Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
/* Copyright 2001,2002 Roger Dingledine, Matej Pfajfar. */
|
|
|
|
|
/* See LICENSE for licensing information */
|
2002-06-27 00:45:49 +02:00
|
|
|
/* $Id$ */
|
|
|
|
|
|
|
|
|
|
#ifndef __OR_H
|
|
|
|
|
#define __OR_H
|
|
|
|
|
|
2002-09-03 20:44:24 +02:00
|
|
|
#include "orconfig.h"
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
2002-09-09 06:10:58 +02:00
|
|
|
#include <limits.h>
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <signal.h>
|
|
|
|
|
#include <netdb.h>
|
|
|
|
|
#include <ctype.h>
|
2002-09-10 15:32:27 +02:00
|
|
|
#ifdef HAVE_STDINT_H
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
#endif
|
2002-09-03 20:44:24 +02:00
|
|
|
#ifdef HAVE_SYS_POLL_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <sys/poll.h>
|
2002-09-03 20:44:24 +02:00
|
|
|
#elif HAVE_POLL_H
|
|
|
|
|
#include <poll.h>
|
|
|
|
|
#else
|
|
|
|
|
#include "../common/fakepoll.h"
|
|
|
|
|
#endif
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <sys/types.h>
|
|
|
|
|
#include <sys/fcntl.h>
|
|
|
|
|
#include <sys/ioctl.h>
|
|
|
|
|
#include <sys/socket.h>
|
|
|
|
|
#include <sys/time.h>
|
2002-09-24 12:43:57 +02:00
|
|
|
#include <sys/stat.h>
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <netinet/in.h>
|
|
|
|
|
#include <arpa/inet.h>
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <assert.h>
|
2002-08-22 09:30:03 +02:00
|
|
|
#include <time.h>
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
#include "../common/config.h"
|
2002-08-22 09:30:03 +02:00
|
|
|
#include "../common/crypto.h"
|
2002-06-27 00:45:49 +02:00
|
|
|
#include "../common/log.h"
|
|
|
|
|
#include "../common/ss.h"
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
#include "../common/version.h"
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
#define MAXCONNECTIONS 200 /* upper bound on max connections.
|
|
|
|
|
can be overridden by config file */
|
|
|
|
|
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
#define MAX_BUF_SIZE (640*1024)
|
2002-09-22 13:09:07 +02:00
|
|
|
#define DEFAULT_BANDWIDTH_OP 102400
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
#define ACI_TYPE_LOWER 0
|
|
|
|
|
#define ACI_TYPE_HIGHER 1
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
#define ACI_TYPE_BOTH 2
|
|
|
|
|
|
|
|
|
|
/* bitvector of the roles that we might want to play. You can or (|) them together */
|
|
|
|
|
#define ROLE_OR_LISTEN 1
|
|
|
|
|
#define ROLE_OR_CONNECT_ALL 2
|
|
|
|
|
#define ROLE_OP_LISTEN 4
|
|
|
|
|
#define ROLE_AP_LISTEN 8
|
2002-09-26 14:09:10 +02:00
|
|
|
#define ROLE_DIR_LISTEN 16
|
|
|
|
|
#define ROLE_DIR_SERVER 32
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-09-04 08:29:28 +02:00
|
|
|
#define ROLE_IS_OR(role) ((role & ROLE_OR_LISTEN) || (role & ROLE_OR_CONNECT_ALL) || (role & ROLE_OP_LISTEN))
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
#define CONN_TYPE_OP_LISTENER 1
|
|
|
|
|
#define CONN_TYPE_OP 2
|
|
|
|
|
#define CONN_TYPE_OR_LISTENER 3
|
|
|
|
|
#define CONN_TYPE_OR 4
|
2002-06-30 09:37:49 +02:00
|
|
|
#define CONN_TYPE_EXIT 5
|
|
|
|
|
#define CONN_TYPE_AP_LISTENER 6
|
|
|
|
|
#define CONN_TYPE_AP 7
|
2002-09-26 14:09:10 +02:00
|
|
|
#define CONN_TYPE_DIR_LISTENER 8
|
|
|
|
|
#define CONN_TYPE_DIR 9
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
#define LISTENER_STATE_READY 0
|
|
|
|
|
|
|
|
|
|
#define OP_CONN_STATE_AWAITING_KEYS 0
|
|
|
|
|
#define OP_CONN_STATE_OPEN 1
|
|
|
|
|
#if 0
|
|
|
|
|
#define OP_CONN_STATE_CLOSE 2 /* flushing the buffer, then will close */
|
|
|
|
|
#define OP_CONN_STATE_CLOSE_WAIT 3 /* have sent a destroy, awaiting a confirmation */
|
|
|
|
|
#endif
|
|
|
|
|
|
2002-06-30 09:37:49 +02:00
|
|
|
/* how to read these states:
|
|
|
|
|
* foo_CONN_STATE_bar_baz:
|
|
|
|
|
* "I am acting as a bar, currently in stage baz of talking with a foo."
|
|
|
|
|
*/
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
#define OR_CONN_STATE_OP_CONNECTING 0 /* an application proxy wants me to connect to this OR */
|
2002-06-30 09:37:49 +02:00
|
|
|
#define OR_CONN_STATE_OP_SENDING_KEYS 1
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
#define OR_CONN_STATE_CLIENT_CONNECTING 2 /* I'm connecting to this OR as an OR */
|
2002-06-30 09:37:49 +02:00
|
|
|
#define OR_CONN_STATE_CLIENT_SENDING_AUTH 3 /* sending address and info */
|
|
|
|
|
#define OR_CONN_STATE_CLIENT_AUTH_WAIT 4 /* have sent address and info, waiting */
|
|
|
|
|
#define OR_CONN_STATE_CLIENT_SENDING_NONCE 5 /* sending nonce, last piece of handshake */
|
|
|
|
|
#define OR_CONN_STATE_SERVER_AUTH_WAIT 6 /* waiting for address and info */
|
|
|
|
|
#define OR_CONN_STATE_SERVER_SENDING_AUTH 7 /* writing auth and nonce */
|
|
|
|
|
#define OR_CONN_STATE_SERVER_NONCE_WAIT 8 /* waiting for confirmation of nonce */
|
|
|
|
|
#define OR_CONN_STATE_OPEN 9 /* ready to send/receive cells. */
|
|
|
|
|
|
|
|
|
|
#define EXIT_CONN_STATE_CONNECTING_WAIT 0 /* waiting for standard structure or dest info */
|
|
|
|
|
#define EXIT_CONN_STATE_CONNECTING 1
|
|
|
|
|
#define EXIT_CONN_STATE_OPEN 2
|
2002-06-27 00:45:49 +02:00
|
|
|
#if 0
|
2002-06-30 09:37:49 +02:00
|
|
|
#define EXIT_CONN_STATE_CLOSE 3 /* flushing the buffer, then will close */
|
|
|
|
|
#define EXIT_CONN_STATE_CLOSE_WAIT 4 /* have sent a destroy, awaiting a confirmation */
|
2002-06-27 00:45:49 +02:00
|
|
|
#endif
|
|
|
|
|
|
2002-09-22 13:09:07 +02:00
|
|
|
#define AP_CONN_STATE_SOCKS_WAIT 0
|
2002-06-30 09:37:49 +02:00
|
|
|
#define AP_CONN_STATE_OR_WAIT 1
|
|
|
|
|
#define AP_CONN_STATE_OPEN 2
|
|
|
|
|
|
2002-09-26 14:09:10 +02:00
|
|
|
#define DIR_CONN_STATE_CONNECTING 0
|
|
|
|
|
#define DIR_CONN_STATE_SENDING_COMMAND 1
|
|
|
|
|
#define DIR_CONN_STATE_READING 2
|
|
|
|
|
#define DIR_CONN_STATE_COMMAND_WAIT 3
|
|
|
|
|
#define DIR_CONN_STATE_WRITING 4
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
#define CIRCUIT_STATE_OPEN_WAIT 0 /* receiving/processing the onion */
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
#define CIRCUIT_STATE_OR_WAIT 1 /* I'm at the beginning of the path, my firsthop is still connecting */
|
|
|
|
|
#define CIRCUIT_STATE_OPEN 2 /* onion processed, ready to send data along the connection */
|
|
|
|
|
#define CIRCUIT_STATE_CLOSE_WAIT1 3 /* sent two "destroy" signals, waiting for acks */
|
|
|
|
|
#define CIRCUIT_STATE_CLOSE_WAIT2 4 /* received one ack, waiting for one more
|
2002-06-27 00:45:49 +02:00
|
|
|
(or if just one was sent, waiting for that one */
|
|
|
|
|
//#define CIRCUIT_STATE_CLOSE 4 /* both acks received, connection is dead */ /* NOT USED */
|
|
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
/* available cipher functions */
|
|
|
|
|
#define ONION_CIPHER_IDENTITY 0
|
|
|
|
|
#define ONION_CIPHER_DES 1
|
|
|
|
|
#define ONION_CIPHER_RC4 2
|
|
|
|
|
|
|
|
|
|
/* default cipher function */
|
|
|
|
|
#define ONION_DEFAULT_CIPHER ONION_CIPHER_DES
|
|
|
|
|
|
2002-07-18 08:37:58 +02:00
|
|
|
#define RECEIVE_WINDOW_START 100
|
|
|
|
|
#define RECEIVE_WINDOW_INCREMENT 10
|
|
|
|
|
|
2002-07-19 20:48:28 +02:00
|
|
|
/* cell commands */
|
|
|
|
|
#define CELL_PADDING 0
|
|
|
|
|
#define CELL_CREATE 1
|
|
|
|
|
#define CELL_DATA 2
|
|
|
|
|
#define CELL_DESTROY 3
|
|
|
|
|
#define CELL_ACK 4
|
|
|
|
|
#define CELL_NACK 5
|
|
|
|
|
#define CELL_SENDME 6
|
2002-09-17 10:14:37 +02:00
|
|
|
#define CELL_CONNECTED 7
|
2002-07-19 20:48:28 +02:00
|
|
|
|
|
|
|
|
#define CELL_PAYLOAD_SIZE 120
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
typedef uint16_t aci_t;
|
|
|
|
|
|
2002-07-19 20:48:28 +02:00
|
|
|
/* cell definition */
|
|
|
|
|
typedef struct
|
|
|
|
|
{
|
|
|
|
|
aci_t aci; /* Anonymous Connection Identifier */
|
|
|
|
|
unsigned char command;
|
|
|
|
|
unsigned char length; /* of payload if data cell, else value of sendme */
|
|
|
|
|
uint32_t seq; /* sequence number */
|
|
|
|
|
unsigned char payload[120];
|
|
|
|
|
} cell_t;
|
|
|
|
|
|
2002-09-22 13:09:07 +02:00
|
|
|
#define SOCKS4_REQUEST_GRANTED 90
|
|
|
|
|
#define SOCKS4_REQUEST_REJECT 91
|
|
|
|
|
#define SOCKS4_REQUEST_IDENT_FAILED 92
|
|
|
|
|
#define SOCKS4_REQUEST_IDENT_CONFLICT 93
|
|
|
|
|
|
|
|
|
|
/* structure of a socks client operation */
|
|
|
|
|
typedef struct {
|
|
|
|
|
unsigned char version; /* socks version number */
|
|
|
|
|
unsigned char command; /* command code */
|
|
|
|
|
unsigned char destport[2]; /* destination port, network order */
|
|
|
|
|
unsigned char destip[4]; /* destination address */
|
|
|
|
|
/* userid follows, terminated by a NULL */
|
|
|
|
|
/* dest host follows, terminated by a NULL */
|
|
|
|
|
} socks4_t;
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
typedef struct
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
/* Used by all types: */
|
|
|
|
|
|
|
|
|
|
unsigned char type;
|
|
|
|
|
int state;
|
|
|
|
|
int s; /* our socket */
|
|
|
|
|
int poll_index;
|
|
|
|
|
int marked_for_close;
|
|
|
|
|
|
|
|
|
|
char *inbuf;
|
2002-08-24 06:59:21 +02:00
|
|
|
int inbuflen;
|
|
|
|
|
int inbuf_datalen;
|
2002-06-27 00:45:49 +02:00
|
|
|
int inbuf_reached_eof;
|
|
|
|
|
|
|
|
|
|
char *outbuf;
|
2002-08-24 06:59:21 +02:00
|
|
|
int outbuflen; /* how many bytes are allocated for the outbuf? */
|
|
|
|
|
int outbuf_flushlen; /* how much data should we try to flush from the outbuf? */
|
|
|
|
|
int outbuf_datalen; /* how much data is there total on the outbuf? */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
// uint16_t aci; /* anonymous connection identifier */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
/* used by OR and OP: */
|
|
|
|
|
|
|
|
|
|
uint32_t bandwidth; /* connection bandwidth */
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
int receiver_bucket; /* when this hits 0, stop receiving. Every second we
|
|
|
|
|
* add 'bandwidth' to this, capping it at 10*bandwidth.
|
|
|
|
|
*/
|
|
|
|
|
struct timeval send_timeval; /* for determining when to send the next cell */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
/* link encryption */
|
2002-08-22 09:30:03 +02:00
|
|
|
crypto_cipher_env_t *f_crypto;
|
|
|
|
|
crypto_cipher_env_t *b_crypto;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
// struct timeval lastsend; /* time of last transmission to the client */
|
|
|
|
|
// struct timeval interval; /* transmission interval */
|
|
|
|
|
|
|
|
|
|
uint32_t addr; /* these two uniquely identify a router */
|
|
|
|
|
uint16_t port;
|
|
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
/* used by exit and ap: */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-09-22 13:09:07 +02:00
|
|
|
// ss_t ss; /* standard structure */
|
|
|
|
|
// int ss_received; /* size of ss, received so far */
|
|
|
|
|
|
|
|
|
|
char socks_version;
|
|
|
|
|
char read_username;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2002-09-22 13:09:07 +02:00
|
|
|
char *dest_addr;
|
|
|
|
|
uint16_t dest_port;
|
2002-09-23 03:04:59 +02:00
|
|
|
|
|
|
|
|
char dest_tmp[512];
|
|
|
|
|
int dest_tmplen;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
/* used by OR, to keep state while connect()ing: Kludge. */
|
|
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
crypto_pk_env_t *prkey;
|
2002-06-27 00:45:49 +02:00
|
|
|
struct sockaddr_in local;
|
|
|
|
|
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
#if 0 /* obsolete, we now use conn->bandwidth */
|
|
|
|
|
/* link info */
|
2002-06-27 00:45:49 +02:00
|
|
|
uint32_t min;
|
|
|
|
|
uint32_t max;
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
#endif
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
char *address; /* strdup into this, because free_connection frees it */
|
2002-08-22 09:30:03 +02:00
|
|
|
crypto_pk_env_t *pkey; /* public RSA key for the other side */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
char nonce[8];
|
|
|
|
|
|
|
|
|
|
} connection_t;
|
|
|
|
|
|
|
|
|
|
/* config stuff we know about the other ORs in the network */
|
|
|
|
|
typedef struct
|
|
|
|
|
{
|
|
|
|
|
char *address;
|
|
|
|
|
|
|
|
|
|
uint32_t addr;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
uint16_t or_port;
|
|
|
|
|
uint16_t op_port;
|
|
|
|
|
uint16_t ap_port;
|
2002-09-24 12:43:57 +02:00
|
|
|
uint16_t dir_port;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
crypto_pk_env_t *pkey; /* public RSA key */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
/* link info */
|
2002-09-24 12:43:57 +02:00
|
|
|
uint32_t bandwidth;
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
// struct timeval min_interval;
|
|
|
|
|
|
|
|
|
|
/* time when last data was sent to that router */
|
|
|
|
|
// struct timeval lastsend;
|
|
|
|
|
|
|
|
|
|
/* socket */
|
|
|
|
|
// int s;
|
|
|
|
|
|
|
|
|
|
void *next;
|
|
|
|
|
} routerinfo_t;
|
|
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
typedef struct
|
|
|
|
|
{
|
|
|
|
|
unsigned int forwf;
|
|
|
|
|
unsigned int backf;
|
|
|
|
|
char digest2[20]; /* second SHA output for onion_layer_t.keyseed */
|
|
|
|
|
char digest3[20]; /* third SHA output for onion_layer_t.keyseed */
|
|
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
/* crypto environments */
|
|
|
|
|
crypto_cipher_env_t *f_crypto;
|
|
|
|
|
crypto_cipher_env_t *b_crypto;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
} crypt_path_t;
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/* per-anonymous-connection struct */
|
|
|
|
|
typedef struct
|
|
|
|
|
{
|
|
|
|
|
#if 0
|
|
|
|
|
uint32_t p_addr; /* all in network order */
|
|
|
|
|
uint16_t p_port;
|
|
|
|
|
#endif
|
|
|
|
|
uint32_t n_addr;
|
|
|
|
|
uint16_t n_port;
|
|
|
|
|
connection_t *p_conn;
|
|
|
|
|
connection_t *n_conn;
|
2002-07-18 08:37:58 +02:00
|
|
|
int n_receive_window;
|
|
|
|
|
int p_receive_window;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
aci_t p_aci; /* connection identifiers */
|
|
|
|
|
aci_t n_aci;
|
|
|
|
|
|
|
|
|
|
unsigned char p_f; /* crypto functions */
|
|
|
|
|
unsigned char n_f;
|
|
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
crypto_cipher_env_t *p_crypto; /* crypto environments */
|
|
|
|
|
crypto_cipher_env_t *n_crypto;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
crypt_path_t **cpath;
|
2002-08-24 06:59:21 +02:00
|
|
|
int cpathlen;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
uint32_t expire; /* expiration time for the corresponding onion */
|
|
|
|
|
|
|
|
|
|
int state;
|
|
|
|
|
|
|
|
|
|
unsigned char *onion; /* stores the onion when state is CONN_STATE_OPEN_WAIT */
|
|
|
|
|
uint32_t onionlen; /* total onion length */
|
|
|
|
|
uint32_t recvlen; /* length of the onion so far */
|
|
|
|
|
|
|
|
|
|
void *next;
|
|
|
|
|
} circuit_t;
|
|
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
typedef struct
|
|
|
|
|
{
|
|
|
|
|
int zero:1;
|
|
|
|
|
int version:7;
|
|
|
|
|
int backf:4;
|
|
|
|
|
int forwf:4;
|
|
|
|
|
uint16_t port;
|
|
|
|
|
uint32_t addr;
|
|
|
|
|
time_t expire;
|
|
|
|
|
unsigned char keyseed[16];
|
|
|
|
|
} onion_layer_t;
|
|
|
|
|
|
|
|
|
|
typedef struct
|
|
|
|
|
{
|
|
|
|
|
time_t expire;
|
|
|
|
|
char digest[20]; /* SHA digest of the onion */
|
|
|
|
|
void *prev;
|
|
|
|
|
void *next;
|
|
|
|
|
} tracked_onion_t;
|
|
|
|
|
|
2002-07-03 18:31:22 +02:00
|
|
|
typedef struct
|
|
|
|
|
{
|
|
|
|
|
char *LogLevel;
|
|
|
|
|
char *RouterFile;
|
|
|
|
|
char *PrivateKeyFile;
|
|
|
|
|
float CoinWeight;
|
|
|
|
|
int ORPort;
|
|
|
|
|
int OPPort;
|
|
|
|
|
int APPort;
|
2002-09-26 14:09:10 +02:00
|
|
|
int DirPort;
|
2002-07-03 18:31:22 +02:00
|
|
|
int MaxConn;
|
|
|
|
|
int TrafficShaping;
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
int LinkPadding;
|
2002-09-26 14:09:10 +02:00
|
|
|
int DirRebuildPeriod;
|
|
|
|
|
int DirFetchPeriod;
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
int Role;
|
2002-07-11 16:50:26 +02:00
|
|
|
int loglevel;
|
2002-07-03 18:31:22 +02:00
|
|
|
} or_options_t;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/* all the function prototypes go here */
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/********************************* buffers.c ***************************/
|
|
|
|
|
|
2002-08-24 06:59:21 +02:00
|
|
|
int buf_new(char **buf, int *buflen, int *buf_datalen);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-06-30 09:37:49 +02:00
|
|
|
void buf_free(char *buf);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-08-24 06:59:21 +02:00
|
|
|
int read_to_buf(int s, int at_most, char **buf, int *buflen, int *buf_datalen, int *reached_eof);
|
2002-06-27 00:45:49 +02:00
|
|
|
/* grab from s, put onto buf, return how many bytes read */
|
|
|
|
|
|
2002-08-24 06:59:21 +02:00
|
|
|
int flush_buf(int s, char **buf, int *buflen, int *buf_flushlen, int *buf_datalen);
|
2002-06-27 00:45:49 +02:00
|
|
|
/* push from buf onto s
|
|
|
|
|
* then memmove to front of buf
|
|
|
|
|
* return -1 or how many bytes remain on the buf */
|
|
|
|
|
|
2002-08-24 06:59:21 +02:00
|
|
|
int write_to_buf(char *string, int string_len,
|
|
|
|
|
char **buf, int *buflen, int *buf_datalen);
|
2002-06-27 00:45:49 +02:00
|
|
|
/* append string to buf (growing as needed, return -1 if "too big")
|
|
|
|
|
* return total number of bytes on the buf
|
|
|
|
|
*/
|
|
|
|
|
|
2002-08-24 06:59:21 +02:00
|
|
|
int fetch_from_buf(char *string, int string_len,
|
|
|
|
|
char **buf, int *buflen, int *buf_datalen);
|
2002-06-27 00:45:49 +02:00
|
|
|
/* if there is string_len bytes in buf, write them onto string,
|
|
|
|
|
* * then memmove buf back (that is, remove them from buf) */
|
|
|
|
|
|
|
|
|
|
/********************************* cell.c ***************************/
|
|
|
|
|
|
2002-07-19 20:48:28 +02:00
|
|
|
int pack_create(uint16_t aci, unsigned char *onion, uint32_t onionlen, unsigned char **cellbuf, unsigned int *cellbuflen);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
/********************************* circuit.c ***************************/
|
|
|
|
|
|
|
|
|
|
void circuit_add(circuit_t *circ);
|
|
|
|
|
void circuit_remove(circuit_t *circ);
|
|
|
|
|
|
|
|
|
|
circuit_t *circuit_new(aci_t p_aci, connection_t *p_conn);
|
|
|
|
|
|
|
|
|
|
/* internal */
|
|
|
|
|
aci_t get_unique_aci_by_addr_port(uint32_t addr, uint16_t port, int aci_type);
|
|
|
|
|
|
|
|
|
|
circuit_t *circuit_get_by_aci_conn(aci_t aci, connection_t *conn);
|
|
|
|
|
circuit_t *circuit_get_by_conn(connection_t *conn);
|
2002-09-24 12:43:57 +02:00
|
|
|
circuit_t *circuit_enumerate_by_naddr_nport(circuit_t *start, uint32_t naddr, uint16_t nport);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
int circuit_deliver_data_cell(cell_t *cell, circuit_t *circ, connection_t *conn, int crypt_type);
|
2002-08-24 06:59:21 +02:00
|
|
|
int circuit_crypt(circuit_t *circ, char *in, int inlen, char crypt_type);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
int circuit_init(circuit_t *circ, int aci_type);
|
|
|
|
|
void circuit_free(circuit_t *circ);
|
2002-08-24 06:59:21 +02:00
|
|
|
void circuit_free_cpath(crypt_path_t **cpath, int cpathlen);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
void circuit_close(circuit_t *circ);
|
|
|
|
|
|
|
|
|
|
void circuit_about_to_close_connection(connection_t *conn);
|
|
|
|
|
/* flush and send destroys for all circuits using conn */
|
|
|
|
|
|
2002-09-22 00:41:48 +02:00
|
|
|
void circuit_dump_by_conn(connection_t *conn);
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/********************************* command.c ***************************/
|
|
|
|
|
|
|
|
|
|
void command_process_cell(cell_t *cell, connection_t *conn);
|
|
|
|
|
|
|
|
|
|
void command_process_create_cell(cell_t *cell, connection_t *conn);
|
2002-07-18 08:37:58 +02:00
|
|
|
void command_process_sendme_cell(cell_t *cell, connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
void command_process_data_cell(cell_t *cell, connection_t *conn);
|
|
|
|
|
void command_process_destroy_cell(cell_t *cell, connection_t *conn);
|
2002-09-17 10:14:37 +02:00
|
|
|
void command_process_connected_cell(cell_t *cell, connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
/********************************* config.c ***************************/
|
|
|
|
|
|
|
|
|
|
/* loads the configuration file */
|
|
|
|
|
int getconfig(char *filename, config_opt_t *options);
|
|
|
|
|
|
2002-07-03 18:31:22 +02:00
|
|
|
/* create or_options_t from command-line args and config files(s) */
|
|
|
|
|
int getoptions(int argc, char **argv, or_options_t *options);
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/********************************* connection.c ***************************/
|
|
|
|
|
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
int tv_cmp(struct timeval *a, struct timeval *b);
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
connection_t *connection_new(int type);
|
|
|
|
|
|
|
|
|
|
void connection_free(connection_t *conn);
|
|
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
int connection_create_listener(crypto_pk_env_t *prkey, struct sockaddr_in *local, int type);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
int connection_handle_listener_read(connection_t *conn, int new_type, int new_state);
|
|
|
|
|
|
|
|
|
|
/* start all connections that should be up but aren't */
|
2002-09-26 14:09:10 +02:00
|
|
|
int retry_all_connections(int role, crypto_pk_env_t *prkey, uint16_t or_listenport,
|
|
|
|
|
uint16_t op_listenport, uint16_t ap_listenport, uint16_t dir_listenport);
|
2002-09-04 08:29:28 +02:00
|
|
|
connection_t *connection_connect_to_router_as_op(routerinfo_t *router, uint16_t local_or_port);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
int connection_read_to_buf(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int connection_fetch_from_buf(char *string, int len, connection_t *conn);
|
|
|
|
|
|
2002-07-18 08:37:58 +02:00
|
|
|
int connection_outbuf_too_full(connection_t *conn);
|
|
|
|
|
int connection_wants_to_flush(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
int connection_flush_buf(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int connection_write_to_buf(char *string, int len, connection_t *conn);
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
void connection_send_cell(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int connection_receiver_bucket_should_increase(connection_t *conn);
|
|
|
|
|
void connection_increment_receiver_bucket (connection_t *conn);
|
|
|
|
|
|
|
|
|
|
void connection_increment_send_timeval(connection_t *conn);
|
|
|
|
|
void connection_init_timeval(connection_t *conn);
|
|
|
|
|
|
2002-07-18 08:37:58 +02:00
|
|
|
int connection_speaks_cells(connection_t *conn);
|
2002-09-22 00:41:48 +02:00
|
|
|
int connection_is_listener(connection_t *conn);
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
int connection_state_is_open(connection_t *conn);
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
int connection_send_destroy(aci_t aci, connection_t *conn);
|
2002-09-17 10:14:37 +02:00
|
|
|
int connection_send_connected(aci_t aci, connection_t *conn);
|
2002-08-24 10:24:30 +02:00
|
|
|
int connection_encrypt_cell(cell_t *cellp, connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
int connection_write_cell_to_buf(cell_t *cellp, connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int connection_process_inbuf(connection_t *conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
int connection_package_raw_inbuf(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
int connection_process_cell_from_inbuf(connection_t *conn);
|
|
|
|
|
|
2002-07-18 08:37:58 +02:00
|
|
|
int connection_consider_sending_sendme(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
int connection_finished_flushing(connection_t *conn);
|
|
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
/********************************* connection_ap.c ****************************/
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
int connection_ap_process_inbuf(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-09-22 13:09:07 +02:00
|
|
|
int ap_handshake_process_socks(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
int ap_handshake_create_onion(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
int ap_handshake_establish_circuit(connection_t *conn, unsigned int *route, int routelen, char *onion,
|
|
|
|
|
int onionlen, crypt_path_t **cpath);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-09-24 12:43:57 +02:00
|
|
|
void ap_handshake_n_conn_open(connection_t *or_conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
int ap_handshake_send_onion(connection_t *ap_conn, connection_t *or_conn, circuit_t *circ);
|
|
|
|
|
|
2002-09-22 13:09:07 +02:00
|
|
|
int ap_handshake_socks_reply(connection_t *conn, char result);
|
2002-09-17 10:14:37 +02:00
|
|
|
int connection_ap_send_connected(connection_t *conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
int connection_ap_process_data_cell(cell_t *cell, connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int connection_ap_finished_flushing(connection_t *conn);
|
|
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
int connection_ap_create_listener(crypto_pk_env_t *prkey, struct sockaddr_in *local);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
int connection_ap_handle_listener_read(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
/********************************* connection_exit.c ***************************/
|
|
|
|
|
|
|
|
|
|
int connection_exit_process_inbuf(connection_t *conn);
|
|
|
|
|
int connection_exit_package_inbuf(connection_t *conn);
|
2002-09-17 10:14:37 +02:00
|
|
|
int connection_exit_send_connected(connection_t *conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
int connection_exit_process_data_cell(cell_t *cell, connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int connection_exit_finished_flushing(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/********************************* connection_op.c ***************************/
|
|
|
|
|
|
|
|
|
|
int op_handshake_process_keys(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int connection_op_process_inbuf(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int connection_op_finished_flushing(connection_t *conn);
|
|
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
int connection_op_create_listener(crypto_pk_env_t *prkey, struct sockaddr_in *local);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
int connection_op_handle_listener_read(connection_t *conn);
|
|
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
/********************************* connection_or.c ***************************/
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
int connection_or_process_inbuf(connection_t *conn);
|
|
|
|
|
int connection_or_finished_flushing(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
void conn_or_init_crypto(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int or_handshake_op_send_keys(connection_t *conn);
|
|
|
|
|
int or_handshake_op_finished_sending_keys(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int or_handshake_client_process_auth(connection_t *conn);
|
|
|
|
|
int or_handshake_client_send_auth(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int or_handshake_server_process_auth(connection_t *conn);
|
|
|
|
|
int or_handshake_server_process_nonce(connection_t *conn);
|
|
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
connection_t *connect_to_router_as_or(routerinfo_t *router, crypto_pk_env_t *prkey, struct sockaddr_in *local);
|
|
|
|
|
connection_t *connection_or_connect_as_or(routerinfo_t *router, crypto_pk_env_t *prkey, struct sockaddr_in *local);
|
2002-09-04 08:29:28 +02:00
|
|
|
connection_t *connection_or_connect_as_op(routerinfo_t *router, struct sockaddr_in *local);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
int connection_or_create_listener(crypto_pk_env_t *prkey, struct sockaddr_in *local);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
int connection_or_handle_listener_read(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-09-26 14:09:10 +02:00
|
|
|
/********************************* directory.c ***************************/
|
|
|
|
|
|
|
|
|
|
void directory_initiate_fetch(routerinfo_t *router);
|
|
|
|
|
int directory_send_command(connection_t *conn);
|
|
|
|
|
void directory_rebuild(void);
|
|
|
|
|
int connection_dir_process_inbuf(connection_t *conn);
|
|
|
|
|
int directory_handle_command(connection_t *conn);
|
|
|
|
|
int directory_handle_reading(connection_t *conn);
|
|
|
|
|
int connection_dir_finished_flushing(connection_t *conn);
|
|
|
|
|
int connection_dir_create_listener(crypto_pk_env_t *prkey, struct sockaddr_in *local);
|
|
|
|
|
int connection_dir_handle_listener_read(connection_t *conn);
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/********************************* main.c ***************************/
|
|
|
|
|
|
|
|
|
|
int connection_add(connection_t *conn);
|
|
|
|
|
int connection_remove(connection_t *conn);
|
|
|
|
|
void connection_set_poll_socket(connection_t *conn);
|
|
|
|
|
|
2002-07-08 10:59:15 +02:00
|
|
|
connection_t *connection_twin_get_by_addr_port(uint32_t addr, uint16_t port);
|
|
|
|
|
connection_t *connection_exact_get_by_addr_port(uint32_t addr, uint16_t port);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
connection_t *connection_get_by_type(int type);
|
|
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
connection_t *connect_to_router_as_op(routerinfo_t *router);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
void connection_watch_events(connection_t *conn, short events);
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
void connection_stop_reading(connection_t *conn);
|
|
|
|
|
void connection_start_reading(connection_t *conn);
|
2002-07-18 08:37:58 +02:00
|
|
|
void connection_stop_writing(connection_t *conn);
|
|
|
|
|
void connection_start_writing(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
void check_conn_read(int i);
|
|
|
|
|
void check_conn_marked(int i);
|
|
|
|
|
void check_conn_write(int i);
|
|
|
|
|
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
int prepare_for_poll(int *timeout);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
int do_main_loop(void);
|
|
|
|
|
|
2002-09-22 00:41:48 +02:00
|
|
|
void catchint();
|
|
|
|
|
void catchusr1();
|
|
|
|
|
void dumpstats(void);
|
2002-09-26 14:09:10 +02:00
|
|
|
void dump_directory_to_string(char *s, int maxlen);
|
2002-09-22 00:41:48 +02:00
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
int main(int argc, char *argv[]);
|
|
|
|
|
|
|
|
|
|
/********************************* onion.c ***************************/
|
|
|
|
|
|
|
|
|
|
int decide_aci_type(uint32_t local_addr, uint16_t local_port,
|
|
|
|
|
uint32_t remote_addr, uint16_t remote_port);
|
|
|
|
|
|
|
|
|
|
int process_onion(circuit_t *circ, connection_t *conn);
|
|
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
/* uses a weighted coin with weight cw to choose a route length */
|
|
|
|
|
int chooselen(double cw);
|
|
|
|
|
|
|
|
|
|
/* returns an array of pointers to routent that define a new route through the OR network
|
|
|
|
|
* int cw is the coin weight to use when choosing the route
|
|
|
|
|
* order of routers is from last to first
|
|
|
|
|
*/
|
2002-08-24 06:59:21 +02:00
|
|
|
unsigned int *new_route(double cw, routerinfo_t **rarray, int rarray_len, int *routelen);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
/* creates a new onion from route, stores it and its length into bufp and lenp respectively */
|
2002-08-24 06:59:21 +02:00
|
|
|
unsigned char *create_onion(routerinfo_t **rarray, int rarray_len, unsigned int *route, int routelen, int *len, crypt_path_t **cpath);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
/* encrypts 128 bytes of the onion with the specified public key, the rest with
|
|
|
|
|
* DES OFB with the key as defined in the outter layer */
|
2002-08-22 09:30:03 +02:00
|
|
|
unsigned char *encrypt_onion(onion_layer_t *onion, uint32_t onionlen, crypto_pk_env_t *pkey);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
/* decrypts the first 128 bytes using RSA and prkey, decrypts the rest with DES OFB with key1 */
|
2002-08-22 09:30:03 +02:00
|
|
|
unsigned char *decrypt_onion(onion_layer_t *onion, uint32_t onionlen, crypto_pk_env_t *prkey);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
/* delete first n bytes of the onion and pads the end with n bytes of random data */
|
2002-08-24 06:59:21 +02:00
|
|
|
void pad_onion(unsigned char *onion, uint32_t onionlen, int n);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
|
|
|
|
/* create a new tracked_onion entry */
|
|
|
|
|
tracked_onion_t *new_tracked_onion(unsigned char *onion, uint32_t onionlen, tracked_onion_t **tracked_onions, tracked_onion_t **last_tracked_onion);
|
|
|
|
|
|
|
|
|
|
/* delete a tracked onion entry */
|
|
|
|
|
void remove_tracked_onion(tracked_onion_t *to, tracked_onion_t **tracked_onions, tracked_onion_t **last_tracked_onion);
|
|
|
|
|
|
|
|
|
|
/* find a tracked onion in the linked list of tracked onions */
|
|
|
|
|
tracked_onion_t *id_tracked_onion(unsigned char *onion, uint32_t onionlen, tracked_onion_t *tracked_onions);
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/********************************* routers.c ***************************/
|
|
|
|
|
|
2002-09-26 14:09:10 +02:00
|
|
|
void router_retry_connections(crypto_pk_env_t *prkey, struct sockaddr_in *local);
|
|
|
|
|
routerinfo_t *router_pick_directory_server(void);
|
|
|
|
|
routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port);
|
|
|
|
|
unsigned int *router_new_route(int *routelen);
|
|
|
|
|
unsigned char *router_create_onion(unsigned int *route, int routelen, int *len, crypt_path_t **cpath);
|
|
|
|
|
routerinfo_t *router_get_first_in_route(unsigned int *route, int routelen);
|
2002-09-26 15:17:14 +02:00
|
|
|
void router_forget_router(uint32_t addr, uint16_t port);
|
2002-09-26 14:09:10 +02:00
|
|
|
int router_get_list_from_file(char *routerfile, uint16_t or_listenport);
|
|
|
|
|
int router_get_list_from_string(char *s, uint16_t or_listenport);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
#endif
|