tor  0.4.1.0-alpha-dev
relay.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
48 #define RELAY_PRIVATE
49 #include "core/or/or.h"
50 #include "feature/client/addressmap.h"
51 #include "lib/err/backtrace.h"
52 #include "lib/buf/buffers.h"
53 #include "core/or/channel.h"
54 #include "feature/client/circpathbias.h"
55 #include "core/or/circuitbuild.h"
56 #include "core/or/circuitlist.h"
57 #include "core/or/circuituse.h"
58 #include "core/or/circuitpadding.h"
59 #include "lib/compress/compress.h"
60 #include "app/config/config.h"
63 #include "core/or/connection_or.h"
68 #include "feature/relay/dns.h"
70 #include "feature/hs/hs_cache.h"
71 #include "core/mainloop/mainloop.h"
74 #include "core/or/onion.h"
75 #include "core/or/policies.h"
76 #include "core/or/reasons.h"
77 #include "core/or/relay.h"
78 #include "core/crypto/relay_crypto.h"
79 #include "feature/rend/rendcache.h"
83 #include "core/or/scheduler.h"
84 
85 #include "core/or/cell_st.h"
86 #include "core/or/cell_queue_st.h"
87 #include "core/or/cpath_build_state_st.h"
88 #include "feature/dircommon/dir_connection_st.h"
89 #include "core/or/destroy_cell_queue_st.h"
90 #include "core/or/entry_connection_st.h"
91 #include "core/or/extend_info_st.h"
92 #include "core/or/or_circuit_st.h"
93 #include "core/or/origin_circuit_st.h"
94 #include "feature/nodelist/routerinfo_st.h"
95 #include "core/or/socks_request_st.h"
96 
97 #include "lib/intmath/weakrng.h"
98 
100  cell_direction_t cell_direction,
101  crypt_path_t *layer_hint);
102 
104  crypt_path_t *layer_hint);
105 static void circuit_resume_edge_reading(circuit_t *circ,
106  crypt_path_t *layer_hint);
108  circuit_t *circ,
109  crypt_path_t *layer_hint);
111  crypt_path_t *layer_hint);
114  entry_connection_t *conn,
115  node_t *node,
116  const tor_addr_t *addr);
117 
120 #define CELL_QUEUE_HIGHWATER_SIZE 256
121 
123 #define CELL_QUEUE_LOWWATER_SIZE 64
124 
136 
138 static tor_weak_rng_t stream_choice_rng = TOR_WEAK_RNG_INIT;
139 
150 static void
152 {
153  if (CIRCUIT_IS_ORIGIN(circ)) {
154  /*
155  * The client state was first set much earlier in
156  * circuit_send_next_onion_skin(), so we can start padding as early as
157  * possible.
158  *
159  * However, if padding turns out to be expensive, we may want to not do
160  * it until actual application traffic starts flowing (which is controlled
161  * via consensus param nf_pad_before_usage).
162  *
163  * So: If we're an origin circuit and we've created a full length circuit,
164  * then any CELL_RELAY cell means application data. Increase the usage
165  * state of the channel to indicate this.
166  *
167  * We want to wait for CELL_RELAY specifically here, so we know that
168  * the channel was definitely being used for data and not for extends.
169  * By default, we pad as soon as a channel has been used for *any*
170  * circuits, so this state is irrelevant to the padding decision in
171  * the default case. However, if padding turns out to be expensive,
172  * we would like the ability to avoid padding until we're absolutely
173  * sure that a channel is used for enough application data to be worth
174  * padding.
175  *
176  * (So it does not matter that CELL_RELAY_EARLY can actually contain
177  * application data. This is only a load reducing option and that edge
178  * case does not matter if we're desperately trying to reduce overhead
179  * anyway. See also consensus parameter nf_pad_before_usage).
180  */
181  if (BUG(!circ->n_chan))
182  return;
183 
184  if (circ->n_chan->channel_usage == CHANNEL_USED_FOR_FULL_CIRCS &&
185  cell->command == CELL_RELAY) {
186  circ->n_chan->channel_usage = CHANNEL_USED_FOR_USER_TRAFFIC;
187  }
188  } else {
189  /* If we're a relay circuit, the question is more complicated. Basically:
190  * we only want to pad connections that carry multihop (anonymous)
191  * circuits.
192  *
193  * We assume we're more than one hop if either the previous hop
194  * is not a client, or if the previous hop is a client and there's
195  * a next hop. Then, circuit traffic starts at RELAY_EARLY, and
196  * user application traffic starts when we see RELAY cells.
197  */
198  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
199 
200  if (BUG(!or_circ->p_chan))
201  return;
202 
203  if (!channel_is_client(or_circ->p_chan) ||
204  (channel_is_client(or_circ->p_chan) && circ->n_chan)) {
205  if (cell->command == CELL_RELAY_EARLY) {
206  if (or_circ->p_chan->channel_usage < CHANNEL_USED_FOR_FULL_CIRCS) {
207  or_circ->p_chan->channel_usage = CHANNEL_USED_FOR_FULL_CIRCS;
208  }
209  } else if (cell->command == CELL_RELAY) {
210  or_circ->p_chan->channel_usage = CHANNEL_USED_FOR_USER_TRAFFIC;
211  }
212  }
213  }
214 }
215 
228 int
230  cell_direction_t cell_direction)
231 {
232  channel_t *chan = NULL;
233  crypt_path_t *layer_hint=NULL;
234  char recognized=0;
235  int reason;
236 
237  tor_assert(cell);
238  tor_assert(circ);
239  tor_assert(cell_direction == CELL_DIRECTION_OUT ||
240  cell_direction == CELL_DIRECTION_IN);
241  if (circ->marked_for_close)
242  return 0;
243 
244  if (relay_decrypt_cell(circ, cell, cell_direction, &layer_hint, &recognized)
245  < 0) {
246  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
247  "relay crypt failed. Dropping connection.");
248  return -END_CIRC_REASON_INTERNAL;
249  }
250 
251  circuit_update_channel_usage(circ, cell);
252 
253  if (recognized) {
254  edge_connection_t *conn = NULL;
255 
257  if (pathbias_check_probe_response(circ, cell) == -1) {
258  pathbias_count_valid_cells(circ, cell);
259  }
260 
261  /* We need to drop this cell no matter what to avoid code that expects
262  * a certain purpose (such as the hidserv code). */
263  return 0;
264  }
265 
266  conn = relay_lookup_conn(circ, cell, cell_direction, layer_hint);
267  if (cell_direction == CELL_DIRECTION_OUT) {
269  log_debug(LD_OR,"Sending away from origin.");
270  if ((reason=connection_edge_process_relay_cell(cell, circ, conn, NULL))
271  < 0) {
272  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
273  "connection_edge_process_relay_cell (away from origin) "
274  "failed.");
275  return reason;
276  }
277  }
278  if (cell_direction == CELL_DIRECTION_IN) {
280  log_debug(LD_OR,"Sending to origin.");
281  if ((reason = connection_edge_process_relay_cell(cell, circ, conn,
282  layer_hint)) < 0) {
283  /* If a client is trying to connect to unknown hidden service port,
284  * END_CIRC_AT_ORIGIN is sent back so we can then close the circuit.
285  * Do not log warn as this is an expected behavior for a service. */
286  if (reason != END_CIRC_AT_ORIGIN) {
287  log_warn(LD_OR,
288  "connection_edge_process_relay_cell (at origin) failed.");
289  }
290  return reason;
291  }
292  }
293  return 0;
294  }
295 
296  /* not recognized. inform circpad and pass it on. */
297  circpad_deliver_unrecognized_cell_events(circ, cell_direction);
298 
299  if (cell_direction == CELL_DIRECTION_OUT) {
300  cell->circ_id = circ->n_circ_id; /* switch it */
301  chan = circ->n_chan;
302  } else if (! CIRCUIT_IS_ORIGIN(circ)) {
303  cell->circ_id = TO_OR_CIRCUIT(circ)->p_circ_id; /* switch it */
304  chan = TO_OR_CIRCUIT(circ)->p_chan;
305  } else {
306  log_fn(LOG_PROTOCOL_WARN, LD_OR,
307  "Dropping unrecognized inbound cell on origin circuit.");
308  /* If we see unrecognized cells on path bias testing circs,
309  * it's bad mojo. Those circuits need to die.
310  * XXX: Shouldn't they always die? */
312  TO_ORIGIN_CIRCUIT(circ)->path_state = PATH_STATE_USE_FAILED;
313  return -END_CIRC_REASON_TORPROTOCOL;
314  } else {
315  return 0;
316  }
317  }
318 
319  if (!chan) {
320  // XXXX Can this splice stuff be done more cleanly?
321  if (! CIRCUIT_IS_ORIGIN(circ) &&
322  TO_OR_CIRCUIT(circ)->rend_splice &&
323  cell_direction == CELL_DIRECTION_OUT) {
324  or_circuit_t *splice_ = TO_OR_CIRCUIT(circ)->rend_splice;
327  cell->circ_id = splice_->p_circ_id;
328  cell->command = CELL_RELAY; /* can't be relay_early anyway */
329  if ((reason = circuit_receive_relay_cell(cell, TO_CIRCUIT(splice_),
330  CELL_DIRECTION_IN)) < 0) {
331  log_warn(LD_REND, "Error relaying cell across rendezvous; closing "
332  "circuits");
333  /* XXXX Do this here, or just return -1? */
334  circuit_mark_for_close(circ, -reason);
335  return reason;
336  }
337  return 0;
338  }
339  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
340  "Didn't recognize cell, but circ stops here! Closing circ.");
341  return -END_CIRC_REASON_TORPROTOCOL;
342  }
343 
344  log_debug(LD_OR,"Passing on unrecognized cell.");
345 
346  ++stats_n_relay_cells_relayed; /* XXXX no longer quite accurate {cells}
347  * we might kill the circ before we relay
348  * the cells. */
349 
350  append_cell_to_circuit_queue(circ, chan, cell, cell_direction, 0);
351  return 0;
352 }
353 
359 circuit_package_relay_cell, (cell_t *cell, circuit_t *circ,
360  cell_direction_t cell_direction,
361  crypt_path_t *layer_hint, streamid_t on_stream,
362  const char *filename, int lineno))
363 {
364  channel_t *chan; /* where to send the cell */
365 
366  if (circ->marked_for_close) {
367  /* Circuit is marked; send nothing. */
368  return 0;
369  }
370 
371  if (cell_direction == CELL_DIRECTION_OUT) {
372  chan = circ->n_chan;
373  if (!chan) {
374  log_warn(LD_BUG,"outgoing relay cell sent from %s:%d has n_chan==NULL."
375  " Dropping. Circuit is in state %s (%d), and is "
376  "%smarked for close. (%s:%d, %d)", filename, lineno,
377  circuit_state_to_string(circ->state), circ->state,
378  circ->marked_for_close ? "" : "not ",
381  if (CIRCUIT_IS_ORIGIN(circ)) {
383  }
384  log_backtrace(LOG_WARN,LD_BUG,"");
385  return 0; /* just drop it */
386  }
387  if (!CIRCUIT_IS_ORIGIN(circ)) {
388  log_warn(LD_BUG,"outgoing relay cell sent from %s:%d on non-origin "
389  "circ. Dropping.", filename, lineno);
390  log_backtrace(LOG_WARN,LD_BUG,"");
391  return 0; /* just drop it */
392  }
393 
394  relay_encrypt_cell_outbound(cell, TO_ORIGIN_CIRCUIT(circ), layer_hint);
395 
396  /* Update circ written totals for control port */
397  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
398  ocirc->n_written_circ_bw = tor_add_u32_nowrap(ocirc->n_written_circ_bw,
400 
401  } else { /* incoming cell */
402  if (CIRCUIT_IS_ORIGIN(circ)) {
403  /* We should never package an _incoming_ cell from the circuit
404  * origin; that means we messed up somewhere. */
405  log_warn(LD_BUG,"incoming relay cell at origin circuit. Dropping.");
406  assert_circuit_ok(circ);
407  return 0; /* just drop it */
408  }
409  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
410  relay_encrypt_cell_inbound(cell, or_circ);
411  chan = or_circ->p_chan;
412  }
414 
415  append_cell_to_circuit_queue(circ, chan, cell, cell_direction, on_stream);
416  return 0;
417 }
418 
422 static edge_connection_t *
424  cell_direction_t cell_direction, crypt_path_t *layer_hint)
425 {
426  edge_connection_t *tmpconn;
427  relay_header_t rh;
428 
429  relay_header_unpack(&rh, cell->payload);
430 
431  if (!rh.stream_id)
432  return NULL;
433 
434  /* IN or OUT cells could have come from either direction, now
435  * that we allow rendezvous *to* an OP.
436  */
437 
438  if (CIRCUIT_IS_ORIGIN(circ)) {
439  for (tmpconn = TO_ORIGIN_CIRCUIT(circ)->p_streams; tmpconn;
440  tmpconn=tmpconn->next_stream) {
441  if (rh.stream_id == tmpconn->stream_id &&
442  !tmpconn->base_.marked_for_close &&
443  tmpconn->cpath_layer == layer_hint) {
444  log_debug(LD_APP,"found conn for stream %d.", rh.stream_id);
445  return tmpconn;
446  }
447  }
448  } else {
449  for (tmpconn = TO_OR_CIRCUIT(circ)->n_streams; tmpconn;
450  tmpconn=tmpconn->next_stream) {
451  if (rh.stream_id == tmpconn->stream_id &&
452  !tmpconn->base_.marked_for_close) {
453  log_debug(LD_EXIT,"found conn for stream %d.", rh.stream_id);
454  if (cell_direction == CELL_DIRECTION_OUT ||
456  return tmpconn;
457  }
458  }
459  for (tmpconn = TO_OR_CIRCUIT(circ)->resolving_streams; tmpconn;
460  tmpconn=tmpconn->next_stream) {
461  if (rh.stream_id == tmpconn->stream_id &&
462  !tmpconn->base_.marked_for_close) {
463  log_debug(LD_EXIT,"found conn for stream %d.", rh.stream_id);
464  return tmpconn;
465  }
466  }
467  }
468  return NULL; /* probably a begin relay cell */
469 }
470 
475 void
476 relay_header_pack(uint8_t *dest, const relay_header_t *src)
477 {
478  set_uint8(dest, src->command);
479  set_uint16(dest+1, htons(src->recognized));
480  set_uint16(dest+3, htons(src->stream_id));
481  memcpy(dest+5, src->integrity, 4);
482  set_uint16(dest+9, htons(src->length));
483 }
484 
488 void
489 relay_header_unpack(relay_header_t *dest, const uint8_t *src)
490 {
491  dest->command = get_uint8(src);
492  dest->recognized = ntohs(get_uint16(src+1));
493  dest->stream_id = ntohs(get_uint16(src+3));
494  memcpy(dest->integrity, src+5, 4);
495  dest->length = ntohs(get_uint16(src+9));
496 }
497 
499 static const char *
500 relay_command_to_string(uint8_t command)
501 {
502  static char buf[64];
503  switch (command) {
504  case RELAY_COMMAND_BEGIN: return "BEGIN";
505  case RELAY_COMMAND_DATA: return "DATA";
506  case RELAY_COMMAND_END: return "END";
507  case RELAY_COMMAND_CONNECTED: return "CONNECTED";
508  case RELAY_COMMAND_SENDME: return "SENDME";
509  case RELAY_COMMAND_EXTEND: return "EXTEND";
510  case RELAY_COMMAND_EXTENDED: return "EXTENDED";
511  case RELAY_COMMAND_TRUNCATE: return "TRUNCATE";
512  case RELAY_COMMAND_TRUNCATED: return "TRUNCATED";
513  case RELAY_COMMAND_DROP: return "DROP";
514  case RELAY_COMMAND_RESOLVE: return "RESOLVE";
515  case RELAY_COMMAND_RESOLVED: return "RESOLVED";
516  case RELAY_COMMAND_BEGIN_DIR: return "BEGIN_DIR";
517  case RELAY_COMMAND_ESTABLISH_INTRO: return "ESTABLISH_INTRO";
518  case RELAY_COMMAND_ESTABLISH_RENDEZVOUS: return "ESTABLISH_RENDEZVOUS";
519  case RELAY_COMMAND_INTRODUCE1: return "INTRODUCE1";
520  case RELAY_COMMAND_INTRODUCE2: return "INTRODUCE2";
521  case RELAY_COMMAND_RENDEZVOUS1: return "RENDEZVOUS1";
522  case RELAY_COMMAND_RENDEZVOUS2: return "RENDEZVOUS2";
523  case RELAY_COMMAND_INTRO_ESTABLISHED: return "INTRO_ESTABLISHED";
524  case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
525  return "RENDEZVOUS_ESTABLISHED";
526  case RELAY_COMMAND_INTRODUCE_ACK: return "INTRODUCE_ACK";
527  case RELAY_COMMAND_EXTEND2: return "EXTEND2";
528  case RELAY_COMMAND_EXTENDED2: return "EXTENDED2";
529  case RELAY_COMMAND_PADDING_NEGOTIATE: return "PADDING_NEGOTIATE";
530  case RELAY_COMMAND_PADDING_NEGOTIATED: return "PADDING_NEGOTIATED";
531  default:
532  tor_snprintf(buf, sizeof(buf), "Unrecognized relay command %u",
533  (unsigned)command);
534  return buf;
535  }
536 }
537 
548 relay_send_command_from_edge_,(streamid_t stream_id, circuit_t *circ,
549  uint8_t relay_command, const char *payload,
550  size_t payload_len, crypt_path_t *cpath_layer,
551  const char *filename, int lineno))
552 {
553  cell_t cell;
554  relay_header_t rh;
555  cell_direction_t cell_direction;
556  /* XXXX NM Split this function into a separate versions per circuit type? */
557 
558  tor_assert(circ);
559  tor_assert(payload_len <= RELAY_PAYLOAD_SIZE);
560 
561  memset(&cell, 0, sizeof(cell_t));
562  cell.command = CELL_RELAY;
563  if (CIRCUIT_IS_ORIGIN(circ)) {
564  tor_assert(cpath_layer);
565  cell.circ_id = circ->n_circ_id;
566  cell_direction = CELL_DIRECTION_OUT;
567  } else {
568  tor_assert(! cpath_layer);
569  cell.circ_id = TO_OR_CIRCUIT(circ)->p_circ_id;
570  cell_direction = CELL_DIRECTION_IN;
571  }
572 
573  memset(&rh, 0, sizeof(rh));
574  rh.command = relay_command;
575  rh.stream_id = stream_id;
576  rh.length = payload_len;
577  relay_header_pack(cell.payload, &rh);
578  if (payload_len)
579  memcpy(cell.payload+RELAY_HEADER_SIZE, payload, payload_len);
580 
581  log_debug(LD_OR,"delivering %d cell %s.", relay_command,
582  cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");
583 
584  /* Tell circpad we're sending a relay cell */
585  circpad_deliver_sent_relay_cell_events(circ, relay_command);
586 
587  /* If we are sending an END cell and this circuit is used for a tunneled
588  * directory request, advance its state. */
589  if (relay_command == RELAY_COMMAND_END && circ->dirreq_id)
590  geoip_change_dirreq_state(circ->dirreq_id, DIRREQ_TUNNELED,
592 
593  if (cell_direction == CELL_DIRECTION_OUT && circ->n_chan) {
594  /* if we're using relaybandwidthrate, this conn wants priority */
596  }
597 
598  if (cell_direction == CELL_DIRECTION_OUT) {
599  origin_circuit_t *origin_circ = TO_ORIGIN_CIRCUIT(circ);
600  if (origin_circ->remaining_relay_early_cells > 0 &&
601  (relay_command == RELAY_COMMAND_EXTEND ||
602  relay_command == RELAY_COMMAND_EXTEND2 ||
603  cpath_layer != origin_circ->cpath)) {
604  /* If we've got any relay_early cells left and (we're sending
605  * an extend cell or we're not talking to the first hop), use
606  * one of them. Don't worry about the conn protocol version:
607  * append_cell_to_circuit_queue will fix it up. */
608  cell.command = CELL_RELAY_EARLY;
609  /* If we're out of relay early cells, tell circpad */
610  if (--origin_circ->remaining_relay_early_cells == 0)
612  log_debug(LD_OR, "Sending a RELAY_EARLY cell; %d remaining.",
613  (int)origin_circ->remaining_relay_early_cells);
614  /* Memorize the command that is sent as RELAY_EARLY cell; helps debug
615  * task 878. */
616  origin_circ->relay_early_commands[
617  origin_circ->relay_early_cells_sent++] = relay_command;
618  } else if (relay_command == RELAY_COMMAND_EXTEND ||
619  relay_command == RELAY_COMMAND_EXTEND2) {
620  /* If no RELAY_EARLY cells can be sent over this circuit, log which
621  * commands have been sent as RELAY_EARLY cells before; helps debug
622  * task 878. */
623  smartlist_t *commands_list = smartlist_new();
624  int i = 0;
625  char *commands = NULL;
626  for (; i < origin_circ->relay_early_cells_sent; i++)
627  smartlist_add(commands_list, (char *)
629  commands = smartlist_join_strings(commands_list, ",", 0, NULL);
630  log_warn(LD_BUG, "Uh-oh. We're sending a RELAY_COMMAND_EXTEND cell, "
631  "but we have run out of RELAY_EARLY cells on that circuit. "
632  "Commands sent before: %s", commands);
633  tor_free(commands);
634  smartlist_free(commands_list);
635  }
636 
637  /* Let's assume we're well-behaved: Anything that we decide to send is
638  * valid, delivered data. */
639  circuit_sent_valid_data(origin_circ, rh.length);
640  }
641 
642  if (circuit_package_relay_cell(&cell, circ, cell_direction, cpath_layer,
643  stream_id, filename, lineno) < 0) {
644  log_warn(LD_BUG,"circuit_package_relay_cell failed. Closing.");
645  circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL);
646  return -1;
647  }
648  return 0;
649 }
650 
660 int
662  uint8_t relay_command, const char *payload,
663  size_t payload_len)
664 {
665  /* XXXX NM Split this function into a separate versions per circuit type? */
666  circuit_t *circ;
667  crypt_path_t *cpath_layer = fromconn->cpath_layer;
668  tor_assert(fromconn);
669  circ = fromconn->on_circuit;
670 
671  if (fromconn->base_.marked_for_close) {
672  log_warn(LD_BUG,
673  "called on conn that's already marked for close at %s:%d.",
674  fromconn->base_.marked_for_close_file,
675  fromconn->base_.marked_for_close);
676  return 0;
677  }
678 
679  if (!circ) {
680  if (fromconn->base_.type == CONN_TYPE_AP) {
681  log_info(LD_APP,"no circ. Closing conn.");
682  connection_mark_unattached_ap(EDGE_TO_ENTRY_CONN(fromconn),
683  END_STREAM_REASON_INTERNAL);
684  } else {
685  log_info(LD_EXIT,"no circ. Closing conn.");
686  fromconn->edge_has_sent_end = 1; /* no circ to send to */
687  fromconn->end_reason = END_STREAM_REASON_INTERNAL;
688  connection_mark_for_close(TO_CONN(fromconn));
689  }
690  return -1;
691  }
692 
693  if (circ->marked_for_close) {
694  /* The circuit has been marked, but not freed yet. When it's freed, it
695  * will mark this connection for close. */
696  return -1;
697  }
698 
699 #ifdef MEASUREMENTS_21206
700  /* Keep track of the number of RELAY_DATA cells sent for directory
701  * connections. */
702  connection_t *linked_conn = TO_CONN(fromconn)->linked_conn;
703 
704  if (linked_conn && linked_conn->type == CONN_TYPE_DIR) {
705  ++(TO_DIR_CONN(linked_conn)->data_cells_sent);
706  }
707 #endif /* defined(MEASUREMENTS_21206) */
708 
709  return relay_send_command_from_edge(fromconn->stream_id, circ,
710  relay_command, payload,
711  payload_len, cpath_layer);
712 }
713 
717 #define MAX_RESOLVE_FAILURES 3
718 
721 static int
723 {
724  return reason == END_STREAM_REASON_HIBERNATING ||
725  reason == END_STREAM_REASON_RESOURCELIMIT ||
726  reason == END_STREAM_REASON_EXITPOLICY ||
727  reason == END_STREAM_REASON_RESOLVEFAILED ||
728  reason == END_STREAM_REASON_MISC ||
729  reason == END_STREAM_REASON_NOROUTE;
730 }
731 
736 static int
738  relay_header_t *rh, cell_t *cell, origin_circuit_t *circ,
739  entry_connection_t *conn, crypt_path_t *layer_hint)
740 {
741  node_t *exitrouter;
742  int reason = *(cell->payload+RELAY_HEADER_SIZE);
743  int control_reason;
744  edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(conn);
745  (void) layer_hint; /* unused */
746 
747  if (rh->length > 0) {
748  if (reason == END_STREAM_REASON_TORPROTOCOL ||
749  reason == END_STREAM_REASON_DESTROY) {
750  /* Both of these reasons could mean a failed tag
751  * hit the exit and it complained. Do not probe.
752  * Fail the circuit. */
753  circ->path_state = PATH_STATE_USE_FAILED;
754  return -END_CIRC_REASON_TORPROTOCOL;
755  } else if (reason == END_STREAM_REASON_INTERNAL) {
756  /* We can't infer success or failure, since older Tors report
757  * ENETUNREACH as END_STREAM_REASON_INTERNAL. */
758  } else {
759  /* Path bias: If we get a valid reason code from the exit,
760  * it wasn't due to tagging.
761  *
762  * We rely on recognized+digest being strong enough to make
763  * tags unlikely to allow us to get tagged, yet 'recognized'
764  * reason codes here. */
766  }
767  }
768 
769  /* This end cell is now valid. */
770  circuit_read_valid_data(circ, rh->length);
771 
772  if (rh->length == 0) {
773  reason = END_STREAM_REASON_MISC;
774  }
775 
776  control_reason = reason | END_STREAM_REASON_FLAG_REMOTE;
777 
778  if (edge_reason_is_retriable(reason) &&
779  /* avoid retry if rend */
781  const char *chosen_exit_digest =
783  log_info(LD_APP,"Address '%s' refused due to '%s'. Considering retrying.",
784  safe_str(conn->socks_request->address),
786  exitrouter = node_get_mutable_by_id(chosen_exit_digest);
787  switch (reason) {
788  case END_STREAM_REASON_EXITPOLICY: {
789  tor_addr_t addr;
790  tor_addr_make_unspec(&addr);
791  if (rh->length >= 5) {
792  int ttl = -1;
793  tor_addr_make_unspec(&addr);
794  if (rh->length == 5 || rh->length == 9) {
795  tor_addr_from_ipv4n(&addr,
797  if (rh->length == 9)
798  ttl = (int)ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE+5));
799  } else if (rh->length == 17 || rh->length == 21) {
801  (char*)(cell->payload+RELAY_HEADER_SIZE+1));
802  if (rh->length == 21)
803  ttl = (int)ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE+17));
804  }
805  if (tor_addr_is_null(&addr)) {
806  log_info(LD_APP,"Address '%s' resolved to 0.0.0.0. Closing,",
807  safe_str(conn->socks_request->address));
808  connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
809  return 0;
810  }
811 
812  if ((tor_addr_family(&addr) == AF_INET &&
813  !conn->entry_cfg.ipv4_traffic) ||
814  (tor_addr_family(&addr) == AF_INET6 &&
815  !conn->entry_cfg.ipv6_traffic)) {
816  log_fn(LOG_PROTOCOL_WARN, LD_APP,
817  "Got an EXITPOLICY failure on a connection with a "
818  "mismatched family. Closing.");
819  connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
820  return 0;
821  }
822  if (get_options()->ClientDNSRejectInternalAddresses &&
823  tor_addr_is_internal(&addr, 0)) {
824  log_info(LD_APP,"Address '%s' resolved to internal. Closing,",
825  safe_str(conn->socks_request->address));
826  connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
827  return 0;
828  }
829 
831  conn->socks_request->address, &addr,
832  conn->chosen_exit_name, ttl);
833 
834  {
835  char new_addr[TOR_ADDR_BUF_LEN];
836  tor_addr_to_str(new_addr, &addr, sizeof(new_addr), 1);
837  if (strcmp(conn->socks_request->address, new_addr)) {
838  strlcpy(conn->socks_request->address, new_addr,
839  sizeof(conn->socks_request->address));
840  control_event_stream_status(conn, STREAM_EVENT_REMAP, 0);
841  }
842  }
843  }
844  /* check if the exit *ought* to have allowed it */
845 
847  conn,
848  exitrouter,
849  &addr);
850 
851  if (conn->chosen_exit_optional ||
852  conn->chosen_exit_retries) {
853  /* stop wanting a specific exit */
854  conn->chosen_exit_optional = 0;
855  /* A non-zero chosen_exit_retries can happen if we set a
856  * TrackHostExits for this address under a port that the exit
857  * relay allows, but then try the same address with a different
858  * port that it doesn't allow to exit. We shouldn't unregister
859  * the mapping, since it is probably still wanted on the
860  * original port. But now we give away to the exit relay that
861  * we probably have a TrackHostExits on it. So be it. */
862  conn->chosen_exit_retries = 0;
863  tor_free(conn->chosen_exit_name); /* clears it */
864  }
865  if (connection_ap_detach_retriable(conn, circ, control_reason) >= 0)
866  return 0;
867  /* else, conn will get closed below */
868  break;
869  }
870  case END_STREAM_REASON_CONNECTREFUSED:
871  if (!conn->chosen_exit_optional)
872  break; /* break means it'll close, below */
873  /* Else fall through: expire this circuit, clear the
874  * chosen_exit_name field, and try again. */
875  /* Falls through. */
876  case END_STREAM_REASON_RESOLVEFAILED:
877  case END_STREAM_REASON_TIMEOUT:
878  case END_STREAM_REASON_MISC:
879  case END_STREAM_REASON_NOROUTE:
882  /* We haven't retried too many times; reattach the connection. */
884  /* Mark this circuit "unusable for new streams". */
886 
887  if (conn->chosen_exit_optional) {
888  /* stop wanting a specific exit */
889  conn->chosen_exit_optional = 0;
890  tor_free(conn->chosen_exit_name); /* clears it */
891  }
892  if (connection_ap_detach_retriable(conn, circ, control_reason) >= 0)
893  return 0;
894  /* else, conn will get closed below */
895  } else {
896  log_notice(LD_APP,
897  "Have tried resolving or connecting to address '%s' "
898  "at %d different places. Giving up.",
899  safe_str(conn->socks_request->address),
901  /* clear the failures, so it will have a full try next time */
903  }
904  break;
905  case END_STREAM_REASON_HIBERNATING:
906  case END_STREAM_REASON_RESOURCELIMIT:
907  if (exitrouter) {
909  }
910  if (conn->chosen_exit_optional) {
911  /* stop wanting a specific exit */
912  conn->chosen_exit_optional = 0;
913  tor_free(conn->chosen_exit_name); /* clears it */
914  }
915  if (connection_ap_detach_retriable(conn, circ, control_reason) >= 0)
916  return 0;
917  /* else, will close below */
918  break;
919  } /* end switch */
920  log_info(LD_APP,"Giving up on retrying; conn can't be handled.");
921  }
922 
923  log_info(LD_APP,
924  "Edge got end (%s) before we're connected. Marking for close.",
925  stream_end_reason_to_string(rh->length > 0 ? reason : -1));
927  /* need to test because of detach_retriable */
928  if (!ENTRY_TO_CONN(conn)->marked_for_close)
929  connection_mark_unattached_ap(conn, control_reason);
930  return 0;
931 }
932 
942 static void
944  entry_connection_t *conn,
945  node_t *node,
946  const tor_addr_t *addr)
947 {
948  int make_reject_all = 0;
949  const sa_family_t family = tor_addr_family(addr);
950 
951  if (node) {
952  tor_addr_t tmp;
953  int asked_for_family = tor_addr_parse(&tmp, conn->socks_request->address);
954  if (family == AF_UNSPEC) {
955  make_reject_all = 1;
956  } else if (node_exit_policy_is_exact(node, family) &&
957  asked_for_family != -1 && !conn->chosen_exit_name) {
958  make_reject_all = 1;
959  }
960 
961  if (make_reject_all) {
962  log_info(LD_APP,
963  "Exitrouter %s seems to be more restrictive than its exit "
964  "policy. Not using this router as exit for now.",
965  node_describe(node));
967  }
968  }
969 
970  if (family != AF_UNSPEC)
972 }
973 
977 static void
979 {
980  tor_addr_to_str(conn->socks_request->address, new_addr,
981  sizeof(conn->socks_request->address),
982  1);
983  control_event_stream_status(conn, STREAM_EVENT_REMAP,
985 }
986 
997 STATIC int
999  tor_addr_t *addr_out, int *ttl_out)
1000 {
1001  uint32_t bytes;
1002  const uint8_t *payload = cell->payload + RELAY_HEADER_SIZE;
1003 
1004  tor_addr_make_unspec(addr_out);
1005  *ttl_out = -1;
1006  if (rh->length == 0)
1007  return 0;
1008  if (rh->length < 4)
1009  return -1;
1010  bytes = ntohl(get_uint32(payload));
1011 
1012  /* If bytes is 0, this is maybe a v6 address. Otherwise it's a v4 address */
1013  if (bytes != 0) {
1014  /* v4 address */
1015  tor_addr_from_ipv4h(addr_out, bytes);
1016  if (rh->length >= 8) {
1017  bytes = ntohl(get_uint32(payload + 4));
1018  if (bytes <= INT32_MAX)
1019  *ttl_out = bytes;
1020  }
1021  } else {
1022  if (rh->length < 25) /* 4 bytes of 0s, 1 addr, 16 ipv4, 4 ttl. */
1023  return -1;
1024  if (get_uint8(payload + 4) != 6)
1025  return -1;
1026  tor_addr_from_ipv6_bytes(addr_out, (char*)(payload + 5));
1027  bytes = ntohl(get_uint32(payload + 21));
1028  if (bytes <= INT32_MAX)
1029  *ttl_out = (int) bytes;
1030  }
1031  return 0;
1032 }
1033 
1035 STATIC void
1036 address_ttl_free_(address_ttl_t *addr)
1037 {
1038  if (!addr)
1039  return;
1040  tor_free(addr->hostname);
1041  tor_free(addr);
1042 }
1043 
1049 STATIC int
1051  smartlist_t *addresses_out, int *errcode_out)
1052 {
1053  const uint8_t *cp;
1054  uint8_t answer_type;
1055  size_t answer_len;
1056  address_ttl_t *addr;
1057  size_t remaining;
1058  int errcode = 0;
1059  smartlist_t *addrs;
1060 
1061  tor_assert(cell);
1062  tor_assert(rh);
1063  tor_assert(addresses_out);
1064  tor_assert(errcode_out);
1065 
1066  *errcode_out = 0;
1067 
1068  if (rh->length > RELAY_PAYLOAD_SIZE)
1069  return -1;
1070 
1071  addrs = smartlist_new();
1072 
1073  cp = cell->payload + RELAY_HEADER_SIZE;
1074 
1075  remaining = rh->length;
1076  while (remaining) {
1077  const uint8_t *cp_orig = cp;
1078  if (remaining < 2)
1079  goto err;
1080  answer_type = *cp++;
1081  answer_len = *cp++;
1082  if (remaining < 2 + answer_len + 4) {
1083  goto err;
1084  }
1085  if (answer_type == RESOLVED_TYPE_IPV4) {
1086  if (answer_len != 4) {
1087  goto err;
1088  }
1089  addr = tor_malloc_zero(sizeof(*addr));
1090  tor_addr_from_ipv4n(&addr->addr, get_uint32(cp));
1091  cp += 4;
1092  addr->ttl = ntohl(get_uint32(cp));
1093  cp += 4;
1094  smartlist_add(addrs, addr);
1095  } else if (answer_type == RESOLVED_TYPE_IPV6) {
1096  if (answer_len != 16)
1097  goto err;
1098  addr = tor_malloc_zero(sizeof(*addr));
1099  tor_addr_from_ipv6_bytes(&addr->addr, (const char*) cp);
1100  cp += 16;
1101  addr->ttl = ntohl(get_uint32(cp));
1102  cp += 4;
1103  smartlist_add(addrs, addr);
1104  } else if (answer_type == RESOLVED_TYPE_HOSTNAME) {
1105  if (answer_len == 0) {
1106  goto err;
1107  }
1108  addr = tor_malloc_zero(sizeof(*addr));
1109  addr->hostname = tor_memdup_nulterm(cp, answer_len);
1110  cp += answer_len;
1111  addr->ttl = ntohl(get_uint32(cp));
1112  cp += 4;
1113  smartlist_add(addrs, addr);
1114  } else if (answer_type == RESOLVED_TYPE_ERROR_TRANSIENT ||
1115  answer_type == RESOLVED_TYPE_ERROR) {
1116  errcode = answer_type;
1117  /* Ignore the error contents */
1118  cp += answer_len + 4;
1119  } else {
1120  cp += answer_len + 4;
1121  }
1122  tor_assert(((ssize_t)remaining) >= (cp - cp_orig));
1123  remaining -= (cp - cp_orig);
1124  }
1125 
1126  if (errcode && smartlist_len(addrs) == 0) {
1127  /* Report an error only if there were no results. */
1128  *errcode_out = errcode;
1129  }
1130 
1131  smartlist_add_all(addresses_out, addrs);
1132  smartlist_free(addrs);
1133 
1134  return 0;
1135 
1136  err:
1137  /* On parse error, don't report any results */
1138  SMARTLIST_FOREACH(addrs, address_ttl_t *, a, address_ttl_free(a));
1139  smartlist_free(addrs);
1140  return -1;
1141 }
1142 
1146 static void
1148  int error_code,
1149  smartlist_t *results)
1150 {
1151  address_ttl_t *addr_ipv4 = NULL;
1152  address_ttl_t *addr_ipv6 = NULL;
1153  address_ttl_t *addr_hostname = NULL;
1154  address_ttl_t *addr_best = NULL;
1155 
1156  /* If it's an error code, that's easy. */
1157  if (error_code) {
1158  tor_assert(error_code == RESOLVED_TYPE_ERROR ||
1159  error_code == RESOLVED_TYPE_ERROR_TRANSIENT);
1160  connection_ap_handshake_socks_resolved(conn,
1161  error_code,0,NULL,-1,-1);
1162  return;
1163  }
1164 
1165  /* Get the first answer of each type. */
1166  SMARTLIST_FOREACH_BEGIN(results, address_ttl_t *, addr) {
1167  if (addr->hostname) {
1168  if (!addr_hostname) {
1169  addr_hostname = addr;
1170  }
1171  } else if (tor_addr_family(&addr->addr) == AF_INET) {
1172  if (!addr_ipv4 && conn->entry_cfg.ipv4_traffic) {
1173  addr_ipv4 = addr;
1174  }
1175  } else if (tor_addr_family(&addr->addr) == AF_INET6) {
1176  if (!addr_ipv6 && conn->entry_cfg.ipv6_traffic) {
1177  addr_ipv6 = addr;
1178  }
1179  }
1180  } SMARTLIST_FOREACH_END(addr);
1181 
1182  /* Now figure out which type we wanted to deliver. */
1183  if (conn->socks_request->command == SOCKS_COMMAND_RESOLVE_PTR) {
1184  if (addr_hostname) {
1185  connection_ap_handshake_socks_resolved(conn,
1186  RESOLVED_TYPE_HOSTNAME,
1187  strlen(addr_hostname->hostname),
1188  (uint8_t*)addr_hostname->hostname,
1189  addr_hostname->ttl,-1);
1190  } else {
1191  connection_ap_handshake_socks_resolved(conn,
1192  RESOLVED_TYPE_ERROR,0,NULL,-1,-1);
1193  }
1194  return;
1195  }
1196 
1197  if (conn->entry_cfg.prefer_ipv6) {
1198  addr_best = addr_ipv6 ? addr_ipv6 : addr_ipv4;
1199  } else {
1200  addr_best = addr_ipv4 ? addr_ipv4 : addr_ipv6;
1201  }
1202 
1203  /* Now convert it to the ugly old interface */
1204  if (! addr_best) {
1205  connection_ap_handshake_socks_resolved(conn,
1206  RESOLVED_TYPE_ERROR,0,NULL,-1,-1);
1207  return;
1208  }
1209 
1211  &addr_best->addr,
1212  addr_best->ttl,
1213  -1);
1214 
1215  remap_event_helper(conn, &addr_best->addr);
1216 }
1217 
1220 STATIC int
1222  const cell_t *cell,
1223  const relay_header_t *rh)
1224 {
1225  entry_connection_t *entry_conn = EDGE_TO_ENTRY_CONN(conn);
1226  smartlist_t *resolved_addresses = NULL;
1227  int errcode = 0;
1228 
1229  if (conn->base_.state != AP_CONN_STATE_RESOLVE_WAIT) {
1230  log_fn(LOG_PROTOCOL_WARN, LD_APP, "Got a 'resolved' cell while "
1231  "not in state resolve_wait. Dropping.");
1232  return 0;
1233  }
1234  tor_assert(SOCKS_COMMAND_IS_RESOLVE(entry_conn->socks_request->command));
1235 
1236  resolved_addresses = smartlist_new();
1237  if (resolved_cell_parse(cell, rh, resolved_addresses, &errcode)) {
1238  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1239  "Dropping malformed 'resolved' cell");
1240  connection_mark_unattached_ap(entry_conn, END_STREAM_REASON_TORPROTOCOL);
1241  goto done;
1242  }
1243 
1244  if (get_options()->ClientDNSRejectInternalAddresses) {
1245  int orig_len = smartlist_len(resolved_addresses);
1246  SMARTLIST_FOREACH_BEGIN(resolved_addresses, address_ttl_t *, addr) {
1247  if (addr->hostname == NULL && tor_addr_is_internal(&addr->addr, 0)) {
1248  log_info(LD_APP, "Got a resolved cell with answer %s; dropping that "
1249  "answer.",
1250  safe_str_client(fmt_addr(&addr->addr)));
1251  address_ttl_free(addr);
1252  SMARTLIST_DEL_CURRENT(resolved_addresses, addr);
1253  }
1254  } SMARTLIST_FOREACH_END(addr);
1255  if (orig_len && smartlist_len(resolved_addresses) == 0) {
1256  log_info(LD_APP, "Got a resolved cell with only private addresses; "
1257  "dropping it.");
1258  connection_ap_handshake_socks_resolved(entry_conn,
1259  RESOLVED_TYPE_ERROR_TRANSIENT,
1260  0, NULL, 0, TIME_MAX);
1261  connection_mark_unattached_ap(entry_conn,
1262  END_STREAM_REASON_TORPROTOCOL);
1263  goto done;
1264  }
1265  }
1266 
1267  /* This is valid data at this point. Count it */
1268  if (conn->on_circuit && CIRCUIT_IS_ORIGIN(conn->on_circuit)) {
1270  rh->length);
1271  }
1272 
1274  errcode,
1275  resolved_addresses);
1276 
1277  connection_mark_unattached_ap(entry_conn,
1278  END_STREAM_REASON_DONE |
1280 
1281  done:
1282  SMARTLIST_FOREACH(resolved_addresses, address_ttl_t *, addr,
1283  address_ttl_free(addr));
1284  smartlist_free(resolved_addresses);
1285  return 0;
1286 }
1287 
1295 static int
1297  relay_header_t *rh, cell_t *cell, circuit_t *circ,
1298  edge_connection_t *conn, crypt_path_t *layer_hint)
1299 {
1300  if (rh->command == RELAY_COMMAND_END) {
1301  if (CIRCUIT_IS_ORIGIN(circ) && conn->base_.type == CONN_TYPE_AP) {
1302  return connection_ap_process_end_not_open(rh, cell,
1303  TO_ORIGIN_CIRCUIT(circ),
1304  EDGE_TO_ENTRY_CONN(conn),
1305  layer_hint);
1306  } else {
1307  /* we just got an 'end', don't need to send one */
1308  conn->edge_has_sent_end = 1;
1309  conn->end_reason = *(cell->payload+RELAY_HEADER_SIZE) |
1311  connection_mark_for_close(TO_CONN(conn));
1312  return 0;
1313  }
1314  }
1315 
1316  if (conn->base_.type == CONN_TYPE_AP &&
1317  rh->command == RELAY_COMMAND_CONNECTED) {
1318  tor_addr_t addr;
1319  int ttl;
1320  entry_connection_t *entry_conn = EDGE_TO_ENTRY_CONN(conn);
1322  if (conn->base_.state != AP_CONN_STATE_CONNECT_WAIT) {
1323  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1324  "Got 'connected' while not in state connect_wait. Dropping.");
1325  return 0;
1326  }
1327  CONNECTION_AP_EXPECT_NONPENDING(entry_conn);
1328  conn->base_.state = AP_CONN_STATE_OPEN;
1329  log_info(LD_APP,"'connected' received for circid %u streamid %d "
1330  "after %d seconds.",
1331  (unsigned)circ->n_circ_id,
1332  rh->stream_id,
1333  (int)(time(NULL) - conn->base_.timestamp_last_read_allowed));
1334  if (connected_cell_parse(rh, cell, &addr, &ttl) < 0) {
1335  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1336  "Got a badly formatted connected cell. Closing.");
1337  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1338  connection_mark_unattached_ap(entry_conn, END_STREAM_REASON_TORPROTOCOL);
1339  return 0;
1340  }
1341  if (tor_addr_family(&addr) != AF_UNSPEC) {
1342  /* The family is not UNSPEC: so we were given an address in the
1343  * connected cell. (This is normal, except for BEGINDIR and onion
1344  * service streams.) */
1345  const sa_family_t family = tor_addr_family(&addr);
1346  if (tor_addr_is_null(&addr) ||
1347  (get_options()->ClientDNSRejectInternalAddresses &&
1348  tor_addr_is_internal(&addr, 0))) {
1349  log_info(LD_APP, "...but it claims the IP address was %s. Closing.",
1350  fmt_addr(&addr));
1351  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1352  connection_mark_unattached_ap(entry_conn,
1353  END_STREAM_REASON_TORPROTOCOL);
1354  return 0;
1355  }
1356 
1357  if ((family == AF_INET && ! entry_conn->entry_cfg.ipv4_traffic) ||
1358  (family == AF_INET6 && ! entry_conn->entry_cfg.ipv6_traffic)) {
1359  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1360  "Got a connected cell to %s with unsupported address family."
1361  " Closing.", fmt_addr(&addr));
1362  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1363  connection_mark_unattached_ap(entry_conn,
1364  END_STREAM_REASON_TORPROTOCOL);
1365  return 0;
1366  }
1367 
1368  client_dns_set_addressmap(entry_conn,
1369  entry_conn->socks_request->address, &addr,
1370  entry_conn->chosen_exit_name, ttl);
1371 
1372  remap_event_helper(entry_conn, &addr);
1373  }
1375  /* don't send a socks reply to transparent conns */
1376  tor_assert(entry_conn->socks_request != NULL);
1377  if (!entry_conn->socks_request->has_finished) {
1378  connection_ap_handshake_socks_reply(entry_conn, NULL, 0, 0);
1379  }
1380 
1381  /* Was it a linked dir conn? If so, a dir request just started to
1382  * fetch something; this could be a bootstrap status milestone. */
1383  log_debug(LD_APP, "considering");
1384  if (TO_CONN(conn)->linked_conn &&
1385  TO_CONN(conn)->linked_conn->type == CONN_TYPE_DIR) {
1386  connection_t *dirconn = TO_CONN(conn)->linked_conn;
1387  log_debug(LD_APP, "it is! %d", dirconn->purpose);
1388  switch (dirconn->purpose) {
1391  control_event_bootstrap(BOOTSTRAP_STATUS_LOADING_KEYS, 0);
1392  break;
1394  control_event_bootstrap(BOOTSTRAP_STATUS_LOADING_STATUS, 0);
1395  break;
1398  if (TO_DIR_CONN(dirconn)->router_purpose == ROUTER_PURPOSE_GENERAL)
1399  control_event_boot_dir(BOOTSTRAP_STATUS_LOADING_DESCRIPTORS,
1401  break;
1402  }
1403  }
1404  /* This is definitely a success, so forget about any pending data we
1405  * had sent. */
1406  if (entry_conn->pending_optimistic_data) {
1407  buf_free(entry_conn->pending_optimistic_data);
1408  entry_conn->pending_optimistic_data = NULL;
1409  }
1410 
1411  /* This is valid data at this point. Count it */
1413 
1414  /* handle anything that might have queued */
1415  if (connection_edge_package_raw_inbuf(conn, 1, NULL) < 0) {
1416  /* (We already sent an end cell if possible) */
1417  connection_mark_for_close(TO_CONN(conn));
1418  return 0;
1419  }
1420  return 0;
1421  }
1422  if (conn->base_.type == CONN_TYPE_AP &&
1423  rh->command == RELAY_COMMAND_RESOLVED) {
1424  return connection_edge_process_resolved_cell(conn, cell, rh);
1425  }
1426 
1427  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1428  "Got an unexpected relay command %d, in state %d (%s). Dropping.",
1429  rh->command, conn->base_.state,
1430  conn_state_to_string(conn->base_.type, conn->base_.state));
1431  return 0; /* for forward compatibility, don't kill the circuit */
1432 // connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1433 // connection_mark_for_close(conn);
1434 // return -1;
1435 }
1436 
1446 STATIC int
1448  edge_connection_t *conn,
1449  crypt_path_t *layer_hint)
1450 {
1451  static int num_seen=0;
1452  relay_header_t rh;
1453  unsigned domain = layer_hint?LD_APP:LD_EXIT;
1454  int reason;
1455  int optimistic_data = 0; /* Set to 1 if we receive data on a stream
1456  * that's in the EXIT_CONN_STATE_RESOLVING
1457  * or EXIT_CONN_STATE_CONNECTING states. */
1458 
1459  tor_assert(cell);
1460  tor_assert(circ);
1461 
1462  relay_header_unpack(&rh, cell->payload);
1463 // log_fn(LOG_DEBUG,"command %d stream %d", rh.command, rh.stream_id);
1464  num_seen++;
1465  log_debug(domain, "Now seen %d relay cells here (command %d, stream %d).",
1466  num_seen, rh.command, rh.stream_id);
1467 
1468  if (rh.length > RELAY_PAYLOAD_SIZE) {
1469  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1470  "Relay cell length field too long. Closing circuit.");
1471  return - END_CIRC_REASON_TORPROTOCOL;
1472  }
1473 
1474  if (rh.stream_id == 0) {
1475  switch (rh.command) {
1476  case RELAY_COMMAND_BEGIN:
1477  case RELAY_COMMAND_CONNECTED:
1478  case RELAY_COMMAND_END:
1479  case RELAY_COMMAND_RESOLVE:
1480  case RELAY_COMMAND_RESOLVED:
1481  case RELAY_COMMAND_BEGIN_DIR:
1482  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Relay command %d with zero "
1483  "stream_id. Dropping.", (int)rh.command);
1484  return 0;
1485  default:
1486  ;
1487  }
1488  }
1489 
1490  /* Tell circpad that we've recieved a recognized cell */
1492 
1493  /* either conn is NULL, in which case we've got a control cell, or else
1494  * conn points to the recognized stream. */
1495  if (conn && !connection_state_is_open(TO_CONN(conn))) {
1496  if (conn->base_.type == CONN_TYPE_EXIT &&
1497  (conn->base_.state == EXIT_CONN_STATE_CONNECTING ||
1498  conn->base_.state == EXIT_CONN_STATE_RESOLVING) &&
1499  rh.command == RELAY_COMMAND_DATA) {
1500  /* Allow DATA cells to be delivered to an exit node in state
1501  * EXIT_CONN_STATE_CONNECTING or EXIT_CONN_STATE_RESOLVING.
1502  * This speeds up HTTP, for example. */
1503  optimistic_data = 1;
1504  } else if (rh.stream_id == 0 && rh.command == RELAY_COMMAND_DATA) {
1505  log_warn(LD_BUG, "Somehow I had a connection that matched a "
1506  "data cell with stream ID 0.");
1507  } else {
1509  &rh, cell, circ, conn, layer_hint);
1510  }
1511  }
1512 
1513  switch (rh.command) {
1514  case RELAY_COMMAND_DROP:
1515  /* Already examined in circpad_deliver_recognized_relay_cell_events */
1516  return 0;
1517  case RELAY_COMMAND_PADDING_NEGOTIATE:
1519  return 0;
1520  case RELAY_COMMAND_PADDING_NEGOTIATED:
1521  if (circpad_handle_padding_negotiated(circ, cell, layer_hint) == 0)
1523  return 0;
1524  case RELAY_COMMAND_BEGIN:
1525  case RELAY_COMMAND_BEGIN_DIR:
1526  if (layer_hint &&
1528  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1529  "Relay begin request unsupported at AP. Dropping.");
1530  return 0;
1531  }
1532  if (circ->purpose == CIRCUIT_PURPOSE_S_REND_JOINED &&
1533  layer_hint != TO_ORIGIN_CIRCUIT(circ)->cpath->prev) {
1534  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1535  "Relay begin request to Hidden Service "
1536  "from intermediary node. Dropping.");
1537  return 0;
1538  }
1539  if (conn) {
1540  log_fn(LOG_PROTOCOL_WARN, domain,
1541  "Begin cell for known stream. Dropping.");
1542  return 0;
1543  }
1544  if (rh.command == RELAY_COMMAND_BEGIN_DIR &&
1546  /* Assign this circuit and its app-ward OR connection a unique ID,
1547  * so that we can measure download times. The local edge and dir
1548  * connection will be assigned the same ID when they are created
1549  * and linked. */
1550  static uint64_t next_id = 0;
1551  circ->dirreq_id = ++next_id;
1552  TO_OR_CIRCUIT(circ)->p_chan->dirreq_id = circ->dirreq_id;
1553  }
1554  return connection_exit_begin_conn(cell, circ);
1555  case RELAY_COMMAND_DATA:
1557  if (( layer_hint && --layer_hint->deliver_window < 0) ||
1558  (!layer_hint && --circ->deliver_window < 0)) {
1559  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1560  "(relay data) circ deliver_window below 0. Killing.");
1561  if (conn) {
1562  /* XXXX Do we actually need to do this? Will killing the circuit
1563  * not send an END and mark the stream for close as appropriate? */
1564  connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL);
1565  connection_mark_for_close(TO_CONN(conn));
1566  }
1567  return -END_CIRC_REASON_TORPROTOCOL;
1568  }
1569  log_debug(domain,"circ deliver_window now %d.", layer_hint ?
1570  layer_hint->deliver_window : circ->deliver_window);
1571 
1572  circuit_consider_sending_sendme(circ, layer_hint);
1573 
1574  if (rh.stream_id == 0) {
1575  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Relay data cell with zero "
1576  "stream_id. Dropping.");
1577  return 0;
1578  } else if (!conn) {
1579  if (CIRCUIT_IS_ORIGIN(circ)) {
1580  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1582  rh.stream_id)) {
1583  circuit_read_valid_data(ocirc, rh.length);
1584  log_info(domain,
1585  "data cell on circ %u valid on half-closed "
1586  "stream id %d", ocirc->global_identifier, rh.stream_id);
1587  }
1588  }
1589 
1590  log_info(domain,"data cell dropped, unknown stream (streamid %d).",
1591  rh.stream_id);
1592  return 0;
1593  }
1594 
1595  if (--conn->deliver_window < 0) { /* is it below 0 after decrement? */
1596  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1597  "(relay data) conn deliver_window below 0. Killing.");
1598  return -END_CIRC_REASON_TORPROTOCOL;
1599  }
1600  /* Total all valid application bytes delivered */
1601  if (CIRCUIT_IS_ORIGIN(circ) && rh.length > 0) {
1603  }
1604 
1606  connection_buf_add((char*)(cell->payload + RELAY_HEADER_SIZE),
1607  rh.length, TO_CONN(conn));
1608 
1609 #ifdef MEASUREMENTS_21206
1610  /* Count number of RELAY_DATA cells received on a linked directory
1611  * connection. */
1612  connection_t *linked_conn = TO_CONN(conn)->linked_conn;
1613 
1614  if (linked_conn && linked_conn->type == CONN_TYPE_DIR) {
1615  ++(TO_DIR_CONN(linked_conn)->data_cells_received);
1616  }
1617 #endif /* defined(MEASUREMENTS_21206) */
1618 
1619  if (!optimistic_data) {
1620  /* Only send a SENDME if we're not getting optimistic data; otherwise
1621  * a SENDME could arrive before the CONNECTED.
1622  */
1624  }
1625 
1626  return 0;
1627  case RELAY_COMMAND_END:
1628  reason = rh.length > 0 ?
1629  get_uint8(cell->payload+RELAY_HEADER_SIZE) : END_STREAM_REASON_MISC;
1630  if (!conn) {
1631  if (CIRCUIT_IS_ORIGIN(circ)) {
1632  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1634  rh.stream_id)) {
1635 
1636  circuit_read_valid_data(ocirc, rh.length);
1637  log_info(domain,
1638  "end cell (%s) on circ %u valid on half-closed "
1639  "stream id %d",
1641  ocirc->global_identifier, rh.stream_id);
1642  return 0;
1643  }
1644  }
1645  log_info(domain,"end cell (%s) dropped, unknown stream.",
1646  stream_end_reason_to_string(reason));
1647  return 0;
1648  }
1649 /* XXX add to this log_fn the exit node's nickname? */
1650  log_info(domain,TOR_SOCKET_T_FORMAT": end cell (%s) for stream %d. "
1651  "Removing stream.",
1652  conn->base_.s,
1654  conn->stream_id);
1655  if (conn->base_.type == CONN_TYPE_AP) {
1656  entry_connection_t *entry_conn = EDGE_TO_ENTRY_CONN(conn);
1657  if (entry_conn->socks_request &&
1658  !entry_conn->socks_request->has_finished)
1659  log_warn(LD_BUG,
1660  "open stream hasn't sent socks answer yet? Closing.");
1661  }
1662  /* We just *got* an end; no reason to send one. */
1663  conn->edge_has_sent_end = 1;
1664  if (!conn->end_reason)
1665  conn->end_reason = reason | END_STREAM_REASON_FLAG_REMOTE;
1666  if (!conn->base_.marked_for_close) {
1667  /* only mark it if not already marked. it's possible to
1668  * get the 'end' right around when the client hangs up on us. */
1669  connection_mark_and_flush(TO_CONN(conn));
1670 
1671  /* Total all valid application bytes delivered */
1672  if (CIRCUIT_IS_ORIGIN(circ)) {
1674  }
1675  }
1676  return 0;
1677  case RELAY_COMMAND_EXTEND:
1678  case RELAY_COMMAND_EXTEND2: {
1679  static uint64_t total_n_extend=0, total_nonearly=0;
1680  total_n_extend++;
1681  if (rh.stream_id) {
1682  log_fn(LOG_PROTOCOL_WARN, domain,
1683  "'extend' cell received for non-zero stream. Dropping.");
1684  return 0;
1685  }
1686  if (cell->command != CELL_RELAY_EARLY &&
1687  !networkstatus_get_param(NULL,"AllowNonearlyExtend",0,0,1)) {
1688 #define EARLY_WARNING_INTERVAL 3600
1689  static ratelim_t early_warning_limit =
1690  RATELIM_INIT(EARLY_WARNING_INTERVAL);
1691  char *m;
1692  if (cell->command == CELL_RELAY) {
1693  ++total_nonearly;
1694  if ((m = rate_limit_log(&early_warning_limit, approx_time()))) {
1695  double percentage = ((double)total_nonearly)/total_n_extend;
1696  percentage *= 100;
1697  log_fn(LOG_PROTOCOL_WARN, domain, "EXTEND cell received, "
1698  "but not via RELAY_EARLY. Dropping.%s", m);
1699  log_fn(LOG_PROTOCOL_WARN, domain, " (We have dropped %.02f%% of "
1700  "all EXTEND cells for this reason)", percentage);
1701  tor_free(m);
1702  }
1703  } else {
1704  log_fn(LOG_WARN, domain,
1705  "EXTEND cell received, in a cell with type %d! Dropping.",
1706  cell->command);
1707  }
1708  return 0;
1709  }
1710  return circuit_extend(cell, circ);
1711  }
1712  case RELAY_COMMAND_EXTENDED:
1713  case RELAY_COMMAND_EXTENDED2:
1714  if (!layer_hint) {
1715  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1716  "'extended' unsupported at non-origin. Dropping.");
1717  return 0;
1718  }
1719  log_debug(domain,"Got an extended cell! Yay.");
1720  {
1721  extended_cell_t extended_cell;
1722  if (extended_cell_parse(&extended_cell, rh.command,
1723  (const uint8_t*)cell->payload+RELAY_HEADER_SIZE,
1724  rh.length)<0) {
1725  log_warn(LD_PROTOCOL,
1726  "Can't parse EXTENDED cell; killing circuit.");
1727  return -END_CIRC_REASON_TORPROTOCOL;
1728  }
1729  if ((reason = circuit_finish_handshake(TO_ORIGIN_CIRCUIT(circ),
1730  &extended_cell.created_cell)) < 0) {
1731  circuit_mark_for_close(circ, -reason);
1732  return 0; /* We don't want to cause a warning, so we mark the circuit
1733  * here. */
1734  }
1735  }
1736  if ((reason=circuit_send_next_onion_skin(TO_ORIGIN_CIRCUIT(circ)))<0) {
1737  log_info(domain,"circuit_send_next_onion_skin() failed.");
1738  return reason;
1739  }
1740  /* Total all valid bytes delivered. */
1741  if (CIRCUIT_IS_ORIGIN(circ)) {
1743  }
1744  return 0;
1745  case RELAY_COMMAND_TRUNCATE:
1746  if (layer_hint) {
1747  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1748  "'truncate' unsupported at origin. Dropping.");
1749  return 0;
1750  }
1751  if (circ->n_hop) {
1752  if (circ->n_chan)
1753  log_warn(LD_BUG, "n_chan and n_hop set on the same circuit!");
1754  extend_info_free(circ->n_hop);
1755  circ->n_hop = NULL;
1758  }
1759  if (circ->n_chan) {
1760  uint8_t trunc_reason = get_uint8(cell->payload + RELAY_HEADER_SIZE);
1761  circuit_synchronize_written_or_bandwidth(circ, CIRCUIT_N_CHAN);
1762  circuit_clear_cell_queue(circ, circ->n_chan);
1763  channel_send_destroy(circ->n_circ_id, circ->n_chan,
1764  trunc_reason);
1765  circuit_set_n_circid_chan(circ, 0, NULL);
1766  }
1767  log_debug(LD_EXIT, "Processed 'truncate', replying.");
1768  {
1769  char payload[1];
1770  payload[0] = (char)END_CIRC_REASON_REQUESTED;
1771  relay_send_command_from_edge(0, circ, RELAY_COMMAND_TRUNCATED,
1772  payload, sizeof(payload), NULL);
1773  }
1774  return 0;
1775  case RELAY_COMMAND_TRUNCATED:
1776  if (!layer_hint) {
1777  log_fn(LOG_PROTOCOL_WARN, LD_EXIT,
1778  "'truncated' unsupported at non-origin. Dropping.");
1779  return 0;
1780  }
1781 
1782  /* Count the truncated as valid, for completeness. The
1783  * circuit is being torn down anyway, though. */
1784  if (CIRCUIT_IS_ORIGIN(circ)) {
1786  rh.length);
1787  }
1789  get_uint8(cell->payload + RELAY_HEADER_SIZE));
1790  return 0;
1791  case RELAY_COMMAND_CONNECTED:
1792  if (conn) {
1793  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1794  "'connected' unsupported while open. Closing circ.");
1795  return -END_CIRC_REASON_TORPROTOCOL;
1796  }
1797 
1798  if (CIRCUIT_IS_ORIGIN(circ)) {
1799  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1801  rh.stream_id)) {
1802  circuit_read_valid_data(ocirc, rh.length);
1803  log_info(domain,
1804  "connected cell on circ %u valid on half-closed "
1805  "stream id %d", ocirc->global_identifier, rh.stream_id);
1806  return 0;
1807  }
1808  }
1809 
1810  log_info(domain,
1811  "'connected' received on circid %u for streamid %d, "
1812  "no conn attached anymore. Ignoring.",
1813  (unsigned)circ->n_circ_id, rh.stream_id);
1814  return 0;
1815  case RELAY_COMMAND_SENDME:
1816  if (!rh.stream_id) {
1817  if (layer_hint) {
1818  if (layer_hint->package_window + CIRCWINDOW_INCREMENT >
1819  CIRCWINDOW_START_MAX) {
1820  static struct ratelim_t exit_warn_ratelim = RATELIM_INIT(600);
1821  log_fn_ratelim(&exit_warn_ratelim, LOG_WARN, LD_PROTOCOL,
1822  "Unexpected sendme cell from exit relay. "
1823  "Closing circ.");
1824  return -END_CIRC_REASON_TORPROTOCOL;
1825  }
1826  layer_hint->package_window += CIRCWINDOW_INCREMENT;
1827  log_debug(LD_APP,"circ-level sendme at origin, packagewindow %d.",
1828  layer_hint->package_window);
1829  circuit_resume_edge_reading(circ, layer_hint);
1830 
1831  /* We count circuit-level sendme's as valid delivered data because
1832  * they are rate limited.
1833  */
1834  if (CIRCUIT_IS_ORIGIN(circ)) {
1836  rh.length);
1837  }
1838 
1839  } else {
1840  if (circ->package_window + CIRCWINDOW_INCREMENT >
1841  CIRCWINDOW_START_MAX) {
1842  static struct ratelim_t client_warn_ratelim = RATELIM_INIT(600);
1843  log_fn_ratelim(&client_warn_ratelim,LOG_PROTOCOL_WARN, LD_PROTOCOL,
1844  "Unexpected sendme cell from client. "
1845  "Closing circ (window %d).",
1846  circ->package_window);
1847  return -END_CIRC_REASON_TORPROTOCOL;
1848  }
1850  log_debug(LD_APP,
1851  "circ-level sendme at non-origin, packagewindow %d.",
1852  circ->package_window);
1853  circuit_resume_edge_reading(circ, layer_hint);
1854  }
1855  return 0;
1856  }
1857  if (!conn) {
1858  if (CIRCUIT_IS_ORIGIN(circ)) {
1859  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1861  rh.stream_id)) {
1862  circuit_read_valid_data(ocirc, rh.length);
1863  log_info(domain,
1864  "sendme cell on circ %u valid on half-closed "
1865  "stream id %d", ocirc->global_identifier, rh.stream_id);
1866  }
1867  }
1868 
1869  log_info(domain,"sendme cell dropped, unknown stream (streamid %d).",
1870  rh.stream_id);
1871  return 0;
1872  }
1873 
1874  /* Don't allow the other endpoint to request more than our maximum
1875  * (i.e. initial) stream SENDME window worth of data. Well-behaved
1876  * stock clients will not request more than this max (as per the check
1877  * in the while loop of connection_edge_consider_sending_sendme()).
1878  */
1880  STREAMWINDOW_START_MAX) {
1881  static struct ratelim_t stream_warn_ratelim = RATELIM_INIT(600);
1882  log_fn_ratelim(&stream_warn_ratelim, LOG_PROTOCOL_WARN, LD_PROTOCOL,
1883  "Unexpected stream sendme cell. Closing circ (window %d).",
1884  conn->package_window);
1885  return -END_CIRC_REASON_TORPROTOCOL;
1886  }
1887 
1888  /* At this point, the stream sendme is valid */
1889  if (CIRCUIT_IS_ORIGIN(circ)) {
1891  rh.length);
1892  }
1893 
1895  log_debug(domain,"stream-level sendme, packagewindow now %d.",
1896  conn->package_window);
1898  /* Still waiting for queue to flush; don't touch conn */
1899  return 0;
1900  }
1901  connection_start_reading(TO_CONN(conn));
1902  /* handle whatever might still be on the inbuf */
1903  if (connection_edge_package_raw_inbuf(conn, 1, NULL) < 0) {
1904  /* (We already sent an end cell if possible) */
1905  connection_mark_for_close(TO_CONN(conn));
1906  return 0;
1907  }
1908  return 0;
1909  case RELAY_COMMAND_RESOLVE:
1910  if (layer_hint) {
1911  log_fn(LOG_PROTOCOL_WARN, LD_APP,
1912  "resolve request unsupported at AP; dropping.");
1913  return 0;
1914  } else if (conn) {
1915  log_fn(LOG_PROTOCOL_WARN, domain,
1916  "resolve request for known stream; dropping.");
1917  return 0;
1918  } else if (circ->purpose != CIRCUIT_PURPOSE_OR) {
1919  log_fn(LOG_PROTOCOL_WARN, domain,
1920  "resolve request on circ with purpose %d; dropping",
1921  circ->purpose);
1922  return 0;
1923  }
1925  return 0;
1926  case RELAY_COMMAND_RESOLVED:
1927  if (conn) {
1928  log_fn(LOG_PROTOCOL_WARN, domain,
1929  "'resolved' unsupported while open. Closing circ.");
1930  return -END_CIRC_REASON_TORPROTOCOL;
1931  }
1932 
1933  if (CIRCUIT_IS_ORIGIN(circ)) {
1934  origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
1936  rh.stream_id)) {
1937  circuit_read_valid_data(ocirc, rh.length);
1938  log_info(domain,
1939  "resolved cell on circ %u valid on half-closed "
1940  "stream id %d", ocirc->global_identifier, rh.stream_id);
1941  return 0;
1942  }
1943  }
1944 
1945  log_info(domain,
1946  "'resolved' received, no conn attached anymore. Ignoring.");
1947  return 0;
1948  case RELAY_COMMAND_ESTABLISH_INTRO:
1949  case RELAY_COMMAND_ESTABLISH_RENDEZVOUS:
1950  case RELAY_COMMAND_INTRODUCE1:
1951  case RELAY_COMMAND_INTRODUCE2:
1952  case RELAY_COMMAND_INTRODUCE_ACK:
1953  case RELAY_COMMAND_RENDEZVOUS1:
1954  case RELAY_COMMAND_RENDEZVOUS2:
1955  case RELAY_COMMAND_INTRO_ESTABLISHED:
1956  case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
1957  rend_process_relay_cell(circ, layer_hint,
1958  rh.command, rh.length,
1959  cell->payload+RELAY_HEADER_SIZE);
1960  return 0;
1961  }
1962  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
1963  "Received unknown relay command %d. Perhaps the other side is using "
1964  "a newer version of Tor? Dropping.",
1965  rh.command);
1966  return 0; /* for forward compatibility, don't kill the circuit */
1967 }
1968 
1981 
1992 int
1994  int *max_cells)
1995 {
1996  size_t bytes_to_process, length;
1997  char payload[CELL_PAYLOAD_SIZE];
1998  circuit_t *circ;
1999  const unsigned domain = conn->base_.type == CONN_TYPE_AP ? LD_APP : LD_EXIT;
2000  int sending_from_optimistic = 0;
2001  entry_connection_t *entry_conn =
2002  conn->base_.type == CONN_TYPE_AP ? EDGE_TO_ENTRY_CONN(conn) : NULL;
2003  const int sending_optimistically =
2004  entry_conn &&
2005  conn->base_.type == CONN_TYPE_AP &&
2006  conn->base_.state != AP_CONN_STATE_OPEN;
2007  crypt_path_t *cpath_layer = conn->cpath_layer;
2008 
2009  tor_assert(conn);
2010 
2011  if (conn->base_.marked_for_close) {
2012  log_warn(LD_BUG,
2013  "called on conn that's already marked for close at %s:%d.",
2014  conn->base_.marked_for_close_file, conn->base_.marked_for_close);
2015  return 0;
2016  }
2017 
2018  if (max_cells && *max_cells <= 0)
2019  return 0;
2020 
2021  repeat_connection_edge_package_raw_inbuf:
2022 
2023  circ = circuit_get_by_edge_conn(conn);
2024  if (!circ) {
2025  log_info(domain,"conn has no circuit! Closing.");
2027  return -1;
2028  }
2029 
2030  if (circuit_consider_stop_edge_reading(circ, cpath_layer))
2031  return 0;
2032 
2033  if (conn->package_window <= 0) {
2034  log_info(domain,"called with package_window %d. Skipping.",
2035  conn->package_window);
2036  connection_stop_reading(TO_CONN(conn));
2037  return 0;
2038  }
2039 
2040  sending_from_optimistic = entry_conn &&
2041  entry_conn->sending_optimistic_data != NULL;
2042 
2043  if (PREDICT_UNLIKELY(sending_from_optimistic)) {
2044  bytes_to_process = buf_datalen(entry_conn->sending_optimistic_data);
2045  if (PREDICT_UNLIKELY(!bytes_to_process)) {
2046  log_warn(LD_BUG, "sending_optimistic_data was non-NULL but empty");
2047  bytes_to_process = connection_get_inbuf_len(TO_CONN(conn));
2048  sending_from_optimistic = 0;
2049  }
2050  } else {
2051  bytes_to_process = connection_get_inbuf_len(TO_CONN(conn));
2052  }
2053 
2054  if (!bytes_to_process)
2055  return 0;
2056 
2057  if (!package_partial && bytes_to_process < RELAY_PAYLOAD_SIZE)
2058  return 0;
2059 
2060  if (bytes_to_process > RELAY_PAYLOAD_SIZE) {
2061  length = RELAY_PAYLOAD_SIZE;
2062  } else {
2063  length = bytes_to_process;
2064  }
2065  stats_n_data_bytes_packaged += length;
2067 
2068  if (PREDICT_UNLIKELY(sending_from_optimistic)) {
2069  /* XXXX We could be more efficient here by sometimes packing
2070  * previously-sent optimistic data in the same cell with data
2071  * from the inbuf. */
2072  buf_get_bytes(entry_conn->sending_optimistic_data, payload, length);
2073  if (!buf_datalen(entry_conn->sending_optimistic_data)) {
2074  buf_free(entry_conn->sending_optimistic_data);
2075  entry_conn->sending_optimistic_data = NULL;
2076  }
2077  } else {
2078  connection_buf_get_bytes(payload, length, TO_CONN(conn));
2079  }
2080 
2081  log_debug(domain,TOR_SOCKET_T_FORMAT": Packaging %d bytes (%d waiting).",
2082  conn->base_.s,
2083  (int)length, (int)connection_get_inbuf_len(TO_CONN(conn)));
2084 
2085  if (sending_optimistically && !sending_from_optimistic) {
2086  /* This is new optimistic data; remember it in case we need to detach and
2087  retry */
2088  if (!entry_conn->pending_optimistic_data)
2089  entry_conn->pending_optimistic_data = buf_new();
2090  buf_add(entry_conn->pending_optimistic_data, payload, length);
2091  }
2092 
2093  if (connection_edge_send_command(conn, RELAY_COMMAND_DATA,
2094  payload, length) < 0 ) {
2095  /* circuit got marked for close, don't continue, don't need to mark conn */
2096  return 0;
2097  }
2098 
2099  if (!cpath_layer) { /* non-rendezvous exit */
2100  tor_assert(circ->package_window > 0);
2101  circ->package_window--;
2102  } else { /* we're an AP, or an exit on a rendezvous circ */
2103  tor_assert(cpath_layer->package_window > 0);
2104  cpath_layer->package_window--;
2105  }
2106 
2107  if (--conn->package_window <= 0) { /* is it 0 after decrement? */
2108  connection_stop_reading(TO_CONN(conn));
2109  log_debug(domain,"conn->package_window reached 0.");
2110  circuit_consider_stop_edge_reading(circ, cpath_layer);
2111  return 0; /* don't process the inbuf any more */
2112  }
2113  log_debug(domain,"conn->package_window is now %d",conn->package_window);
2114 
2115  if (max_cells) {
2116  *max_cells -= 1;
2117  if (*max_cells <= 0)
2118  return 0;
2119  }
2120 
2121  /* handle more if there's more, or return 0 if there isn't */
2122  goto repeat_connection_edge_package_raw_inbuf;
2123 }
2124 
2132 void
2134 {
2135  circuit_t *circ;
2136 
2138  return;
2139 
2140  circ = circuit_get_by_edge_conn(conn);
2141  if (!circ) {
2142  /* this can legitimately happen if the destroy has already
2143  * arrived and torn down the circuit */
2144  log_info(LD_APP,"No circuit associated with conn. Skipping.");
2145  return;
2146  }
2147 
2149  log_debug(conn->base_.type == CONN_TYPE_AP ?LD_APP:LD_EXIT,
2150  "Outbuf %d, Queuing stream sendme.",
2151  (int)conn->base_.outbuf_flushlen);
2153  if (connection_edge_send_command(conn, RELAY_COMMAND_SENDME,
2154  NULL, 0) < 0) {
2155  log_warn(LD_APP,"connection_edge_send_command failed. Skipping.");
2156  return; /* the circuit's closed, don't continue */
2157  }
2158  }
2159 }
2160 
2166 static void
2168 {
2170  log_debug(layer_hint?LD_APP:LD_EXIT,"Too big queue, no resuming");
2171  return;
2172  }
2173  log_debug(layer_hint?LD_APP:LD_EXIT,"resuming");
2174 
2175  if (CIRCUIT_IS_ORIGIN(circ))
2177  circ, layer_hint);
2178  else
2180  circ, layer_hint);
2181 }
2182 
2183 void
2184 stream_choice_seed_weak_rng(void)
2185 {
2187 }
2188 
2193 static int
2195  circuit_t *circ,
2196  crypt_path_t *layer_hint)
2197 {
2198  edge_connection_t *conn;
2199  int n_packaging_streams, n_streams_left;
2200  int packaged_this_round;
2201  int cells_on_queue;
2202  int cells_per_conn;
2203  edge_connection_t *chosen_stream = NULL;
2204  int max_to_package;
2205 
2206  if (first_conn == NULL) {
2207  /* Don't bother to try to do the rest of this if there are no connections
2208  * to resume. */
2209  return 0;
2210  }
2211 
2212  /* How many cells do we have space for? It will be the minimum of
2213  * the number needed to exhaust the package window, and the minimum
2214  * needed to fill the cell queue. */
2215  max_to_package = circ->package_window;
2216  if (CIRCUIT_IS_ORIGIN(circ)) {
2217  cells_on_queue = circ->n_chan_cells.n;
2218  } else {
2219  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
2220  cells_on_queue = or_circ->p_chan_cells.n;
2221  }
2222  if (CELL_QUEUE_HIGHWATER_SIZE - cells_on_queue < max_to_package)
2223  max_to_package = CELL_QUEUE_HIGHWATER_SIZE - cells_on_queue;
2224 
2225  /* Once we used to start listening on the streams in the order they
2226  * appeared in the linked list. That leads to starvation on the
2227  * streams that appeared later on the list, since the first streams
2228  * would always get to read first. Instead, we just pick a random
2229  * stream on the list, and enable reading for streams starting at that
2230  * point (and wrapping around as if the list were circular). It would
2231  * probably be better to actually remember which streams we've
2232  * serviced in the past, but this is simple and effective. */
2233 
2234  /* Select a stream uniformly at random from the linked list. We
2235  * don't need cryptographic randomness here. */
2236  {
2237  int num_streams = 0;
2238  for (conn = first_conn; conn; conn = conn->next_stream) {
2239  num_streams++;
2240  if (tor_weak_random_one_in_n(&stream_choice_rng, num_streams)) {
2241  chosen_stream = conn;
2242  }
2243  /* Invariant: chosen_stream has been chosen uniformly at random from
2244  * among the first num_streams streams on first_conn.
2245  *
2246  * (Note that we iterate over every stream on the circuit, so that after
2247  * we've considered the first stream, we've chosen it with P=1; and
2248  * after we consider the second stream, we've switched to it with P=1/2
2249  * and stayed with the first stream with P=1/2; and after we've
2250  * considered the third stream, we've switched to it with P=1/3 and
2251  * remained with one of the first two streams with P=(2/3), giving each
2252  * one P=(1/2)(2/3) )=(1/3).) */
2253  }
2254  }
2255 
2256  /* Count how many non-marked streams there are that have anything on
2257  * their inbuf, and enable reading on all of the connections. */
2258  n_packaging_streams = 0;
2259  /* Activate reading starting from the chosen stream */
2260  for (conn=chosen_stream; conn; conn = conn->next_stream) {
2261  /* Start reading for the streams starting from here */
2262  if (conn->base_.marked_for_close || conn->package_window <= 0)
2263  continue;
2264  if (!layer_hint || conn->cpath_layer == layer_hint) {
2265  connection_start_reading(TO_CONN(conn));
2266 
2267  if (connection_get_inbuf_len(TO_CONN(conn)) > 0)
2268  ++n_packaging_streams;
2269  }
2270  }
2271  /* Go back and do the ones we skipped, circular-style */
2272  for (conn = first_conn; conn != chosen_stream; conn = conn->next_stream) {
2273  if (conn->base_.marked_for_close || conn->package_window <= 0)
2274  continue;
2275  if (!layer_hint || conn->cpath_layer == layer_hint) {
2276  connection_start_reading(TO_CONN(conn));
2277 
2278  if (connection_get_inbuf_len(TO_CONN(conn)) > 0)
2279  ++n_packaging_streams;
2280  }
2281  }
2282 
2283  if (n_packaging_streams == 0) /* avoid divide-by-zero */
2284  return 0;
2285 
2286  again:
2287 
2288  cells_per_conn = CEIL_DIV(max_to_package, n_packaging_streams);
2289 
2290  packaged_this_round = 0;
2291  n_streams_left = 0;
2292 
2293  /* Iterate over all connections. Package up to cells_per_conn cells on
2294  * each. Update packaged_this_round with the total number of cells
2295  * packaged, and n_streams_left with the number that still have data to
2296  * package.
2297  */
2298  for (conn=first_conn; conn; conn=conn->next_stream) {
2299  if (conn->base_.marked_for_close || conn->package_window <= 0)
2300  continue;
2301  if (!layer_hint || conn->cpath_layer == layer_hint) {
2302  int n = cells_per_conn, r;
2303  /* handle whatever might still be on the inbuf */
2304  r = connection_edge_package_raw_inbuf(conn, 1, &n);
2305 
2306  /* Note how many we packaged */
2307  packaged_this_round += (cells_per_conn-n);
2308 
2309  if (r<0) {
2310  /* Problem while packaging. (We already sent an end cell if
2311  * possible) */
2312  connection_mark_for_close(TO_CONN(conn));
2313  continue;
2314  }
2315 
2316  /* If there's still data to read, we'll be coming back to this stream. */
2317  if (connection_get_inbuf_len(TO_CONN(conn)))
2318  ++n_streams_left;
2319 
2320  /* If the circuit won't accept any more data, return without looking
2321  * at any more of the streams. Any connections that should be stopped
2322  * have already been stopped by connection_edge_package_raw_inbuf. */
2323  if (circuit_consider_stop_edge_reading(circ, layer_hint))
2324  return -1;
2325  /* XXXX should we also stop immediately if we fill up the cell queue?
2326  * Probably. */
2327  }
2328  }
2329 
2330  /* If we made progress, and we are willing to package more, and there are
2331  * any streams left that want to package stuff... try again!
2332  */
2333  if (packaged_this_round && packaged_this_round < max_to_package &&
2334  n_streams_left) {
2335  max_to_package -= packaged_this_round;
2336  n_packaging_streams = n_streams_left;
2337  goto again;
2338  }
2339 
2340  return 0;
2341 }
2342 
2349 static int
2351 {
2352  edge_connection_t *conn = NULL;
2353  unsigned domain = layer_hint ? LD_APP : LD_EXIT;
2354 
2355  if (!layer_hint) {
2356  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
2357  log_debug(domain,"considering circ->package_window %d",
2358  circ->package_window);
2359  if (circ->package_window <= 0) {
2360  log_debug(domain,"yes, not-at-origin. stopped.");
2361  for (conn = or_circ->n_streams; conn; conn=conn->next_stream)
2362  connection_stop_reading(TO_CONN(conn));
2363  return 1;
2364  }
2365  return 0;
2366  }
2367  /* else, layer hint is defined, use it */
2368  log_debug(domain,"considering layer_hint->package_window %d",
2369  layer_hint->package_window);
2370  if (layer_hint->package_window <= 0) {
2371  log_debug(domain,"yes, at-origin. stopped.");
2372  for (conn = TO_ORIGIN_CIRCUIT(circ)->p_streams; conn;
2373  conn=conn->next_stream) {
2374  if (conn->cpath_layer == layer_hint)
2375  connection_stop_reading(TO_CONN(conn));
2376  }
2377  return 1;
2378  }
2379  return 0;
2380 }
2381 
2388 static void
2390 {
2391 // log_fn(LOG_INFO,"Considering: layer_hint is %s",
2392 // layer_hint ? "defined" : "null");
2393  while ((layer_hint ? layer_hint->deliver_window : circ->deliver_window) <=
2395  log_debug(LD_CIRC,"Queuing circuit sendme.");
2396  if (layer_hint)
2397  layer_hint->deliver_window += CIRCWINDOW_INCREMENT;
2398  else
2400  if (relay_send_command_from_edge(0, circ, RELAY_COMMAND_SENDME,
2401  NULL, 0, layer_hint) < 0) {
2402  log_warn(LD_CIRC,
2403  "relay_send_command_from_edge failed. Circuit's closed.");
2404  return; /* the circuit's closed, don't continue */
2405  }
2406  }
2407 }
2408 
2410 static size_t total_cells_allocated = 0;
2411 
2413 static inline void
2415 {
2417  tor_free(cell);
2418 }
2419 
2421 STATIC packed_cell_t *
2423 {
2425  return tor_malloc_zero(sizeof(packed_cell_t));
2426 }
2427 
2429 void
2431 {
2432  if (!cell)
2433  return;
2435 }
2436 
2439 void
2441 {
2442  int n_circs = 0;
2443  int n_cells = 0;
2444  SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, c) {
2445  n_cells += c->n_chan_cells.n;
2446  if (!CIRCUIT_IS_ORIGIN(c))
2447  n_cells += TO_OR_CIRCUIT(c)->p_chan_cells.n;
2448  ++n_circs;
2449  }
2450  SMARTLIST_FOREACH_END(c);
2451  tor_log(severity, LD_MM,
2452  "%d cells allocated on %d circuits. %d cells leaked.",
2453  n_cells, n_circs, (int)total_cells_allocated - n_cells);
2454 }
2455 
2457 static inline packed_cell_t *
2458 packed_cell_copy(const cell_t *cell, int wide_circ_ids)
2459 {
2461  cell_pack(c, cell, wide_circ_ids);
2462  return c;
2463 }
2464 
2466 void
2468 {
2469  TOR_SIMPLEQ_INSERT_TAIL(&queue->head, cell, next);
2470  ++queue->n;
2471 }
2472 
2477 void
2479  int exitward, const cell_t *cell,
2480  int wide_circ_ids, int use_stats)
2481 {
2482  packed_cell_t *copy = packed_cell_copy(cell, wide_circ_ids);
2483  (void)circ;
2484  (void)exitward;
2485  (void)use_stats;
2486 
2488 
2489  cell_queue_append(queue, copy);
2490 }
2491 
2493 void
2495 {
2496  memset(queue, 0, sizeof(cell_queue_t));
2497  TOR_SIMPLEQ_INIT(&queue->head);
2498 }
2499 
2501 void
2503 {
2504  packed_cell_t *cell;
2505  while ((cell = TOR_SIMPLEQ_FIRST(&queue->head))) {
2506  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2508  }
2509  TOR_SIMPLEQ_INIT(&queue->head);
2510  queue->n = 0;
2511 }
2512 
2515 STATIC packed_cell_t *
2517 {
2518  packed_cell_t *cell = TOR_SIMPLEQ_FIRST(&queue->head);
2519  if (!cell)
2520  return NULL;
2521  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2522  --queue->n;
2523  return cell;
2524 }
2525 
2527 void
2529 {
2530  memset(queue, 0, sizeof(destroy_cell_queue_t));
2531  TOR_SIMPLEQ_INIT(&queue->head);
2532 }
2533 
2535 void
2537 {
2538  destroy_cell_t *cell;
2539  while ((cell = TOR_SIMPLEQ_FIRST(&queue->head))) {
2540  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2541  tor_free(cell);
2542  }
2543  TOR_SIMPLEQ_INIT(&queue->head);
2544  queue->n = 0;
2545 }
2546 
2549 STATIC destroy_cell_t *
2551 {
2552  destroy_cell_t *cell = TOR_SIMPLEQ_FIRST(&queue->head);
2553  if (!cell)
2554  return NULL;
2555  TOR_SIMPLEQ_REMOVE_HEAD(&queue->head, next);
2556  --queue->n;
2557  return cell;
2558 }
2559 
2561 void
2563  circid_t circid,
2564  uint8_t reason)
2565 {
2566  destroy_cell_t *cell = tor_malloc_zero(sizeof(destroy_cell_t));
2567  cell->circid = circid;
2568  cell->reason = reason;
2569  /* Not yet used, but will be required for OOM handling. */
2571 
2572  TOR_SIMPLEQ_INSERT_TAIL(&queue->head, cell, next);
2573  ++queue->n;
2574 }
2575 
2577 static packed_cell_t *
2579 {
2580  packed_cell_t *packed = packed_cell_new();
2581  cell_t cell;
2582  memset(&cell, 0, sizeof(cell));
2583  cell.circ_id = inp->circid;
2584  cell.command = CELL_DESTROY;
2585  cell.payload[0] = inp->reason;
2586  cell_pack(packed, &cell, wide_circ_ids);
2587 
2588  tor_free(inp);
2589  return packed;
2590 }
2591 
2594 size_t
2596 {
2597  return sizeof(packed_cell_t);
2598 }
2599 
2600 /* DOCDOC */
2601 size_t
2602 cell_queues_get_total_allocation(void)
2603 {
2605 }
2606 
2608 #define MEMORY_PRESSURE_INTERVAL (30*60)
2609 
2612 
2615 STATIC int
2617 {
2618  time_t now = time(NULL);
2619  size_t alloc = cell_queues_get_total_allocation();
2621  alloc += buf_get_total_allocation();
2623  const size_t rend_cache_total = rend_cache_get_total_allocation();
2624  alloc += rend_cache_total;
2625  const size_t geoip_client_cache_total =
2626  geoip_client_cache_total_allocation();
2627  alloc += geoip_client_cache_total;
2628  const size_t dns_cache_total = dns_cache_total_allocation();
2629  alloc += dns_cache_total;
2630  if (alloc >= get_options()->MaxMemInQueues_low_threshold) {
2632  if (alloc >= get_options()->MaxMemInQueues) {
2633  /* If we're spending over 20% of the memory limit on hidden service
2634  * descriptors, free them until we're down to 10%. Do the same for geoip
2635  * client cache. */
2636  if (rend_cache_total > get_options()->MaxMemInQueues / 5) {
2637  const size_t bytes_to_remove =
2638  rend_cache_total - (size_t)(get_options()->MaxMemInQueues / 10);
2639  alloc -= hs_cache_handle_oom(now, bytes_to_remove);
2640  }
2641  if (geoip_client_cache_total > get_options()->MaxMemInQueues / 5) {
2642  const size_t bytes_to_remove =
2643  geoip_client_cache_total -
2644  (size_t)(get_options()->MaxMemInQueues / 10);
2645  alloc -= geoip_client_cache_handle_oom(now, bytes_to_remove);
2646  }
2647  if (dns_cache_total > get_options()->MaxMemInQueues / 5) {
2648  const size_t bytes_to_remove =
2649  dns_cache_total - (size_t)(get_options()->MaxMemInQueues / 10);
2650  alloc -= dns_cache_handle_oom(now, bytes_to_remove);
2651  }
2652  circuits_handle_oom(alloc);
2653  return 1;
2654  }
2655  }
2656  return 0;
2657 }
2658 
2661 int
2663 {
2665  < approx_time();
2666 }
2667 
2672 void
2674  const char *file, int lineno)
2675 {
2676  channel_t *chan = NULL;
2677  or_circuit_t *or_circ = NULL;
2678  circuitmux_t *cmux = NULL;
2679 
2680  tor_assert(circ);
2681 
2682  /* Okay, get the channel */
2683  if (direction == CELL_DIRECTION_OUT) {
2684  chan = circ->n_chan;
2685  } else {
2686  or_circ = TO_OR_CIRCUIT(circ);
2687  chan = or_circ->p_chan;
2688  }
2689 
2690  tor_assert(chan);
2691  tor_assert(chan->cmux);
2692 
2693  /* Now get the cmux */
2694  cmux = chan->cmux;
2695 
2696  /* Cmux sanity check */
2697  if (! circuitmux_is_circuit_attached(cmux, circ)) {
2698  log_warn(LD_BUG, "called on non-attached circuit from %s:%d",
2699  file, lineno);
2700  return;
2701  }
2702  tor_assert(circuitmux_attached_circuit_direction(cmux, circ) == direction);
2703 
2704  /* Update the number of cells we have for the circuit mux */
2705  if (direction == CELL_DIRECTION_OUT) {
2706  circuitmux_set_num_cells(cmux, circ, circ->n_chan_cells.n);
2707  } else {
2708  circuitmux_set_num_cells(cmux, circ, or_circ->p_chan_cells.n);
2709  }
2710 }
2711 
2717 void
2719 {
2720  tor_assert(chan);
2721  tor_assert(chan->cmux);
2722 
2723  circuitmux_detach_all_circuits(chan->cmux, circuits_out);
2724  chan->num_n_circuits = 0;
2725  chan->num_p_circuits = 0;
2726 }
2727 
2737 static int
2739  int block, streamid_t stream_id)
2740 {
2741  edge_connection_t *edge = NULL;
2742  int n = 0;
2743  if (circ->n_chan == chan) {
2744  circ->streams_blocked_on_n_chan = block;
2745  if (CIRCUIT_IS_ORIGIN(circ))
2746  edge = TO_ORIGIN_CIRCUIT(circ)->p_streams;
2747  } else {
2748  circ->streams_blocked_on_p_chan = block;
2749  tor_assert(!CIRCUIT_IS_ORIGIN(circ));
2750  edge = TO_OR_CIRCUIT(circ)->n_streams;
2751  }
2752 
2753  for (; edge; edge = edge->next_stream) {
2754  connection_t *conn = TO_CONN(edge);
2755  if (stream_id && edge->stream_id != stream_id)
2756  continue;
2757 
2758  if (edge->edge_blocked_on_circ != block) {
2759  ++n;
2760  edge->edge_blocked_on_circ = block;
2761  }
2762 
2763  if (!conn->read_event) {
2764  /* This connection is a placeholder for something; probably a DNS
2765  * request. It can't actually stop or start reading.*/
2766  continue;
2767  }
2768 
2769  if (block) {
2770  if (connection_is_reading(conn))
2771  connection_stop_reading(conn);
2772  } else {
2773  /* Is this right? */
2774  if (!connection_is_reading(conn))
2775  connection_start_reading(conn);
2776  }
2777  }
2778 
2779  return n;
2780 }
2781 
2783 static uint8_t
2784 packed_cell_get_command(const packed_cell_t *cell, int wide_circ_ids)
2785 {
2786  if (wide_circ_ids) {
2787  return get_uint8(cell->body+4);
2788  } else {
2789  return get_uint8(cell->body+2);
2790  }
2791 }
2792 
2794 circid_t
2795 packed_cell_get_circid(const packed_cell_t *cell, int wide_circ_ids)
2796 {
2797  if (wide_circ_ids) {
2798  return ntohl(get_uint32(cell->body));
2799  } else {
2800  return ntohs(get_uint16(cell->body));
2801  }
2802 }
2803 
2809 channel_flush_from_first_active_circuit, (channel_t *chan, int max))
2810 {
2811  circuitmux_t *cmux = NULL;
2812  int n_flushed = 0;
2813  cell_queue_t *queue;
2814  destroy_cell_queue_t *destroy_queue=NULL;
2815  circuit_t *circ;
2816  or_circuit_t *or_circ;
2817  int streams_blocked;
2818  packed_cell_t *cell;
2819 
2820  /* Get the cmux */
2821  tor_assert(chan);
2822  tor_assert(chan->cmux);
2823  cmux = chan->cmux;
2824 
2825  /* Main loop: pick a circuit, send a cell, update the cmux */
2826  while (n_flushed < max) {
2827  circ = circuitmux_get_first_active_circuit(cmux, &destroy_queue);
2828  if (destroy_queue) {
2829  destroy_cell_t *dcell;
2830  /* this code is duplicated from some of the logic below. Ugly! XXXX */
2831  /* If we are given a destroy_queue here, then it is required to be
2832  * nonempty... */
2833  tor_assert(destroy_queue->n > 0);
2834  dcell = destroy_cell_queue_pop(destroy_queue);
2835  /* ...and pop() will always yield a cell from a nonempty queue. */
2836  tor_assert(dcell);
2837  /* frees dcell */
2838  cell = destroy_cell_to_packed_cell(dcell, chan->wide_circ_ids);
2839  /* Send the DESTROY cell. It is very unlikely that this fails but just
2840  * in case, get rid of the channel. */
2841  if (channel_write_packed_cell(chan, cell) < 0) {
2842  /* The cell has been freed. */
2843  channel_mark_for_close(chan);
2844  continue;
2845  }
2846  /* Update the cmux destroy counter */
2848  cell = NULL;
2849  ++n_flushed;
2850  continue;
2851  }
2852  /* If it returns NULL, no cells left to send */
2853  if (!circ) break;
2854 
2855  if (circ->n_chan == chan) {
2856  queue = &circ->n_chan_cells;
2857  streams_blocked = circ->streams_blocked_on_n_chan;
2858  } else {
2859  or_circ = TO_OR_CIRCUIT(circ);
2860  tor_assert(or_circ->p_chan == chan);
2861  queue = &TO_OR_CIRCUIT(circ)->p_chan_cells;
2862  streams_blocked = circ->streams_blocked_on_p_chan;
2863  }
2864 
2865  /* Circuitmux told us this was active, so it should have cells */
2866  if (/*BUG(*/ queue->n == 0 /*)*/) {
2867  log_warn(LD_BUG, "Found a supposedly active circuit with no cells "
2868  "to send. Trying to recover.");
2869  circuitmux_set_num_cells(cmux, circ, 0);
2870  if (! circ->marked_for_close)
2871  circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL);
2872  continue;
2873  }
2874 
2875  tor_assert(queue->n > 0);
2876 
2877  /*
2878  * Get just one cell here; once we've sent it, that can change the circuit
2879  * selection, so we have to loop around for another even if this circuit
2880  * has more than one.
2881  */
2882  cell = cell_queue_pop(queue);
2883 
2884  /* Calculate the exact time that this cell has spent in the queue. */
2885  if (get_options()->CellStatistics ||
2886  get_options()->TestingEnableCellStatsEvent) {
2887  uint32_t timestamp_now = monotime_coarse_get_stamp();
2888  uint32_t msec_waiting =
2890  timestamp_now - cell->inserted_timestamp);
2891 
2892  if (get_options()->CellStatistics && !CIRCUIT_IS_ORIGIN(circ)) {
2893  or_circ = TO_OR_CIRCUIT(circ);
2894  or_circ->total_cell_waiting_time += msec_waiting;
2895  or_circ->processed_cells++;
2896  }
2897 
2898  if (get_options()->TestingEnableCellStatsEvent) {
2899  uint8_t command = packed_cell_get_command(cell, chan->wide_circ_ids);
2900 
2902  tor_malloc_zero(sizeof(testing_cell_stats_entry_t));
2903  ent->command = command;
2904  ent->waiting_time = msec_waiting / 10;
2905  ent->removed = 1;
2906  if (circ->n_chan == chan)
2907  ent->exitward = 1;
2908  if (!circ->testing_cell_stats)
2909  circ->testing_cell_stats = smartlist_new();
2910  smartlist_add(circ->testing_cell_stats, ent);
2911  }
2912  }
2913 
2914  /* If we just flushed our queue and this circuit is used for a
2915  * tunneled directory request, possibly advance its state. */
2916  if (queue->n == 0 && chan->dirreq_id)
2918  DIRREQ_TUNNELED,
2920 
2921  /* Now send the cell. It is very unlikely that this fails but just in
2922  * case, get rid of the channel. */
2923  if (channel_write_packed_cell(chan, cell) < 0) {
2924  /* The cell has been freed at this point. */
2925  channel_mark_for_close(chan);
2926  continue;
2927  }
2928  cell = NULL;
2929 
2930  /*
2931  * Don't packed_cell_free_unchecked(cell) here because the channel will
2932  * do so when it gets out of the channel queue (probably already did, in
2933  * which case that was an immediate double-free bug).
2934  */
2935 
2936  /* Update the counter */
2937  ++n_flushed;
2938 
2939  /*
2940  * Now update the cmux; tell it we've just sent a cell, and how many
2941  * we have left.
2942  */
2943  circuitmux_notify_xmit_cells(cmux, circ, 1);
2944  circuitmux_set_num_cells(cmux, circ, queue->n);
2945  if (queue->n == 0)
2946  log_debug(LD_GENERAL, "Made a circuit inactive.");
2947 
2948  /* Is the cell queue low enough to unblock all the streams that are waiting
2949  * to write to this circuit? */
2950  if (streams_blocked && queue->n <= CELL_QUEUE_LOWWATER_SIZE)
2951  set_streams_blocked_on_circ(circ, chan, 0, 0); /* unblock streams */
2952 
2953  /* If n_flushed < max still, loop around and pick another circuit */
2954  }
2955 
2956  /* Okay, we're done sending now */
2957  return n_flushed;
2958 }
2959 
2960 /* Minimum value is the maximum circuit window size.
2961  *
2962  * SENDME cells makes it that we can control how many cells can be inflight on
2963  * a circuit from end to end. This logic makes it that on any circuit cell
2964  * queue, we have a maximum of cells possible.
2965  *
2966  * Because the Tor protocol allows for a client to exit at any hop in a
2967  * circuit and a circuit can be of a maximum of 8 hops, so in theory the
2968  * normal worst case will be the circuit window start value times the maximum
2969  * number of hops (8). Having more cells then that means something is wrong.
2970  *
2971  * However, because padding cells aren't counted in the package window, we set
2972  * the maximum size to a reasonably large size for which we expect that we'll
2973  * never reach in theory. And if we ever do because of future changes, we'll
2974  * be able to control it with a consensus parameter.
2975  *
2976  * XXX: Unfortunately, END cells aren't accounted for in the circuit window
2977  * which means that for instance if a client opens 8001 streams, the 8001
2978  * following END cells will queue up in the circuit which will get closed if
2979  * the max limit is 8000. Which is sad because it is allowed by the Tor
2980  * protocol. But, we need an upper bound on circuit queue in order to avoid
2981  * DoS memory pressure so the default size is a middle ground between not
2982  * having any limit and having a very restricted one. This is why we can also
2983  * control it through a consensus parameter. */
2984 #define RELAY_CIRC_CELL_QUEUE_SIZE_MIN CIRCWINDOW_START_MAX
2985 /* We can't have a consensus parameter above this value. */
2986 #define RELAY_CIRC_CELL_QUEUE_SIZE_MAX INT32_MAX
2987 /* Default value is set to a large value so we can handle padding cells
2988  * properly which aren't accounted for in the SENDME window. Default is 50000
2989  * allowed cells in the queue resulting in ~25MB. */
2990 #define RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT \
2991  (50 * RELAY_CIRC_CELL_QUEUE_SIZE_MIN)
2992 
2993 /* The maximum number of cell a circuit queue can contain. This is updated at
2994  * every new consensus and controlled by a parameter. */
2995 static int32_t max_circuit_cell_queue_size =
2996  RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT;
2997 
2998 /* Called when the consensus has changed. At this stage, the global consensus
2999  * object has NOT been updated. It is called from
3000  * notify_before_networkstatus_changes(). */
3001 void
3002 relay_consensus_has_changed(const networkstatus_t *ns)
3003 {
3004  tor_assert(ns);
3005 
3006  /* Update the circuit max cell queue size from the consensus. */
3007  max_circuit_cell_queue_size =
3008  networkstatus_get_param(ns, "circ_max_cell_queue_size",
3009  RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT,
3010  RELAY_CIRC_CELL_QUEUE_SIZE_MIN,
3011  RELAY_CIRC_CELL_QUEUE_SIZE_MAX);
3012 }
3013 
3021 void
3023  cell_t *cell, cell_direction_t direction,
3024  streamid_t fromstream)
3025 {
3026  or_circuit_t *orcirc = NULL;
3027  cell_queue_t *queue;
3028  int streams_blocked;
3029  int exitward;
3030  if (circ->marked_for_close)
3031  return;
3032 
3033  exitward = (direction == CELL_DIRECTION_OUT);
3034  if (exitward) {
3035  queue = &circ->n_chan_cells;
3036  streams_blocked = circ->streams_blocked_on_n_chan;
3037  } else {
3038  orcirc = TO_OR_CIRCUIT(circ);
3039  queue = &orcirc->p_chan_cells;
3040  streams_blocked = circ->streams_blocked_on_p_chan;
3041  }
3042 
3043  if (PREDICT_UNLIKELY(queue->n >= max_circuit_cell_queue_size)) {
3044  log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
3045  "%s circuit has %d cells in its queue, maximum allowed is %d. "
3046  "Closing circuit for safety reasons.",
3047  (exitward) ? "Outbound" : "Inbound", queue->n,
3048  max_circuit_cell_queue_size);
3049  circuit_mark_for_close(circ, END_CIRC_REASON_RESOURCELIMIT);
3051  return;
3052  }
3053 
3054  /* Very important that we copy to the circuit queue because all calls to
3055  * this function use the stack for the cell memory. */
3056  cell_queue_append_packed_copy(circ, queue, exitward, cell,
3057  chan->wide_circ_ids, 1);
3058 
3059  /* Check and run the OOM if needed. */
3060  if (PREDICT_UNLIKELY(cell_queues_check_size())) {
3061  /* We ran the OOM handler which might have closed this circuit. */
3062  if (circ->marked_for_close)
3063  return;
3064  }
3065 
3066  /* If we have too many cells on the circuit, we should stop reading from
3067  * the edge streams for a while. */
3068  if (!streams_blocked && queue->n >= CELL_QUEUE_HIGHWATER_SIZE)
3069  set_streams_blocked_on_circ(circ, chan, 1, 0); /* block streams */
3070 
3071  if (streams_blocked && fromstream) {
3072  /* This edge connection is apparently not blocked; block it. */
3073  set_streams_blocked_on_circ(circ, chan, 1, fromstream);
3074  }
3075 
3076  update_circuit_on_cmux(circ, direction);
3077  if (queue->n == 1) {
3078  /* This was the first cell added to the queue. We just made this
3079  * circuit active. */
3080  log_debug(LD_GENERAL, "Made a circuit active.");
3081  }
3082 
3083  /* New way: mark this as having waiting cells for the scheduler */
3084  scheduler_channel_has_waiting_cells(chan);
3085 }
3086 
3094 int
3095 append_address_to_payload(uint8_t *payload_out, const tor_addr_t *addr)
3096 {
3097  uint32_t a;
3098  switch (tor_addr_family(addr)) {
3099  case AF_INET:
3100  payload_out[0] = RESOLVED_TYPE_IPV4;
3101  payload_out[1] = 4;
3102  a = tor_addr_to_ipv4n(addr);
3103  memcpy(payload_out+2, &a, 4);
3104  return 6;
3105  case AF_INET6:
3106  payload_out[0] = RESOLVED_TYPE_IPV6;
3107  payload_out[1] = 16;
3108  memcpy(payload_out+2, tor_addr_to_in6_addr8(addr), 16);
3109  return 18;
3110  case AF_UNSPEC:
3111  default:
3112  return -1;
3113  }
3114 }
3115 
3120 const uint8_t *
3121 decode_address_from_payload(tor_addr_t *addr_out, const uint8_t *payload,
3122  int payload_len)
3123 {
3124  if (payload_len < 2)
3125  return NULL;
3126  if (payload_len < 2+payload[1])
3127  return NULL;
3128 
3129  switch (payload[0]) {
3130  case RESOLVED_TYPE_IPV4:
3131  if (payload[1] != 4)
3132  return NULL;
3133  tor_addr_from_ipv4n(addr_out, get_uint32(payload+2));
3134  break;
3135  case RESOLVED_TYPE_IPV6:
3136  if (payload[1] != 16)
3137  return NULL;
3138  tor_addr_from_ipv6_bytes(addr_out, (char*)(payload+2));
3139  break;
3140  default:
3141  tor_addr_make_unspec(addr_out);
3142  break;
3143  }
3144  return payload + 2 + payload[1];
3145 }
3146 
3148 void
3150 {
3151  cell_queue_t *queue;
3152  cell_direction_t direction;
3153 
3154  if (circ->n_chan == chan) {
3155  queue = &circ->n_chan_cells;
3156  direction = CELL_DIRECTION_OUT;
3157  } else {
3158  or_circuit_t *orcirc = TO_OR_CIRCUIT(circ);
3159  tor_assert(orcirc->p_chan == chan);
3160  queue = &orcirc->p_chan_cells;
3161  direction = CELL_DIRECTION_IN;
3162  }
3163 
3164  /* Clear the queue */
3165  cell_queue_clear(queue);
3166 
3167  /* Update the cell counter in the cmux */
3168  if (chan->cmux && circuitmux_is_circuit_attached(chan->cmux, circ))
3169  update_circuit_on_cmux(circ, direction);
3170 }
3171 
3175 static int
3177 {
3178  if (CIRCUIT_IS_ORIGIN(circ)) {
3179  return circ->streams_blocked_on_n_chan;
3180  } else {
3181  return circ->streams_blocked_on_p_chan;
3182  }
3183 }
#define RELAY_PAYLOAD_SIZE
Definition: or.h:605
tor_socket_t s
Definition: connection_st.h:88
uint64_t stats_n_data_cells_received
Definition: relay.c:1976
void connection_edge_consider_sending_sendme(edge_connection_t *conn)
Definition: relay.c:2133
#define AP_CONN_STATE_CONNECT_WAIT
int channel_is_client(const channel_t *chan)
Definition: channel.c:2913
void tor_addr_from_ipv4n(tor_addr_t *dest, uint32_t v4addr)
Definition: address.c:862
Header file for rendcommon.c.
static int circuit_queue_streams_are_blocked(circuit_t *circ)
Definition: relay.c:3176
STATIC void address_ttl_free_(address_ttl_t *addr)
Definition: relay.c:1036
STATIC destroy_cell_t * destroy_cell_queue_pop(destroy_cell_queue_t *queue)
Definition: relay.c:2550
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
Definition: address.c:317
void geoip_change_dirreq_state(uint64_t dirreq_id, dirreq_type_t type, dirreq_state_t new_state)
Definition: geoip_stats.c:550
STATIC int connected_cell_parse(const relay_header_t *rh, const cell_t *cell, tor_addr_t *addr_out, int *ttl_out)
Definition: relay.c:998
#define AP_CONN_STATE_RESOLVE_WAIT
#define CELL_QUEUE_HIGHWATER_SIZE
Definition: relay.c:120
unsigned int chosen_exit_retries
static int connection_edge_process_relay_cell_not_open(relay_header_t *rh, cell_t *cell, circuit_t *circ, edge_connection_t *conn, crypt_path_t *layer_hint)
Definition: relay.c:1296
STATIC int cell_queues_check_size(void)
Definition: relay.c:2616
unsigned int has_finished
int package_window
Definition: circuit_st.h:107
void client_dns_clear_failures(const char *address)
Definition: addressmap.c:660
uint8_t payload[CELL_PAYLOAD_SIZE]
Definition: cell_st.h:16
#define TOR_ADDR_BUF_LEN
Definition: address.h:205
Common functions for using (pseudo-)random number generators.
Definition: node_st.h:28
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
uint16_t sa_family_t
Definition: inaddr_st.h:77
Header for backtrace.c.
#define TO_CONN(c)
Definition: or.h:735
path_state_bitfield_t path_state
uint64_t stats_n_relay_cells_relayed
Definition: relay.c:128
void tor_addr_make_unspec(tor_addr_t *a)
Definition: address.c:225
STATIC packed_cell_t * packed_cell_new(void)
Definition: relay.c:2422
Header file for geoip_stats.c.
void circuits_handle_oom(size_t current_allocation)
Definition: circuitlist.c:2667
unsigned int removed
Definition: or.h:926
#define EXIT_CONN_STATE_RESOLVING
uint16_t marked_for_close
Definition: circuit_st.h:154
Header file for connection.c.
#define CELL_QUEUE_LOWWATER_SIZE
Definition: relay.c:123
void crypto_seed_weak_rng(tor_weak_rng_t *rng)
Definition: crypto_rand.c:109
static void set_uint16(void *cp, uint16_t v)
Definition: bytes.h:73
struct or_circuit_t * rend_splice
Definition: or_circuit_st.h:53
uint64_t monotime_coarse_stamp_units_to_approx_msec(uint64_t units)
Definition: compat_time.c:860
circid_t packed_cell_get_circid(const packed_cell_t *cell, int wide_circ_ids)
Definition: relay.c:2795
Definition: cell_st.h:12
#define LD_GENERAL
Definition: log.h:58
void cell_queue_append(cell_queue_t *queue, packed_cell_t *cell)
Definition: relay.c:2467
static int circuit_consider_stop_edge_reading(circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2350
#define CIRCUIT_IS_ORIGIN(c)
Definition: circuitlist.h:143
int circuit_finish_handshake(origin_circuit_t *circ, const created_cell_t *reply)
uint8_t state
Definition: connection_st.h:44
Headers for compress.c.
int connection_exit_begin_resolve(cell_t *cell, or_circuit_t *circ)
MOCK_IMPL(int, circuit_package_relay_cell,(cell_t *cell, circuit_t *circ, cell_direction_t cell_direction, crypt_path_t *layer_hint, streamid_t on_stream, const char *filename, int lineno))
Definition: relay.c:358
#define LOG_INFO
Definition: log.h:41
Header file for describe.c.
static uint32_t tor_addr_to_ipv4n(const tor_addr_t *a)
Definition: address.h:145
Header file for nodelist.c.
int connection_edge_package_raw_inbuf(edge_connection_t *conn, int package_partial, int *max_cells)
Definition: relay.c:1993
#define CIRCWINDOW_START
Definition: or.h:501
static int edge_reason_is_retriable(int reason)
Definition: relay.c:722
crypt_path_t * cpath
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:631
void relay_header_unpack(relay_header_t *dest, const uint8_t *src)
Definition: relay.c:489
Header file for directory.c.
void smartlist_add(smartlist_t *sl, void *element)
static time_t last_time_under_memory_pressure
Definition: relay.c:2611
static packed_cell_t * packed_cell_copy(const cell_t *cell, int wide_circ_ids)
Definition: relay.c:2458
void update_circuit_on_cmux_(circuit_t *circ, cell_direction_t direction, const char *file, int lineno)
Definition: relay.c:2673
char address[MAX_SOCKS_ADDR_LEN]
int circuit_extend(cell_t *cell, circuit_t *circ)
char * rate_limit_log(ratelim_t *lim, time_t now)
Definition: ratelim.c:41
void cell_queue_clear(cell_queue_t *queue)
Definition: relay.c:2502
void circpad_deliver_recognized_relay_cell_events(circuit_t *circ, uint8_t relay_command, crypt_path_t *layer_hint)
cell_direction_t circuitmux_attached_circuit_direction(circuitmux_t *cmux, circuit_t *circ)
Definition: circuitmux.c:607
int circuit_truncated(origin_circuit_t *circ, int reason)
#define TO_CIRCUIT(x)
Definition: or.h:947
Header file for config.c.
STATIC int connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ, edge_connection_t *conn, crypt_path_t *layer_hint)
Definition: relay.c:1447
static void adjust_exit_policy_from_exitpolicy_failure(origin_circuit_t *circ, entry_connection_t *conn, node_t *node, const tor_addr_t *addr)
Definition: relay.c:943
size_t half_streams_get_total_allocation(void)
uint8_t command
Definition: or.h:920
static size_t total_cells_allocated
Definition: relay.c:2410
#define END_STREAM_REASON_CANT_ATTACH
Definition: or.h:250
void circuit_clear_cell_queue(circuit_t *circ, channel_t *chan)
Definition: relay.c:3149
Header file for onion.c.
void circuitmux_detach_all_circuits(circuitmux_t *cmux, smartlist_t *detached_out)
Definition: circuitmux.c:263
void circuit_set_state(circuit_t *circ, uint8_t state)
Definition: circuitlist.c:542
unsigned int num_n_circuits
Definition: channel.h:416
void policies_set_node_exitpolicy_to_reject_all(node_t *node)
Definition: policies.c:2205
channel_usage_info_t channel_usage
Definition: channel.h:228
int channel_write_packed_cell(channel_t *chan, packed_cell_t *cell)
Definition: channel.c:1470
#define tor_free(p)
Definition: malloc.h:52
void circpad_deliver_unrecognized_cell_events(circuit_t *circ, cell_direction_t dir)
void channel_mark_for_close(channel_t *chan)
Definition: channel.c:1134
int connection_is_reading(connection_t *conn)
Definition: mainloop.c:511
static tor_weak_rng_t stream_choice_rng
Definition: relay.c:138
void client_dns_set_addressmap(entry_connection_t *for_conn, const char *address, const tor_addr_t *val, const char *exitname, int ttl)
Definition: addressmap.c:724
#define SMARTLIST_DEL_CURRENT(sl, var)
const char * conn_state_to_string(int type, int state)
Definition: connection.c:273
uint16_t recognized
Definition: or.h:639
#define DIR_PURPOSE_FETCH_CONSENSUS
Definition: directory.h:56
Header file for mainloop.c.
#define CIRCUIT_PURPOSE_REND_ESTABLISHED
Definition: circuitlist.h:46
circuitmux_t * cmux
Definition: channel.h:403
uint8_t purpose
Definition: circuit_st.h:102
size_t packed_cell_mem_cost(void)
Definition: relay.c:2595
#define CIRCWINDOW_INCREMENT
Definition: or.h:505
void append_cell_to_circuit_queue(circuit_t *circ, channel_t *chan, cell_t *cell, cell_direction_t direction, streamid_t fromstream)
Definition: relay.c:3022
buf_t * buf_new(void)
Definition: buffers.c:363
uint64_t stats_n_circ_max_cell_reached
Definition: relay.c:135
char body[CELL_MAX_NETWORK_SIZE]
Definition: cell_queue_st.h:16
struct buf_t * pending_optimistic_data
Definition: or.h:919
Header file for scheduler*.c.
unsigned int purpose
Definition: connection_st.h:46
created_cell_t created_cell
Definition: onion.h:69
int connection_edge_send_command(edge_connection_t *fromconn, uint8_t relay_command, const char *payload, size_t payload_len)
Definition: relay.c:661
static packed_cell_t * destroy_cell_to_packed_cell(destroy_cell_t *inp, int wide_circ_ids)
Definition: relay.c:2578
unsigned int remaining_relay_early_cells
#define ENTRY_TO_CONN(c)
Definition: or.h:738
void connection_ap_handshake_socks_reply(entry_connection_t *conn, char *reply, size_t replylen, int endreason)
static uint32_t get_uint32(const void *cp)
Definition: bytes.h:49
cell_queue_t n_chan_cells
Definition: circuit_st.h:76
size_t outbuf_flushlen
Definition: connection_st.h:96
int append_address_to_payload(uint8_t *payload_out, const tor_addr_t *addr)
Definition: relay.c:3095
extend_info_t * n_hop
Definition: circuit_st.h:82
cell_direction_t
Definition: or.h:482
struct create_cell_t * n_chan_create_cell
Definition: circuit_st.h:118
streamid_t stream_id
Definition: or.h:640
socks_request_t * socks_request
#define STREAMWINDOW_START
Definition: or.h:508
struct crypt_path_t * cpath_layer
Header file for policies.c.
channel_t * p_chan
Definition: or_circuit_st.h:35
uint64_t stats_n_data_bytes_received
Definition: relay.c:1980
int count_loading_descriptors_progress(void)
Definition: nodelist.c:2529
uint64_t total_cell_waiting_time
Definition: or_circuit_st.h:76
#define STREAMWINDOW_INCREMENT
Definition: or.h:511
void circuitmux_set_num_cells(circuitmux_t *cmux, circuit_t *circ, unsigned int n_cells)
Definition: circuitmux.c:1072
#define LD_APP
Definition: log.h:74
static edge_connection_t * relay_lookup_conn(circuit_t *circ, cell_t *cell, cell_direction_t cell_direction, crypt_path_t *layer_hint)
Definition: relay.c:423
void destroy_cell_queue_append(destroy_cell_queue_t *queue, circid_t circid, uint8_t reason)
Definition: relay.c:2562
Common functions for cryptographic routines.
Header file for channel.c.
#define DIR_PURPOSE_FETCH_SERVERDESC
Definition: directory.h:38
tor_assert(buffer)
void channel_timestamp_client(channel_t *chan)
Definition: channel.c:3208
edge_connection_t * n_streams
Definition: or_circuit_st.h:42
signed_error_t circpad_handle_padding_negotiated(circuit_t *circ, cell_t *cell, crypt_path_t *layer_hint)
void packed_cell_free_(packed_cell_t *cell)
Definition: relay.c:2430
#define REMAP_STREAM_SOURCE_EXIT
Definition: control.h:108
int connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
int connection_half_edge_is_valid_sendme(const smartlist_t *half_conns, streamid_t stream_id)
#define tor_addr_from_ipv4h(dest, v4addr)
Definition: address.h:287
static void circuit_resume_edge_reading(circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2167
#define LD_CIRC
Definition: log.h:78
uint8_t state
Definition: circuit_st.h:101
void circuit_sent_valid_data(origin_circuit_t *circ, uint16_t relay_body_len)
Definition: circuituse.c:3116
uint64_t stats_n_data_bytes_packaged
Definition: relay.c:1974
uint32_t inserted_timestamp
Definition: cell_queue_st.h:17
circid_t n_circ_id
Definition: circuit_st.h:67
void circuitmux_notify_xmit_destroy(circuitmux_t *cmux)
Definition: circuitmux.c:1237
dir_connection_t * TO_DIR_CONN(connection_t *c)
Definition: directory.c:77
static const char * relay_command_to_string(uint8_t command)
Definition: relay.c:500
Header file for circuitpadding.c.
void circuit_synchronize_written_or_bandwidth(const circuit_t *c, circuit_channel_direction_t dir)
Definition: circuitlist.c:2138
signed_error_t circpad_handle_padding_negotiate(circuit_t *circ, cell_t *cell)
void tor_addr_from_ipv6_bytes(tor_addr_t *dest, const char *ipv6_bytes)
Definition: address.c:873
int buf_get_bytes(buf_t *buf, char *string, size_t string_len)
Definition: buffers.c:634
const char * node_describe(const node_t *node)
Definition: describe.c:101
Header file for rendcache.c.
#define END_CIRC_AT_ORIGIN
Definition: or.h:305
Master header file for Tor-specific functionality.
int client_dns_incr_failures(const char *address)
Definition: addressmap.c:638
#define CIRCUIT_STATE_OPEN
Definition: circuitlist.h:31
void cell_queue_append_packed_copy(circuit_t *circ, cell_queue_t *queue, int exitward, const cell_t *cell, int wide_circ_ids, int use_stats)
Definition: relay.c:2478
uint64_t stats_n_relay_cells_delivered
Definition: relay.c:132
uint16_t streamid_t
Definition: or.h:610
Header file for circuitbuild.c.
#define DIR_PURPOSE_FETCH_CERTIFICATE
Definition: directory.h:59
#define END_STREAM_REASON_FLAG_REMOTE
Definition: or.h:276
uint32_t processed_cells
Definition: or_circuit_st.h:71
void destroy_cell_queue_clear(destroy_cell_queue_t *queue)
Definition: relay.c:2536
int tor_addr_parse(tor_addr_t *addr, const char *src)
Definition: address.c:1185
uint16_t marked_for_close
unsigned int chosen_exit_optional
void control_event_boot_dir(bootstrap_status_t status, int progress)
void circuitmux_notify_xmit_cells(circuitmux_t *cmux, circuit_t *circ, unsigned int n_cells)
Definition: circuitmux.c:1177
uint8_t relay_early_commands[MAX_RELAY_EARLY_CELLS_PER_CIRCUIT]
int connection_buf_get_bytes(char *string, size_t len, connection_t *conn)
Definition: connection.c:3869
int have_been_under_memory_pressure(void)
Definition: relay.c:2662
int buf_add(buf_t *buf, const char *string, size_t string_len)
Definition: buffers.c:525
static uint16_t get_uint16(const void *cp)
Definition: bytes.h:37
circid_t circ_id
Definition: cell_st.h:13
int marked_for_close_reason
Definition: circuit_st.h:162
#define LOG_WARN
Definition: log.h:49
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:758
unsigned int type
Definition: connection_st.h:45
static void circuit_update_channel_usage(circuit_t *circ, cell_t *cell)
Definition: relay.c:151
unsigned int edge_has_sent_end
STATIC packed_cell_t * cell_queue_pop(cell_queue_t *queue)
Definition: relay.c:2516
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:260
Header file for circuituse.c.
Header for weakrng.c.
void cell_queue_init(cell_queue_t *queue)
Definition: relay.c:2494
smartlist_t * testing_cell_stats
Definition: circuit_st.h:177
smartlist_t * half_streams
static void connection_ap_handshake_socks_got_resolved_cell(entry_connection_t *conn, int error_code, smartlist_t *results)
Definition: relay.c:1147
uint32_t n_written_circ_bw
int pathbias_check_probe_response(circuit_t *circ, const cell_t *cell)
Definition: circpathbias.c:870
circid_t p_circ_id
Definition: or_circuit_st.h:31
#define LD_REND
Definition: log.h:80
Header file for circuitlist.c.
#define CIRCUIT_PURPOSE_PATH_BIAS_TESTING
Definition: circuitlist.h:119
void circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ)
Definition: circuitbuild.c:358
unsigned int streams_blocked_on_p_chan
Definition: circuit_st.h:89
int connection_state_is_open(connection_t *conn)
Definition: connection.c:4626
#define LD_OR
Definition: log.h:88
size_t tor_compress_get_total_allocation(void)
Definition: compress.c:458
#define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED
Definition: or.h:283
const uint8_t * decode_address_from_payload(tor_addr_t *addr_out, const uint8_t *payload, int payload_len)
Definition: relay.c:3121
int connection_edge_is_rendezvous_stream(const edge_connection_t *conn)
unsigned int waiting_time
Definition: or.h:925
#define MAX_RESOLVE_FAILURES
Definition: relay.c:717
int node_exit_policy_is_exact(const node_t *node, sa_family_t family)
Definition: nodelist.c:1341
uint64_t dirreq_id
Definition: circuit_st.h:169
uint16_t length
Definition: or.h:642
uint8_t command
Definition: or.h:638
cpath_build_state_t * build_state
unsigned int streams_blocked_on_n_chan
Definition: circuit_st.h:86
int connection_outbuf_too_full(connection_t *conn)
Definition: connection.c:3907
Header file for connection_edge.c.
#define MEMORY_PRESSURE_INTERVAL
Definition: relay.c:2608
uint64_t stats_n_data_cells_packaged
Definition: relay.c:1970
origin_circuit_t * TO_ORIGIN_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:163
cell_queue_t p_chan_cells
Definition: or_circuit_st.h:33
const char * circuit_state_to_string(int state)
Definition: circuitlist.c:758
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
static int circuit_resume_edge_reading_helper(edge_connection_t *conn, circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2194
#define CELL_PAYLOAD_SIZE
Definition: or.h:576
int circuit_send_next_onion_skin(origin_circuit_t *circ)
Definition: circuitbuild.c:939
int control_event_stream_status(entry_connection_t *conn, stream_status_event_t tp, int reason_code)
Definition: control.c:5819
Header file for relay.c.
edge_connection_t * p_streams
char identity_digest[DIGEST_LEN]
#define SMARTLIST_FOREACH(sl, type, var, cmd)
char integrity[4]
Definition: or.h:641
void relay_header_pack(uint8_t *dest, const relay_header_t *src)
Definition: relay.c:476
time_t timestamp_last_read_allowed
Definition: connection_st.h:98
const char * stream_end_reason_to_string(int reason)
Definition: reasons.c:64
uint64_t dirreq_id
Definition: channel.h:459
void control_event_bootstrap(bootstrap_status_t status, int progress)
#define fmt_addr(a)
Definition: address.h:211
uint32_t circid_t
Definition: or.h:608
#define CIRCUIT_PURPOSE_OR
Definition: circuitlist.h:38
#define log_fn(severity, domain, args,...)
Definition: log.h:255
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
#define CONN_TYPE_EXIT
Definition: connection.h:26
void mark_circuit_unusable_for_new_conns(origin_circuit_t *circ)
Definition: circuituse.c:3092
int connection_half_edge_is_valid_end(smartlist_t *half_conns, streamid_t stream_id)
#define AP_CONN_STATE_OPEN
struct event * read_event
Definition: connection_st.h:91
or_circuit_t * TO_OR_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:151
#define DIR_PURPOSE_FETCH_MICRODESC
Definition: directory.h:70
int connection_edge_end(edge_connection_t *conn, uint8_t reason)
Header file for control.c.
void rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint, int command, size_t length, const uint8_t *payload)
Definition: rendcommon.c:766
int deliver_window
Definition: circuit_st.h:112
void connection_ap_handshake_socks_resolved_addr(entry_connection_t *conn, const tor_addr_t *answer, int ttl, time_t expires)
void destroy_cell_queue_init(destroy_cell_queue_t *queue)
Definition: relay.c:2528
void addr_policy_append_reject_addr(smartlist_t **dest, const tor_addr_t *addr)
Definition: policies.c:1612
time_t approx_time(void)
Definition: approx_time.c:32
int circuitmux_is_circuit_attached(circuitmux_t *cmux, circuit_t *circ)
Definition: circuitmux.c:685
int consensus_is_waiting_for_certs(void)
STATIC int connection_edge_process_resolved_cell(edge_connection_t *conn, const cell_t *cell, const relay_header_t *rh)
Definition: relay.c:1221
smartlist_t * prepend_policy
static uint8_t packed_cell_get_command(const packed_cell_t *cell, int wide_circ_ids)
Definition: relay.c:2784
const char * marked_for_close_file
STATIC int resolved_cell_parse(const cell_t *cell, const relay_header_t *rh, smartlist_t *addresses_out, int *errcode_out)
Definition: relay.c:1050
Header file for hs_cache.c.
void circuit_set_n_circid_chan(circuit_t *circ, circid_t id, channel_t *chan)
Definition: circuitlist.c:471
static void remap_event_helper(entry_connection_t *conn, const tor_addr_t *new_addr)
Definition: relay.c:978
int circuit_receive_relay_cell(cell_t *cell, circuit_t *circ, cell_direction_t cell_direction)
Definition: relay.c:229
Header file for buffers.c.
Header file for reasons.c.
int connection_half_edge_is_valid_resolved(smartlist_t *half_conns, streamid_t stream_id)
uint8_t command
Definition: cell_st.h:14
#define CONN_TYPE_DIR
Definition: connection.h:35
unsigned int exitward
Definition: or.h:927
circuit_t * circuit_get_by_edge_conn(edge_connection_t *conn)
Definition: circuitlist.c:1576
Header file for connection_or.c.
struct circuit_t * on_circuit
void cell_pack(packed_cell_t *dst, const cell_t *src, int wide_circ_ids)
unsigned int edge_blocked_on_circ
void circuit_read_valid_data(origin_circuit_t *circ, uint16_t relay_body_len)
Definition: circuituse.c:3135
circuit_t * circuitmux_get_first_active_circuit(circuitmux_t *cmux, destroy_cell_queue_t **destroy_queue_out)
Definition: circuitmux.c:1134
extend_info_t * chosen_exit
#define tor_addr_to_in6_addr8(x)
Definition: address.h:129
void pathbias_count_valid_cells(circuit_t *circ, const cell_t *cell)
Definition: circpathbias.c:930
int extended_cell_parse(extended_cell_t *cell_out, const uint8_t command, const uint8_t *payload, size_t payload_len)
Definition: onion.c:448
struct edge_connection_t * next_stream
#define CIRCUIT_PURPOSE_S_REND_JOINED
Definition: circuitlist.h:109
#define CONN_TYPE_AP
Definition: connection.h:31
int connection_ap_detach_retriable(entry_connection_t *conn, origin_circuit_t *circ, int reason)
#define tor_weak_random_one_in_n(rng, n)
Definition: weakrng.h:29
static int set_streams_blocked_on_circ(circuit_t *circ, channel_t *chan, int block, streamid_t stream_id)
Definition: relay.c:2738
#define LD_PROTOCOL
Definition: log.h:68
#define LD_MM
Definition: log.h:70
void circpad_machine_event_circ_has_no_relay_early(origin_circuit_t *circ)
const char * marked_for_close_file
Definition: circuit_st.h:157
void pathbias_mark_use_success(origin_circuit_t *circ)
Definition: circpathbias.c:652
#define RELAY_HEADER_SIZE
Definition: or.h:603
static void circuit_consider_sending_sendme(circuit_t *circ, crypt_path_t *layer_hint)
Definition: relay.c:2389
void circpad_deliver_sent_relay_cell_events(circuit_t *circ, uint8_t relay_command)
static int connection_ap_process_end_not_open(relay_header_t *rh, cell_t *cell, origin_circuit_t *circ, entry_connection_t *conn, crypt_path_t *layer_hint)
Definition: relay.c:737
void channel_unlink_all_circuits(channel_t *chan, smartlist_t *circuits_out)
Definition: relay.c:2718
int channel_send_destroy(circid_t circ_id, channel_t *chan, int reason)
Definition: channel.c:2017
Header file for networkstatus.c.
#define LD_BUG
Definition: log.h:82
Header file for dns.c.
uint32_t monotime_coarse_get_stamp(void)
Definition: compat_time.c:834
#define EXIT_CONN_STATE_CONNECTING
Header file for routerlist.c.
void dump_cell_pool_usage(int severity)
Definition: relay.c:2440
channel_t * n_chan
Definition: circuit_st.h:58
int connection_half_edge_is_valid_connected(const smartlist_t *half_conns, streamid_t stream_id)
int connection_half_edge_is_valid_data(const smartlist_t *half_conns, streamid_t stream_id)
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:179
static void packed_cell_free_unchecked(packed_cell_t *cell)
Definition: relay.c:2414