESTABLISHED
Definition: circuitlist.h:46
circuitmux_t * cmux
Definition: channel.h:403
uint8_t purpose
Definition: circuit_st.h:100
size_t packed_cell_mem_cost(void)
Definition: relay.c:2656
#define CIRCWINDOW_INCREMENT
Definition: or.h:505
uint16_t send_randomness_after_n_cells
Definition: circuit_st.h:116
void append_cell_to_circuit_queue(circuit_t *circ, channel_t *chan, cell_t *cell, cell_direction_t direction, streamid_t fromstream)
Definition: relay.c:3083
buf_t * buf_new(void)
Definition: buffers.c:363
uint64_t stats_n_circ_max_cell_reached
Definition: relay.c:132
char body[CELL_MAX_NETWORK_SIZE]
Definition: cell_queue_st.h:16
struct buf_t * pending_optimistic_data
Definition: or.h:919
Header file for scheduler*.c.
unsigned int purpose
Definition: connection_st.h:46
created_cell_t created_cell
Definition: onion.h:69
int connection_edge_send_command(edge_connection_t *fromconn, uint8_t relay_command, const char *payload, size_t payload_len)
Definition: relay.c:728
static packed_cell_t * destroy_cell_to_packed_cell(destroy_cell_t *inp, int wide_circ_ids)
Definition: relay.c:2639
unsigned int remaining_relay_early_cells
#define ENTRY_TO_CONN(c)
Definition: or.h:738
void connection_ap_handshake_socks_reply(entry_connection_t *conn, char *reply, size_t replylen, int endreason)
static uint32_t get_uint32(const void *cp)
Definition: bytes.h:49
cell_queue_t n_chan_cells
Definition: circuit_st.h:70
int append_address_to_payload(uint8_t *payload_out, const tor_addr_t *addr)
Definition: relay.c:3156
extend_info_t * n_hop
Definition: circuit_st.h:76
cell_direction_t
Definition: or.h:482
struct create_cell_t * n_chan_create_cell
Definition: circuit_st.h:142
streamid_t stream_id
Definition: or.h:640
socks_request_t * socks_request
void control_event_bootstrap(bootstrap_status_t status, int progress)
struct crypt_path_t * cpath_layer
Header file for policies.c.
channel_t * p_chan
Definition: or_circuit_st.h:35
uint64_t stats_n_data_bytes_received
Definition: relay.c:2032
int count_loading_descriptors_progress(void)
Definition: nodelist.c:2631
uint64_t total_cell_waiting_time
Definition: or_circuit_st.h:71
void circuitmux_set_num_cells(circuitmux_t *cmux, circuit_t *circ, unsigned int n_cells)
Definition: circuitmux.c:1045
#define LD_APP
Definition: log.h:75
static edge_connection_t * relay_lookup_conn(circuit_t *circ, cell_t *cell, cell_direction_t cell_direction, crypt_path_t *layer_hint)
Definition: relay.c:421
void destroy_cell_queue_append(destroy_cell_queue_t *queue, circid_t circid, uint8_t reason)
Definition: relay.c:2623
Common functions for cryptographic routines.
Header file for channel.c.
#define DIR_PURPOSE_FETCH_SERVERDESC
Definition: directory.h:38
tor_assert(buffer)
void channel_timestamp_client(channel_t *chan)
Definition: channel.c:3219
edge_connection_t * n_streams
Definition: or_circuit_st.h:37
signed_error_t circpad_handle_padding_negotiated(circuit_t *circ, cell_t *cell, crypt_path_t *layer_hint)
void packed_cell_free_(packed_cell_t *cell)
Definition: relay.c:2491
int connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
int connection_half_edge_is_valid_sendme(const smartlist_t *half_conns, streamid_t stream_id)
#define tor_addr_from_ipv4h(dest, v4addr)
Definition: address.h:287
static void circuit_resume_edge_reading(circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2260
uint8_t state
Definition: circuit_st.h:99
void circuit_sent_valid_data(origin_circuit_t *circ, uint16_t relay_body_len)
Definition: circuituse.c:3130
uint64_t stats_n_data_bytes_packaged
Definition: relay.c:2026
uint32_t inserted_timestamp
Definition: cell_queue_st.h:17
circid_t n_circ_id
Definition: circuit_st.h:67
void circuitmux_notify_xmit_destroy(circuitmux_t *cmux)
Definition: circuitmux.c:1210
dir_connection_t * TO_DIR_CONN(connection_t *c)
Definition: directory.c:77
static const char * relay_command_to_string(uint8_t command)
Definition: relay.c:498
Header file for circuitpadding.c.
void circuit_synchronize_written_or_bandwidth(const circuit_t *c, circuit_channel_direction_t dir)
Definition: circuitlist.c:2134
signed_error_t circpad_handle_padding_negotiate(circuit_t *circ, cell_t *cell)
void tor_addr_from_ipv6_bytes(tor_addr_t *dest, const char *ipv6_bytes)
Definition: address.c:884
int buf_get_bytes(buf_t *buf, char *string, size_t string_len)
Definition: buffers.c:634
const char * node_describe(const node_t *node)
Definition: describe.c:101
unsigned int have_sent_sufficiently_random_cell
Definition: circuit_st.h:97
Header file for rendcache.c.
#define END_CIRC_AT_ORIGIN
Definition: or.h:305
void crypto_fast_rng_getbytes(crypto_fast_rng_t *rng, uint8_t *out, size_t n)
Master header file for Tor-specific functionality.
int client_dns_incr_failures(const char *address)
Definition: addressmap.c:638
#define CIRCUIT_STATE_OPEN
Definition: circuitlist.h:31
void cell_queue_append_packed_copy(circuit_t *circ, cell_queue_t *queue, int exitward, const cell_t *cell, int wide_circ_ids, int use_stats)
Definition: relay.c:2539
uint64_t stats_n_relay_cells_delivered
Definition: relay.c:129
uint16_t streamid_t
Definition: or.h:610
Header file for circuitbuild.c.
#define DIR_PURPOSE_FETCH_CERTIFICATE
Definition: directory.h:59
int control_event_stream_status(entry_connection_t *conn, stream_status_event_t tp, int reason_code)
#define END_STREAM_REASON_FLAG_REMOTE
Definition: or.h:276
uint32_t processed_cells
Definition: or_circuit_st.h:66
void destroy_cell_queue_clear(destroy_cell_queue_t *queue)
Definition: relay.c:2597
int tor_addr_parse(tor_addr_t *addr, const char *src)
Definition: address.c:1196
uint16_t marked_for_close
unsigned int chosen_exit_optional
void circuitmux_notify_xmit_cells(circuitmux_t *cmux, circuit_t *circ, unsigned int n_cells)
Definition: circuitmux.c:1150
uint8_t relay_early_commands[MAX_RELAY_EARLY_CELLS_PER_CIRCUIT]
int connection_buf_get_bytes(char *string, size_t len, connection_t *conn)
Definition: connection.c:3885
int have_been_under_memory_pressure(void)
Definition: relay.c:2723
int buf_add(buf_t *buf, const char *string, size_t string_len)
Definition: buffers.c:525
void connection_edge_end_close(edge_connection_t *conn, uint8_t reason)
static uint16_t get_uint16(const void *cp)
Definition: bytes.h:37
circid_t circ_id
Definition: cell_st.h:13
int marked_for_close_reason
Definition: circuit_st.h:186
#define LOG_WARN
Definition: log.h:50
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:769
unsigned int type
Definition: connection_st.h:45
static void circuit_update_channel_usage(circuit_t *circ, cell_t *cell)
Definition: relay.c:145
unsigned int edge_has_sent_end
STATIC packed_cell_t * cell_queue_pop(cell_queue_t *queue)
Definition: relay.c:2577
Header file for circuituse.c.
void cell_queue_init(cell_queue_t *queue)
Definition: relay.c:2555
smartlist_t * testing_cell_stats
Definition: circuit_st.h:201
smartlist_t * half_streams
static void connection_ap_handshake_socks_got_resolved_cell(entry_connection_t *conn, int error_code, smartlist_t *results)
Definition: relay.c:1214
uint32_t n_written_circ_bw
int pathbias_check_probe_response(circuit_t *circ, const cell_t *cell)
Definition: circpathbias.c:879
circid_t p_circ_id
Definition: or_circuit_st.h:31
#define LD_REND
Definition: log.h:81
Header file for circuitlist.c.
#define CIRCUIT_PURPOSE_PATH_BIAS_TESTING
Definition: circuitlist.h:121
void circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ)
Definition: circuitbuild.c:357
unsigned int streams_blocked_on_p_chan
Definition: circuit_st.h:83
int connection_state_is_open(connection_t *conn)
Definition: connection.c:4642
#define LD_OR
Definition: log.h:89
size_t tor_compress_get_total_allocation(void)
Definition: compress.c:458
#define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED
Definition: or.h:283
void sendme_circuit_consider_sending(circuit_t *circ, crypt_path_t *layer_hint)
Definition: sendme.c:418
const uint8_t * decode_address_from_payload(tor_addr_t *addr_out, const uint8_t *payload, int payload_len)
Definition: relay.c:3182
int connection_edge_is_rendezvous_stream(const edge_connection_t *conn)
unsigned int waiting_time
Definition: or.h:925
#define MAX_RESOLVE_FAILURES
Definition: relay.c:784
int node_exit_policy_is_exact(const node_t *node, sa_family_t family)
Definition: nodelist.c:1437
uint64_t dirreq_id
Definition: circuit_st.h:193
uint16_t length
Definition: or.h:642
uint8_t command
Definition: or.h:638
cpath_build_state_t * build_state
Header file for sendme.c.
unsigned int streams_blocked_on_n_chan
Definition: circuit_st.h:80
Header file for connection_edge.c.
#define MEMORY_PRESSURE_INTERVAL
Definition: relay.c:2669
uint64_t stats_n_data_cells_packaged
Definition: relay.c:2022
origin_circuit_t * TO_ORIGIN_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:163
cell_queue_t p_chan_cells
Definition: or_circuit_st.h:33
const char * circuit_state_to_string(int state)
Definition: circuitlist.c:757
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
static int circuit_resume_edge_reading_helper(edge_connection_t *conn, circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2281
#define CELL_PAYLOAD_SIZE
Definition: or.h:576
int circuit_send_next_onion_skin(origin_circuit_t *circ)
Definition: circuitbuild.c:937
crypto_fast_rng_t * get_thread_fast_rng(void)
Header file for relay.c.
edge_connection_t * p_streams
char identity_digest[DIGEST_LEN]
#define SMARTLIST_FOREACH(sl, type, var, cmd)
char integrity[4]
Definition: or.h:641
void relay_header_pack(uint8_t *dest, const relay_header_t *src)
Definition: relay.c:474
uint8_t packed_cell_get_command(const packed_cell_t *cell, int wide_circ_ids)
Definition: relay.c:2845
time_t timestamp_last_read_allowed
Definition: connection_st.h:98
const char * stream_end_reason_to_string(int reason)
Definition: reasons.c:64
uint64_t dirreq_id
Definition: channel.h:459
#define fmt_addr(a)
Definition: address.h:211
uint32_t circid_t
Definition: or.h:608
#define CIRCUIT_PURPOSE_OR
Definition: circuitlist.h:38
#define log_fn(severity, domain, args,...)
Definition: log.h:272
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
#define CONN_TYPE_EXIT
Definition: connection.h:26
void mark_circuit_unusable_for_new_conns(origin_circuit_t *circ)
Definition: circuituse.c:3106
STATIC size_t connection_edge_get_inbuf_bytes_to_package(size_t n_available, int package_partial, circuit_t *on_circuit)
Definition: relay.c:2059
int connection_half_edge_is_valid_end(smartlist_t *half_conns, streamid_t stream_id)
#define AP_CONN_STATE_OPEN
struct event * read_event
Definition: connection_st.h:91
or_circuit_t * TO_OR_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:151
#define DIR_PURPOSE_FETCH_MICRODESC
Definition: directory.h:70
int connection_edge_end(edge_connection_t *conn, uint8_t reason)
void rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint, int command, size_t length, const uint8_t *payload)
Definition: rendcommon.c:767
void connection_ap_handshake_socks_resolved_addr(entry_connection_t *conn, const tor_addr_t *answer, int ttl, time_t expires)
void destroy_cell_queue_init(destroy_cell_queue_t *queue)
Definition: relay.c:2589
void addr_policy_append_reject_addr(smartlist_t **dest, const tor_addr_t *addr)
Definition: policies.c:1698
time_t approx_time(void)
Definition: approx_time.c:32
int circuitmux_is_circuit_attached(circuitmux_t *cmux, circuit_t *circ)
Definition: circuitmux.c:676
int consensus_is_waiting_for_certs(void)
STATIC int connection_edge_process_resolved_cell(edge_connection_t *conn, const cell_t *cell, const relay_header_t *rh)
Definition: relay.c:1288
smartlist_t * prepend_policy
const char * marked_for_close_file
STATIC int resolved_cell_parse(const cell_t *cell, const relay_header_t *rh, smartlist_t *addresses_out, int *errcode_out)
Definition: relay.c:1117
Header file for hs_cache.c.
#define REMAP_STREAM_SOURCE_EXIT
void circuit_set_n_circid_chan(circuit_t *circ, circid_t id, channel_t *chan)
Definition: circuitlist.c:471
static void remap_event_helper(entry_connection_t *conn, const tor_addr_t *new_addr)
Definition: relay.c:1045
int circuit_receive_relay_cell(cell_t *cell, circuit_t *circ, cell_direction_t cell_direction)
Definition: relay.c:223
Header file for buffers.c.
Header file for reasons.c.
int connection_half_edge_is_valid_resolved(smartlist_t *half_conns, streamid_t stream_id)
uint8_t command
Definition: cell_st.h:14
#define CONN_TYPE_DIR
Definition: connection.h:35
unsigned int exitward
Definition: or.h:927
circuit_t * circuit_get_by_edge_conn(edge_connection_t *conn)
Definition: circuitlist.c:1572
Header file for connection_or.c.
struct circuit_t * on_circuit
void cell_pack(packed_cell_t *dst, const cell_t *src, int wide_circ_ids)
unsigned int edge_blocked_on_circ
void circuit_read_valid_data(origin_circuit_t *circ, uint16_t relay_body_len)
Definition: circuituse.c:3151
circuit_t * circuitmux_get_first_active_circuit(circuitmux_t *cmux, destroy_cell_queue_t **destroy_queue_out)
Definition: circuitmux.c:1107
extend_info_t * chosen_exit
#define tor_addr_to_in6_addr8(x)
Definition: address.h:129
void pathbias_count_valid_cells(circuit_t *circ, const cell_t *cell)
Definition: circpathbias.c:939
int extended_cell_parse(extended_cell_t *cell_out, const uint8_t command, const uint8_t *payload, size_t payload_len)
Definition: onion.c:448
struct edge_connection_t * next_stream
STATIC size_t get_pad_cell_offset(size_t data_len)
Definition: relay.c:552
#define CIRCUIT_PURPOSE_S_REND_JOINED
Definition: circuitlist.h:111
#define CONN_TYPE_AP
Definition: connection.h:31
int connection_ap_detach_retriable(entry_connection_t *conn, origin_circuit_t *circ, int reason)
static int set_streams_blocked_on_circ(circuit_t *circ, channel_t *chan, int block, streamid_t stream_id)
Definition: relay.c:2799
Header file for control_events.c.
#define LD_PROTOCOL
Definition: log.h:69
#define LD_MM
Definition: log.h:71
void circpad_machine_event_circ_has_no_relay_early(origin_circuit_t *circ)
const char * marked_for_close_file
Definition: circuit_st.h:181
void pathbias_mark_use_success(origin_circuit_t *circ)
Definition: circpathbias.c:661
#define RELAY_HEADER_SIZE
Definition: or.h:603
#define CELL_PADDING_GAP
Definition: relay.c:538
void circpad_deliver_sent_relay_cell_events(circuit_t *circ, uint8_t relay_command)
static int connection_ap_process_end_not_open(relay_header_t *rh, cell_t *cell, origin_circuit_t *circ, entry_connection_t *conn, crypt_path_t *layer_hint)
Definition: relay.c:804
void sendme_connection_edge_consider_sending(edge_connection_t *conn)
Definition: sendme.c:375
void channel_unlink_all_circuits(channel_t *chan, smartlist_t *circuits_out)
Definition: relay.c:2779
int channel_send_destroy(circid_t circ_id, channel_t *chan, int reason)
Definition: channel.c:2028
Header file for networkstatus.c.
#define LD_BUG
Definition: log.h:83
Header file for dns.c.
uint32_t monotime_coarse_get_stamp(void)
Definition: compat_time.c:844
#define EXIT_CONN_STATE_CONNECTING
Header file for routerlist.c.
void dump_cell_pool_usage(int severity)
Definition: relay.c:2501
channel_t * n_chan
Definition: circuit_st.h:58
int connection_half_edge_is_valid_connected(const smartlist_t *half_conns, streamid_t stream_id)
int connection_half_edge_is_valid_data(const smartlist_t *half_conns, streamid_t stream_id)
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:179
static void packed_cell_free_unchecked(packed_cell_t *cell)
Definition: relay.c:2475