Tor  0.4.6.0-alpha-dev
resolve_addr.c
Go to the documentation of this file.
1 /* Copyright (c) 2020, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3 
4 /**
5  * \file resolve_addr.c
6  * \brief Implement resolving address functions
7  **/
8 
9 #define RESOLVE_ADDR_PRIVATE
10 
11 #include "app/config/config.h"
13 
14 #include "core/mainloop/mainloop.h"
15 
18 
19 #include "lib/encoding/confline.h"
20 #include "lib/net/gethostname.h"
21 #include "lib/net/resolve.h"
22 
23 /** Maximum "Address" statement allowed in our configuration. */
24 #define MAX_CONFIG_ADDRESS 2
25 
26 /** Ease our life. Arrays containing state per address family. These are to
27  * add semantic to the code so we know what is accessed. */
28 #define IDX_NULL 0 /* Index to zeroed address object. */
29 #define IDX_IPV4 1 /* Index to AF_INET. */
30 #define IDX_IPV6 2 /* Index to AF_INET6. */
31 #define IDX_SIZE 3 /* How many indexes do we have. */
32 
33 /** Function in our address function table return one of these code. */
34 typedef enum {
35  /* The address has been found. */
36  FN_RET_OK = 0,
37  /* The failure requirements were not met and thus it is recommended that the
38  * caller stops the search. */
39  FN_RET_BAIL = 1,
40  /* The address was not found or failure is transient so the caller should go
41  * to the next method. */
42  FN_RET_NEXT = 2,
44 
45 /** Last resolved addresses. */
47  { TOR_ADDR_NULL, TOR_ADDR_NULL, TOR_ADDR_NULL };
49 
50 /** Last suggested addresses.
51  *
52  * These addresses come from a NETINFO cell from a trusted relay (currently
53  * only authorities). We only use those in last resort. */
55  { TOR_ADDR_NULL, TOR_ADDR_NULL, TOR_ADDR_NULL };
57 
58 /** True iff the address was found to be configured that is from the
59  * configuration file either using Address or ORPort. */
60 static bool last_addrs_configured[] = { false, false, false };
62 
63 static inline int
64 af_to_idx(const int family)
65 {
66  switch (family) {
67  case AF_INET:
68  return IDX_IPV4;
69  case AF_INET6:
70  return IDX_IPV6;
71  default:
72  /* It wouldn't be safe to just die here with an assert but we can heavily
73  * scream with a bug. Return the index of the NULL address. */
75  return IDX_NULL;
76  }
77 }
78 
79 /** Return string representation of the given method. */
80 const char *
82 {
83  switch (method) {
84  case RESOLVED_ADDR_NONE:
85  return "NONE";
86  case RESOLVED_ADDR_CONFIGURED:
87  return "CONFIGURED";
88  case RESOLVED_ADDR_CONFIGURED_ORPORT:
89  return "CONFIGURED_ORPORT";
90  case RESOLVED_ADDR_GETHOSTNAME:
91  return "GETHOSTNAME";
92  case RESOLVED_ADDR_INTERFACE:
93  return "INTERFACE";
94  case RESOLVED_ADDR_RESOLVED:
95  return "RESOLVED";
96  default:
98  return "???";
99  }
100 }
101 
102 /** Return true if the last address of family was configured or not. An
103  * address is considered configured if it was found in the Address or ORPort
104  * statement.
105  *
106  * This applies to the address returned by the function
107  * resolved_addr_get_last() which is the cache of discovered addresses. */
108 bool
110 {
111  return last_addrs_configured[af_to_idx(family)];
112 }
113 
114 /** Copy the last suggested address of family into addr_out.
115  *
116  * If no last suggested address exists, the addr_out is a null address (use
117  * tor_addr_is_null() to confirm). */
118 void
120 {
121  tor_addr_copy(addr_out, &last_suggested_addrs[af_to_idx(family)]);
122 }
123 
124 /** Set the last suggested address into our cache. This is called when we get
125  * a new NETINFO cell from a trusted source. */
126 void
128 {
129  if (BUG(tor_addr_family(addr) != AF_INET &&
130  tor_addr_family(addr) != AF_INET6)) {
131  return;
132  }
133 
134  /* In case we don't have a configured address, log that we will be using the
135  * one discovered from the dirauth. */
136  const int idx = af_to_idx(tor_addr_family(addr));
138  !tor_addr_eq(&last_suggested_addrs[idx], addr)) {
139  log_notice(LD_CONFIG, "External address seen and suggested by a "
140  "directory authority: %s", fmt_addr(addr));
141  }
142  tor_addr_copy(&last_suggested_addrs[idx], addr);
143 }
144 
145 /** Copy the last resolved address of family into addr_out.
146  *
147  * If not last resolved address existed, the addr_out is a null address (use
148  * tor_addr_is_null()). */
149 void
150 resolved_addr_get_last(int family, tor_addr_t *addr_out)
151 {
152  tor_addr_copy(addr_out, &last_resolved_addrs[af_to_idx(family)]);
153 }
154 
155 /** Reset the last resolved address of family.
156  *
157  * This makes it null address. */
158 void
160 {
161  tor_addr_make_null(&last_resolved_addrs[af_to_idx(family)], family);
162 }
163 
164 /** Errors returned by address_can_be_used() in order for the caller to know
165  * why the address is denied or not. */
166 #define ERR_DEFAULT_DIRAUTH -1 /* Using default authorities. */
167 #define ERR_ADDRESS_IS_INTERNAL -2 /* IP is internal. */
168 
169 /** @brief Return true iff the given IP address can be used as a valid
170  * external resolved address.
171  *
172  * Two tests are done in this function:
173  * 1) If the address if NOT internal, it can be used.
174  * 2) If the address is internal and we have custom directory authorities
175  * configured then it can they be used. Important for testing networks.
176  *
177  * @param addr The IP address to validate.
178  * @param options Global configuration options.
179  * @param warn_severity Log level that should be used on error.
180  * @param explicit_ip Was the IP address explicitly given.
181  *
182  * @return Return 0 if it can be used. Return error code ERR_* found at the
183  * top of the file.
184  */
185 static int
186 address_can_be_used(const tor_addr_t *addr, const or_options_t *options,
187  int warn_severity, const bool explicit_ip)
188 {
189  tor_assert(addr);
190 
191  /* Public address, this is fine. */
192  if (!tor_addr_is_internal(addr, 0)) {
193  goto allow;
194  }
195 
196  /* We have a private IP address. It is allowed only if we set custom
197  * directory authorities. */
198  if (using_default_dir_authorities(options)) {
199  log_fn(warn_severity, LD_CONFIG,
200  "Address '%s' is a private IP address. Tor relays that use "
201  "the default DirAuthorities must have public IP addresses.",
202  fmt_addr(addr));
203  return ERR_DEFAULT_DIRAUTH;
204  }
205 
206  if (!explicit_ip) {
207  /* Even with custom directory authorities, only an explicit internal
208  * address is accepted. */
209  log_fn(warn_severity, LD_CONFIG,
210  "Address %s was resolved and thus not explicitly "
211  "set. Even if DirAuthorities are custom, this is "
212  "not allowed.", fmt_addr(addr));
213  return ERR_ADDRESS_IS_INTERNAL;
214  }
215 
216  allow:
217  return 0;
218 }
219 
220 /** @brief Get IP address from the given config line and for a specific address
221  * family.
222  *
223  * This can fail is more than two Address statement are found for the same
224  * address family. It also fails if no statement is found.
225  *
226  * @param options Global configuration options.
227  * @param warn_severity Log level that should be used on error.
228  * @param family IP address family. Only AF_INET and AF_INET6 are supported.
229  * @param method_out OUT: Method denoting how the address was found.
230  * This is described in the control-spec.txt as
231  * actions for "STATUS_SERVER".
232  * @param hostname_out OUT: String containing the hostname gotten from the
233  * Address value if any.
234  * @param addr_out OUT: Tor address of the address found in the cline or
235  * resolved from the cline.
236  *
237  * @return Return 0 on success that is an address has been found or resolved
238  * successfully. Return error code ERR_* found at the top of the file.
239  */
240 static fn_address_ret_t
241 get_address_from_config(const or_options_t *options, int warn_severity,
242  int family, resolved_addr_method_t *method_out,
243  char **hostname_out, tor_addr_t *addr_out)
244 {
245  int ret;
246  bool explicit_ip = false, resolve_failure = false;
247  int num_valid_addr = 0;
248 
249  tor_assert(options);
250  tor_assert(addr_out);
251  tor_assert(method_out);
252  tor_assert(hostname_out);
253 
254  /* Set them to NULL for safety reasons. */
255  *hostname_out = NULL;
256  *method_out = RESOLVED_ADDR_NONE;
257 
258  log_debug(LD_CONFIG, "Attempting to get address from configuration");
259 
260  if (!options->Address) {
261  log_info(LD_CONFIG, "No Address option found in configuration.");
262  /* No Address statement, inform caller to try next method. */
263  return FN_RET_NEXT;
264  }
265 
266  for (const config_line_t *cfg = options->Address; cfg != NULL;
267  cfg = cfg->next) {
268  int af;
269  tor_addr_t addr;
270 
271  af = tor_addr_parse(&addr, cfg->value);
272  if (af == family) {
273  tor_addr_copy(addr_out, &addr);
274  *method_out = RESOLVED_ADDR_CONFIGURED;
275  explicit_ip = true;
276  num_valid_addr++;
277  continue;
278  } else if (af != -1) {
279  /* Parsable address but just not the one from the family we want. Skip
280  * it so we don't attempt a resolve. */
281  continue;
282  }
283 
284  /* Not an IP address. Considering this value a hostname and attempting to
285  * do a DNS lookup. */
286  if (!tor_addr_lookup(cfg->value, family, &addr)) {
287  tor_addr_copy(addr_out, &addr);
288  *method_out = RESOLVED_ADDR_RESOLVED;
289  if (*hostname_out) {
290  tor_free(*hostname_out);
291  }
292  *hostname_out = tor_strdup(cfg->value);
293  explicit_ip = false;
294  num_valid_addr++;
295  continue;
296  } else {
297  /* Hostname that can't be resolved, this is a fatal error. */
298  resolve_failure = true;
299  log_fn(warn_severity, LD_CONFIG,
300  "Could not resolve local Address '%s'. Failing.", cfg->value);
301  continue;
302  }
303  }
304 
305  if (!num_valid_addr) {
306  if (resolve_failure) {
307  /* We found no address but we got a resolution failure. This means we
308  * can know if the hostname given was v4 or v6 so we can't continue. */
309  return FN_RET_BAIL;
310  }
311  log_info(LD_CONFIG,
312  "No Address option found for family %s in configuration.",
313  fmt_af_family(family));
314  /* No Address statement for family so move on to try next method. */
315  return FN_RET_NEXT;
316  }
317 
318  if (num_valid_addr >= MAX_CONFIG_ADDRESS) {
319  /* Too many Address for same family. This is a fatal error. */
320  log_fn(warn_severity, LD_CONFIG,
321  "Found %d Address statement of address family %s. "
322  "Only one is allowed.", num_valid_addr, fmt_af_family(family));
323  tor_free(*hostname_out);
324  return FN_RET_BAIL;
325  }
326 
327  /* Great, we found an address. */
328  ret = address_can_be_used(addr_out, options, warn_severity, explicit_ip);
329  if (ret != 0) {
330  /* One of the requirement of this interface is if an internal Address is
331  * used, custom authorities must be defined else it is a fatal error.
332  * Furthermore, if the Address was resolved to an internal interface, we
333  * stop immediately. */
334  tor_free(*hostname_out);
335  return FN_RET_BAIL;
336  }
337 
338  /* Address can be used. We are done. */
339  log_info(LD_CONFIG, "Address found in configuration: %s",
340  fmt_addr(addr_out));
341  return FN_RET_OK;
342 }
343 
344 /** @brief Get IP address from the local hostname by calling gethostbyname()
345  * and doing a DNS resolution on the hostname.
346  *
347  * @param options Global configuration options.
348  * @param warn_severity Log level that should be used on error.
349  * @param family IP address family. Only AF_INET and AF_INET6 are supported.
350  * @param method_out OUT: Method denoting how the address was found.
351  * This is described in the control-spec.txt as
352  * actions for "STATUS_SERVER".
353  * @param hostname_out OUT: String containing the local hostname.
354  * @param addr_out OUT: Tor address resolved from the local hostname.
355  *
356  * @return Return 0 on success that is an address has been found and resolved
357  * successfully. Return error code ERR_* found at the top of the file.
358  */
359 static fn_address_ret_t
360 get_address_from_hostname(const or_options_t *options, int warn_severity,
361  int family, resolved_addr_method_t *method_out,
362  char **hostname_out, tor_addr_t *addr_out)
363 {
364  int ret;
365  char hostname[256];
366 
367  tor_assert(addr_out);
368  tor_assert(method_out);
369 
370  /* Set them to NULL for safety reasons. */
371  *hostname_out = NULL;
372  *method_out = RESOLVED_ADDR_NONE;
373 
374  log_debug(LD_CONFIG, "Attempting to get address from local hostname");
375 
376  if (tor_gethostname(hostname, sizeof(hostname)) < 0) {
377  log_fn(warn_severity, LD_NET, "Error obtaining local hostname");
378  /* Unable to obtain the local hostname is a fatal error. */
379  return FN_RET_BAIL;
380  }
381  if (tor_addr_lookup(hostname, family, addr_out)) {
382  log_fn(warn_severity, LD_NET,
383  "Could not resolve local hostname '%s'. Failing.", hostname);
384  /* Unable to resolve, inform caller to try next method. */
385  return FN_RET_NEXT;
386  }
387 
388  ret = address_can_be_used(addr_out, options, warn_severity, false);
389  if (ret == ERR_DEFAULT_DIRAUTH) {
390  /* Non custom authorities, inform caller to try next method. */
391  return FN_RET_NEXT;
392  } else if (ret == ERR_ADDRESS_IS_INTERNAL) {
393  /* Internal address is a fatal error. */
394  return FN_RET_BAIL;
395  }
396 
397  /* addr_out contains the address of the local hostname. */
398  *method_out = RESOLVED_ADDR_GETHOSTNAME;
399  *hostname_out = tor_strdup(hostname);
400 
401  /* Found it! */
402  log_info(LD_CONFIG, "Address found from local hostname: %s",
403  fmt_addr(addr_out));
404  return FN_RET_OK;
405 }
406 
407 /** @brief Get IP address from a network interface.
408  *
409  * @param options Global configuration options.
410  * @param warn_severity Log level that should be used on error.
411  * @param family IP address family. Only AF_INET and AF_INET6 are supported.
412  * @param method_out OUT: Always RESOLVED_ADDR_INTERFACE on success which
413  * is detailed in the control-spec.txt as actions
414  * for "STATUS_SERVER".
415  * @param hostname_out OUT: String containing the local hostname. For this
416  * function, it is always set to NULL.
417  * @param addr_out OUT: Tor address found attached to the interface.
418  *
419  * @return Return 0 on success that is an address has been found. Return
420  * error code ERR_* found at the top of the file.
421  */
422 static fn_address_ret_t
423 get_address_from_interface(const or_options_t *options, int warn_severity,
424  int family, resolved_addr_method_t *method_out,
425  char **hostname_out, tor_addr_t *addr_out)
426 {
427  int ret;
428 
429  tor_assert(method_out);
430  tor_assert(hostname_out);
431  tor_assert(addr_out);
432 
433  /* Set them to NULL for safety reasons. */
434  *method_out = RESOLVED_ADDR_NONE;
435  *hostname_out = NULL;
436 
437  log_debug(LD_CONFIG, "Attempting to get address from network interface");
438 
439  if (get_interface_address6(warn_severity, family, addr_out) < 0) {
440  log_fn(warn_severity, LD_CONFIG,
441  "Could not get local interface IP address.");
442  /* Unable to get IP from interface. Inform caller to try next method. */
443  return FN_RET_NEXT;
444  }
445 
446  ret = address_can_be_used(addr_out, options, warn_severity, false);
447  if (ret < 0) {
448  /* Unable to use address. Inform caller to try next method. */
449  return FN_RET_NEXT;
450  }
451 
452  *method_out = RESOLVED_ADDR_INTERFACE;
453 
454  /* Found it! */
455  log_info(LD_CONFIG, "Address found from interface: %s", fmt_addr(addr_out));
456  return FN_RET_OK;
457 }
458 
459 /** @brief Get IP address from the ORPort (if any).
460  *
461  * @param options Global configuration options.
462  * @param warn_severity Log level that should be used on error.
463  * @param family IP address family. Only AF_INET and AF_INET6 are supported.
464  * @param method_out OUT: Always RESOLVED_ADDR_CONFIGURED_ORPORT on success
465  * which is detailed in the control-spec.txt as actions
466  * for "STATUS_SERVER".
467  * @param hostname_out OUT: String containing the ORPort hostname if any.
468  * @param addr_out OUT: Tor address found if any.
469  *
470  * @return Return 0 on success that is an address has been found. Return
471  * error code ERR_* found at the top of the file.
472  */
473 static fn_address_ret_t
474 get_address_from_orport(const or_options_t *options, int warn_severity,
475  int family, resolved_addr_method_t *method_out,
476  char **hostname_out, tor_addr_t *addr_out)
477 {
478  int ret;
479  const tor_addr_t *addr;
480 
481  tor_assert(method_out);
482  tor_assert(hostname_out);
483  tor_assert(addr_out);
484 
485  /* Set them to NULL for safety reasons. */
486  *method_out = RESOLVED_ADDR_NONE;
487  *hostname_out = NULL;
488 
489  log_debug(LD_CONFIG, "Attempting to get address from ORPort");
490 
491  if (!options->ORPort_set) {
492  log_info(LD_CONFIG, "No ORPort found in configuration.");
493  /* No ORPort statement, inform caller to try next method. */
494  return FN_RET_NEXT;
495  }
496 
497  /* Get ORPort for requested family. */
498  addr = get_orport_addr(family);
499  if (!addr) {
500  /* No address configured for the ORPort. Ignore. */
501  return FN_RET_NEXT;
502  }
503 
504  /* We found the ORPort address. Just make sure it can be used. */
505  ret = address_can_be_used(addr, options, warn_severity, true);
506  if (ret < 0) {
507  /* Unable to use address. Inform caller to try next method. */
508  return FN_RET_NEXT;
509  }
510 
511  /* Found it! */
512  *method_out = RESOLVED_ADDR_CONFIGURED_ORPORT;
513  tor_addr_copy(addr_out, addr);
514 
515  log_fn(warn_severity, LD_CONFIG, "Address found from ORPort: %s",
516  fmt_addr(addr_out));
517  return FN_RET_OK;
518 }
519 
520 /** @brief Set the last resolved address cache using the given address.
521  *
522  * A log notice is emitted if the given address has changed from before. Not
523  * emitted on first resolve.
524  *
525  * Control port event "STATUS_SERVER" is emitted with the new information if
526  * it has changed.
527  *
528  * Finally, tor is notified that the IP address has changed.
529  *
530  * @param addr IP address to update the cache with.
531  * @param method_used By which method did we resolved it (for logging and
532  * control port).
533  * @param hostname_used Which hostname was used. If none were used, it is
534  * NULL. (for logging and control port).
535  */
536 void
538  const resolved_addr_method_t method_used,
539  const char *hostname_used)
540 {
541  /** Have we done a first resolve. This is used to control logging. */
542  static bool have_resolved_once[] = { false, false, false };
543  CTASSERT(ARRAY_LENGTH(have_resolved_once) == IDX_SIZE);
544 
545  bool *done_one_resolve;
546  bool have_hostname = false;
547  tor_addr_t *last_resolved;
548 
549  tor_assert(addr);
550 
551  /* Do we have an hostname. */
552  have_hostname = (hostname_used != NULL);
553 
554  int idx = af_to_idx(tor_addr_family(addr));
555  if (idx == IDX_NULL) {
556  /* Not suppose to happen and if it does, af_to_idx() screams loudly. */
557  return;
558  }
559 
560  /* Get values from cache. */
561  done_one_resolve = &have_resolved_once[idx];
562  last_resolved = &last_resolved_addrs[idx];
563 
564  /* Same address last resolved. Ignore. */
565  if (tor_addr_eq(last_resolved, addr)) {
566  return;
567  }
568 
569  /* Don't log notice if this is the first resolve we do. */
570  if (*done_one_resolve) {
571  /* Leave this as a notice, regardless of the requested severity,
572  * at least until dynamic IP address support becomes bulletproof. */
573  log_notice(LD_NET,
574  "Your IP address seems to have changed to %s "
575  "(METHOD=%s%s%s). Updating.",
576  fmt_addr(addr),
577  resolved_addr_method_to_str(method_used),
578  have_hostname ? " HOSTNAME=" : "",
579  have_hostname ? hostname_used : "");
581  }
582 
583  /* Notify control port. */
585  "EXTERNAL_ADDRESS ADDRESS=%s METHOD=%s%s%s",
586  fmt_addr(addr),
587  resolved_addr_method_to_str(method_used),
588  have_hostname ? " HOSTNAME=" : "",
589  have_hostname ? hostname_used : "");
590  /* Copy address to cache. */
591  tor_addr_copy(last_resolved, addr);
592  *done_one_resolve = true;
593 
594  /* Flag true if the address was configured. Else, indicate it was not. */
595  last_addrs_configured[idx] = false;
596  if (method_used == RESOLVED_ADDR_CONFIGURED ||
597  method_used == RESOLVED_ADDR_CONFIGURED_ORPORT) {
598  last_addrs_configured[idx] = true;
599  }
600 }
601 
602 /** Ease our lives. Typedef to the address discovery function signature. */
604  (*fn_address_t)(
605  const or_options_t *options, int warn_severity, int family,
606  resolved_addr_method_t *method_out, char **hostname_out,
607  tor_addr_t *addr_out);
608 
609 /** Address discovery function table. The order matters as in the first one is
610  * executed first and so on. */
612 {
613  /* These functions are in order for our find address algorithm. */
618 };
619 /** Length of address table as in how many functions. */
620 static const size_t fn_address_table_len =
622 
623 /* Address discover function table for authorities (bridge or directory).
624  *
625  * They only discover their address from either the configuration file or the
626  * ORPort. They do not query the interface nor do any DNS resolution for
627  * security reasons. */
628 static const fn_address_t fn_address_table_auth[] =
629 {
630  /* These functions are in order for our find address algorithm. */
633 };
634 /** Length of address table as in how many functions. */
635 static const size_t fn_address_table_auth_len =
636  ARRAY_LENGTH(fn_address_table_auth);
637 
638 /** @brief Attempt to find our IP address that can be used as our external
639  * reachable address.
640  *
641  * The following describe the algorithm to find an address. Each have
642  * specific conditions so read carefully.
643  *
644  * On success, true is returned and depending on how the address was found,
645  * the out parameters can have different values.
646  *
647  * On error, false is returned and out parameters are set to NULL.
648  *
649  * 1. Look at the configuration Address option.
650 
651  * If Address is a public address, True is returned and addr_out is set
652  * with it, the method_out is set to RESOLVED_ADDR_CONFIGURED and
653  * hostname_out is set to NULL.
654  *
655  * If Address is an internal address but NO custom authorities are used,
656  * an error is returned.
657  *
658  * If Address is a hostname, that is it can't be converted to an address,
659  * it is resolved. On success, addr_out is set with the address,
660  * method_out is set to RESOLVED_ADDR_RESOLVED and hostname_out is set
661  * to the resolved hostname. On failure to resolve, an error is returned.
662  *
663  * If no given Address, fallback to the network interface (see section 2).
664  *
665  * 2. Look at the network interface.
666  *
667  * Attempt to find the first public usable address from the list of
668  * network interfaces returned by the OS.
669  *
670  * On failure, we attempt to look at the local hostname (3).
671  *
672  * On success, addr_out is set with it, method_out is set to
673  * RESOLVED_ADDR_INTERFACE and hostname_out is set to NULL.
674  *
675  * 3. Look at the local hostname.
676  *
677  * If the local hostname resolves to a non internal address, addr_out is
678  * set with it, method_out is set to RESOLVED_ADDR_GETHOSTNAME and
679  * hostname_out is set to the resolved hostname.
680  *
681  * If a local hostname can NOT be found, an error is returned.
682  *
683  * If the local hostname resolves to an internal address, an error is
684  * returned.
685  *
686  * If the local hostname can NOT be resolved, an error is returned.
687  *
688  * @param options Global configuration options.
689  * @param family IP address family. Only AF_INET and AF_INET6 are supported.
690  * @param warn_severity Logging level.
691  * @param addr_out OUT: Set with the IP address found if any.
692  * @param method_out OUT: (optional) Method denoting how the address wa
693  * found. This is described in the control-spec.txt as
694  * actions for "STATUS_SERVER".
695  * @param hostname_out OUT: String containing the hostname if any was used.
696  * Only be set for RESOLVED and GETHOSTNAME methods.
697  * Else it is set to NULL.
698  *
699  * @return True if the address was found for the given family. False if not or
700  * on errors.
701  */
702 bool
703 find_my_address(const or_options_t *options, int family, int warn_severity,
704  tor_addr_t *addr_out, resolved_addr_method_t *method_out,
705  char **hostname_out)
706 {
707  resolved_addr_method_t method_used = RESOLVED_ADDR_NONE;
708  char *hostname_used = NULL;
709  tor_addr_t my_addr;
710  const fn_address_t *table = fn_address_table;
711  size_t table_len = fn_address_table_len;
712 
713  tor_assert(options);
714  tor_assert(addr_out);
715 
716  /* Set them to NULL for safety reasons. */
717  tor_addr_make_unspec(addr_out);
718  if (method_out) *method_out = RESOLVED_ADDR_NONE;
719  if (hostname_out) *hostname_out = NULL;
720 
721  /* If an IPv6 is requested, check if IPv6 address discovery is disabled and
722  * if so we always return a failure. It is done here so we don't populate
723  * the resolve cache or do any DNS resolution. */
724  if (family == AF_INET6 && options->AddressDisableIPv6) {
725  return false;
726  }
727 
728  /* For authorities (bridge and directory), we use a different table. */
729  if (authdir_mode(options)) {
730  table = fn_address_table_auth;
731  table_len = fn_address_table_auth_len;
732  }
733 
734  /*
735  * Step 1: Discover address by calling methods from the function table.
736  */
737 
738  /* Go over the function table. They are in order. */
739  for (size_t idx = 0; idx < table_len; idx++) {
740  fn_address_ret_t ret = table[idx](options, warn_severity, family,
741  &method_used, &hostname_used, &my_addr);
742  if (ret == FN_RET_BAIL) {
743  return false;
744  } else if (ret == FN_RET_OK) {
745  goto found;
746  }
747  tor_assert(ret == FN_RET_NEXT);
748  }
749 
750  /* We've exhausted our attempts. Failure. */
751  log_fn(warn_severity, LD_CONFIG, "Unable to find our IP address.");
752  return false;
753 
754  found:
755  /*
756  * Step 2: Update last resolved address cache and inform the control port.
757  */
758  resolved_addr_set_last(&my_addr, method_used, hostname_used);
759 
760  if (method_out) {
761  *method_out = method_used;
762  }
763  if (hostname_out) {
764  *hostname_out = hostname_used;
765  } else {
766  tor_free(hostname_used);
767  }
768 
769  tor_addr_copy(addr_out, &my_addr);
770  return true;
771 }
772 
773 /** @brief: Return true iff the given addr is judged to be local to our
774  * resolved address.
775  *
776  * This function is used to tell whether another address is 'remote' enough
777  * that we can trust it when it tells us that we are reachable, or that we
778  * have a certain address.
779  *
780  * The criterion to learn if the address is local are the following:
781  *
782  * 1. Internal address.
783  * 2. If EnforceDistinctSubnets is set then it is never local.
784  * 3. Network mask is compared. IPv4: /24 and IPv6 /48. This is different
785  * from the path selection that looks at /16 and /32 because we only
786  * want to learn here if the address is considered to come from the
787  * Internet basically.
788  *
789  * @param addr The address to test if local and also test against our resovled
790  * address.
791  *
792  * @return True iff address is considered local or else False.
793  */
794 MOCK_IMPL(bool,
796 {
797  const int family = tor_addr_family(addr);
798  const tor_addr_t *last_resolved_addr =
799  &last_resolved_addrs[af_to_idx(family)];
800 
801  /* Internal address is always local. */
802  if (tor_addr_is_internal(addr, 0)) {
803  return true;
804  }
805 
806  /* Address is not local if we don't enforce subnet distinction. */
807  if (get_options()->EnforceDistinctSubnets == 0) {
808  return false;
809  }
810 
811  switch (family) {
812  case AF_INET:
813  /* It's possible that this next check will hit before the first time
814  * find_my_address actually succeeds. For clients, it is likely that
815  * find_my_address will never be called at all. In those cases,
816  * last_resolved_addr_v4 will be 0, and so checking to see whether ip is
817  * on the same /24 as last_resolved_addrs[AF_INET] will be the same as
818  * checking whether it was on net 0, which is already done by
819  * tor_addr_is_internal. */
820  return tor_addr_compare_masked(addr, last_resolved_addr, 24,
821  CMP_SEMANTIC) == 0;
822  case AF_INET6:
823  /* Look at /48 because it is typically the smallest network in the global
824  * IPv6 routing tables, and it was previously the recommended per-customer
825  * network block. (See [RFC 6177: IPv6 End Site Address Assignment].) */
826  return tor_addr_compare_masked(addr, last_resolved_addr, 48,
827  CMP_SEMANTIC) == 0;
828  break;
829  default:
830  /* Unknown address type so not local. */
831  return false;
832  }
833 }
834 
835 #ifdef TOR_UNIT_TESTS
836 
837 void
838 resolve_addr_reset_suggested(int family)
839 {
840  tor_addr_make_unspec(&last_suggested_addrs[af_to_idx(family)]);
841 }
842 
843 #endif /* TOR_UNIT_TESTS */
log_fn
#define log_fn(severity, domain, args,...)
Definition: log.h:283
get_interface_address6
int get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr)
Definition: address.c:1723
tor_free
#define tor_free(p)
Definition: malloc.h:52
tor_addr_family
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:187
last_suggested_addrs
static tor_addr_t last_suggested_addrs[]
Definition: resolve_addr.c:54
tor_addr_make_null
void tor_addr_make_null(tor_addr_t *a, sa_family_t family)
Definition: address.c:235
resolved_addr_reset_last
void resolved_addr_reset_last(int family)
Definition: resolve_addr.c:159
tor_addr_t
Definition: address.h:69
LOG_NOTICE
#define LOG_NOTICE
Definition: log.h:50
MOCK_IMPL
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
tor_assert
#define tor_assert(expr)
Definition: util_bug.h:102
last_addrs_configured
static bool last_addrs_configured[]
Definition: resolve_addr.c:60
tor_addr_lookup
int tor_addr_lookup(const char *name, uint16_t family, tor_addr_t *addr)
Definition: resolve.c:190
find_my_address
bool find_my_address(const or_options_t *options, int family, int warn_severity, tor_addr_t *addr_out, resolved_addr_method_t *method_out, char **hostname_out)
Attempt to find our IP address that can be used as our external reachable address.
Definition: resolve_addr.c:703
tor_addr_make_unspec
void tor_addr_make_unspec(tor_addr_t *a)
Definition: address.c:225
get_address_from_interface
static fn_address_ret_t get_address_from_interface(const or_options_t *options, int warn_severity, int family, resolved_addr_method_t *method_out, char **hostname_out, tor_addr_t *addr_out)
Get IP address from a network interface.
Definition: resolve_addr.c:423
resolved_addr_method_t
resolved_addr_method_t
Definition: resolve_addr.h:19
resolved_addr_is_configured
bool resolved_addr_is_configured(int family)
Definition: resolve_addr.c:109
get_address_from_orport
static fn_address_ret_t get_address_from_orport(const or_options_t *options, int warn_severity, int family, resolved_addr_method_t *method_out, char **hostname_out, tor_addr_t *addr_out)
Get IP address from the ORPort (if any).
Definition: resolve_addr.c:474
gethostname.h
Header for gethostname.c.
mainloop.h
Header file for mainloop.c.
resolved_addr_get_suggested
void resolved_addr_get_suggested(int family, tor_addr_t *addr_out)
Definition: resolve_addr.c:119
resolve.h
Header for resolve.c.
tor_assert_nonfatal_unreached
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:176
control_event_server_status
int control_event_server_status(int severity, const char *format,...)
Definition: control_events.c:1796
ERR_DEFAULT_DIRAUTH
#define ERR_DEFAULT_DIRAUTH
Definition: resolve_addr.c:166
get_address_from_hostname
static fn_address_ret_t get_address_from_hostname(const or_options_t *options, int warn_severity, int family, resolved_addr_method_t *method_out, char **hostname_out, tor_addr_t *addr_out)
Get IP address from the local hostname by calling gethostbyname() and doing a DNS resolution on the h...
Definition: resolve_addr.c:360
authmode.h
Header file for directory authority mode.
resolved_addr_set_last
void resolved_addr_set_last(const tor_addr_t *addr, const resolved_addr_method_t method_used, const char *hostname_used)
Set the last resolved address cache using the given address.
Definition: resolve_addr.c:537
LD_CONFIG
#define LD_CONFIG
Definition: log.h:68
CTASSERT
#define CTASSERT(x)
Definition: ctassert.h:44
last_resolved_addrs
static tor_addr_t last_resolved_addrs[]
Definition: resolve_addr.c:46
tor_addr_parse
int tor_addr_parse(tor_addr_t *addr, const char *src)
Definition: address.c:1349
ARRAY_LENGTH
#define ARRAY_LENGTH(x)
Definition: compat_compiler.h:222
fmt_addr
#define fmt_addr(a)
Definition: address.h:239
fn_address_table_auth_len
static const size_t fn_address_table_auth_len
Definition: resolve_addr.c:635
control_events.h
Header file for control_events.c.
get_options
const or_options_t * get_options(void)
Definition: config.c:932
MAX_CONFIG_ADDRESS
#define MAX_CONFIG_ADDRESS
Definition: resolve_addr.c:24
resolve_addr.h
Header file for resolve_addr.c.
resolved_addr_set_suggested
void resolved_addr_set_suggested(const tor_addr_t *addr)
Definition: resolve_addr.c:127
fn_address_table_len
static const size_t fn_address_table_len
Definition: resolve_addr.c:620
IDX_NULL
#define IDX_NULL
Definition: resolve_addr.c:28
confline.h
Header for confline.c.
ip_address_changed
void ip_address_changed(int on_client_conn)
Definition: mainloop.c:2288
tor_addr_is_null
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:780
or_options_t::AddressDisableIPv6
int AddressDisableIPv6
Definition: or_options_st.h:104
fn_address_ret_t
fn_address_ret_t
Definition: resolve_addr.c:34
tor_gethostname
int tor_gethostname(char *name, size_t namelen)
Definition: gethostname.c:27
fmt_af_family
const char * fmt_af_family(sa_family_t family)
Definition: address.c:1246
fn_address_table
static const fn_address_t fn_address_table[]
Definition: resolve_addr.c:611
config_line_t
Definition: confline.h:29
config.h
Header file for config.c.
address_can_be_used
static int address_can_be_used(const tor_addr_t *addr, const or_options_t *options, int warn_severity, const bool explicit_ip)
Return true iff the given IP address can be used as a valid external resolved address.
Definition: resolve_addr.c:186
LD_NET
#define LD_NET
Definition: log.h:66
or_options_t::Address
struct config_line_t * Address
Definition: or_options_st.h:100
get_address_from_config
static fn_address_ret_t get_address_from_config(const or_options_t *options, int warn_severity, int family, resolved_addr_method_t *method_out, char **hostname_out, tor_addr_t *addr_out)
Get IP address from the given config line and for a specific address family.
Definition: resolve_addr.c:241
or_options_t
Definition: or_options_st.h:64
is_local_to_resolve_addr
bool is_local_to_resolve_addr(const tor_addr_t *addr)
: Return true iff the given addr is judged to be local to our resolved address.
Definition: resolve_addr.c:795
resolved_addr_get_last
void resolved_addr_get_last(int family, tor_addr_t *addr_out)
Definition: resolve_addr.c:150
tor_addr_compare_masked
int tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2, maskbits_t mbits, tor_addr_comparison_t how)
Definition: address.c:1005
tor_addr_eq
#define tor_addr_eq(a, b)
Definition: address.h:280
fn_address_t
fn_address_ret_t(* fn_address_t)(const or_options_t *options, int warn_severity, int family, resolved_addr_method_t *method_out, char **hostname_out, tor_addr_t *addr_out)
Definition: resolve_addr.c:604
authdir_mode
int authdir_mode(const or_options_t *options)
Definition: authmode.c:25
tor_addr_copy
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:933
resolved_addr_method_to_str
const char * resolved_addr_method_to_str(const resolved_addr_method_t method)
Definition: resolve_addr.c:81