2003-10-08 04:04:08 +02:00
|
|
|
/* Copyright 2001,2002,2003 Roger Dingledine, Matej Pfajfar. */
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
/* See LICENSE for licensing information */
|
2002-06-27 00:45:49 +02:00
|
|
|
/* $Id$ */
|
|
|
|
|
|
|
|
|
|
#ifndef __OR_H
|
|
|
|
|
#define __OR_H
|
|
|
|
|
|
2002-09-03 20:44:24 +02:00
|
|
|
#include "orconfig.h"
|
2004-03-11 07:19:08 +01:00
|
|
|
#ifdef MS_WINDOWS
|
|
|
|
|
#define WIN32_WINNT 0x400
|
|
|
|
|
#define _WIN32_WINNT 0x400
|
|
|
|
|
#define WIN32_LEAN_AND_MEAN
|
|
|
|
|
/* Number of fds that select will accept; default is 64. */
|
|
|
|
|
#define FD_SETSIZE 512
|
|
|
|
|
#endif
|
2002-09-03 20:44:24 +02:00
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
2002-09-09 06:10:58 +02:00
|
|
|
#include <limits.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#ifdef HAVE_UNISTD_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <unistd.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_STRING_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <string.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_SIGNAL_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <signal.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_NETDB_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <netdb.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_CTYPE_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <ctype.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
2003-08-11 22:40:21 +02:00
|
|
|
#include "../common/torint.h"
|
2002-09-03 20:44:24 +02:00
|
|
|
#include "../common/fakepoll.h"
|
2003-08-12 05:08:41 +02:00
|
|
|
#ifdef HAVE_SYS_TYPES_H
|
2003-09-05 13:25:24 +02:00
|
|
|
#include <sys/types.h> /* Must be included before sys/stat.h for Ultrix */
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
2003-08-12 08:41:53 +02:00
|
|
|
#ifdef HAVE_SYS_WAIT_H
|
|
|
|
|
#include <sys/wait.h>
|
|
|
|
|
#endif
|
2003-08-12 05:08:41 +02:00
|
|
|
#ifdef HAVE_SYS_FCNTL_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <sys/fcntl.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_FCNTL_H
|
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_SYS_IOCTL_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <sys/ioctl.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_SYS_SOCKET_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <sys/socket.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_SYS_TIME_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <sys/time.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_SYS_STAT_H
|
2002-09-24 12:43:57 +02:00
|
|
|
#include <sys/stat.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_NETINET_IN_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <netinet/in.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_ARPA_INET_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <arpa/inet.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_ERRNO_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <errno.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_ASSERT_H
|
2002-06-27 00:45:49 +02:00
|
|
|
#include <assert.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_TIME_H
|
2002-08-22 09:30:03 +02:00
|
|
|
#include <time.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
#ifdef HAVE_WINSOCK_H
|
|
|
|
|
#include <winsock.h>
|
|
|
|
|
#endif
|
|
|
|
|
#if _MSC_VER > 1300
|
|
|
|
|
#include <winsock2.h>
|
|
|
|
|
#include <ws2tcpip.h>
|
|
|
|
|
#elif defined(_MSC_VER)
|
|
|
|
|
#include <winsock.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
2003-08-12 17:08:51 +02:00
|
|
|
#ifdef MS_WINDOWS
|
2003-08-12 05:08:41 +02:00
|
|
|
#include <io.h>
|
2003-10-04 03:37:01 +02:00
|
|
|
#include <process.h>
|
2004-03-09 23:01:17 +01:00
|
|
|
#include <direct.h>
|
2003-08-12 05:08:41 +02:00
|
|
|
#include <windows.h>
|
2003-08-12 17:08:51 +02:00
|
|
|
#define snprintf _snprintf
|
2003-08-12 05:08:41 +02:00
|
|
|
#endif
|
|
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
#include "../common/crypto.h"
|
2003-09-04 18:05:08 +02:00
|
|
|
#include "../common/tortls.h"
|
2002-06-27 00:45:49 +02:00
|
|
|
#include "../common/log.h"
|
2003-04-16 19:04:58 +02:00
|
|
|
#include "../common/util.h"
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-02-18 02:35:55 +01:00
|
|
|
#define MAXCONNECTIONS 1000 /* upper bound on max connections.
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
can be lowered by config file */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-02-18 02:55:51 +01:00
|
|
|
#define DEFAULT_BANDWIDTH_OP (1024 * 1000)
|
2004-04-05 02:47:48 +02:00
|
|
|
#define MAX_NICKNAME_LEN 19
|
2003-12-17 10:42:28 +01:00
|
|
|
#define MAX_DIR_SIZE 500000
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2004-01-20 03:14:30 +01:00
|
|
|
#ifdef TOR_PERF
|
|
|
|
|
#define MAX_DNS_ENTRY_AGE (150*60)
|
|
|
|
|
#else
|
2003-12-14 08:40:47 +01:00
|
|
|
#define MAX_DNS_ENTRY_AGE (15*60)
|
2004-01-20 03:14:30 +01:00
|
|
|
#endif
|
2003-12-14 08:40:47 +01:00
|
|
|
|
2003-11-11 04:01:48 +01:00
|
|
|
#define CIRC_ID_TYPE_LOWER 0
|
|
|
|
|
#define CIRC_ID_TYPE_HIGHER 1
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2003-09-16 21:36:19 +02:00
|
|
|
#define _CONN_TYPE_MIN 3
|
2002-06-27 00:45:49 +02:00
|
|
|
#define CONN_TYPE_OR_LISTENER 3
|
|
|
|
|
#define CONN_TYPE_OR 4
|
2002-06-30 09:37:49 +02:00
|
|
|
#define CONN_TYPE_EXIT 5
|
|
|
|
|
#define CONN_TYPE_AP_LISTENER 6
|
|
|
|
|
#define CONN_TYPE_AP 7
|
2002-09-26 14:09:10 +02:00
|
|
|
#define CONN_TYPE_DIR_LISTENER 8
|
|
|
|
|
#define CONN_TYPE_DIR 9
|
2003-06-17 16:31:05 +02:00
|
|
|
#define CONN_TYPE_DNSWORKER 10
|
2003-08-21 01:05:22 +02:00
|
|
|
#define CONN_TYPE_CPUWORKER 11
|
cleanups, bugfixes, more verbose logs
Fixed up the assert_*_ok funcs some (more work remains)
Changed config so it reads either /etc/torrc or the -f arg, never both
Finally tracked down a nasty bug with our use of tls:
It turns out that if you ask SSL_read() for no more than n bytes, it
will read the entire record from the network (and maybe part of the next
record, I'm not sure), give you n bytes of it, and keep the remaining
bytes internally. This is fine, except our poll-for-read looks at the
network, and there are no bytes pending on the network, so we never know
to ask SSL_read() for more bytes. Currently I've hacked it so if we ask
for n bytes and it returns n bytes, then it reads again right then. This
will interact poorly with our rate limiting; we need a cleaner solution.
svn:r481
2003-09-24 23:24:52 +02:00
|
|
|
#define _CONN_TYPE_MAX 11
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
#define LISTENER_STATE_READY 0
|
|
|
|
|
|
2003-09-30 10:18:10 +02:00
|
|
|
#define _DNSWORKER_STATE_MIN 1
|
|
|
|
|
#define DNSWORKER_STATE_IDLE 1
|
|
|
|
|
#define DNSWORKER_STATE_BUSY 2
|
|
|
|
|
#define _DNSWORKER_STATE_MAX 2
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
|
2003-09-27 09:33:07 +02:00
|
|
|
#define _CPUWORKER_STATE_MIN 1
|
|
|
|
|
#define CPUWORKER_STATE_IDLE 1
|
|
|
|
|
#define CPUWORKER_STATE_BUSY_ONION 2
|
|
|
|
|
#define CPUWORKER_STATE_BUSY_HANDSHAKE 3
|
|
|
|
|
#define _CPUWORKER_STATE_MAX 3
|
2003-08-21 01:05:22 +02:00
|
|
|
|
|
|
|
|
#define CPUWORKER_TASK_ONION CPUWORKER_STATE_BUSY_ONION
|
|
|
|
|
|
2003-09-27 09:33:07 +02:00
|
|
|
#define _OR_CONN_STATE_MIN 1
|
|
|
|
|
#define OR_CONN_STATE_CONNECTING 1 /* waiting for connect() to finish */
|
|
|
|
|
#define OR_CONN_STATE_HANDSHAKING 2 /* SSL is handshaking, not done yet */
|
|
|
|
|
#define OR_CONN_STATE_OPEN 3 /* ready to send/receive cells. */
|
|
|
|
|
#define _OR_CONN_STATE_MAX 3
|
|
|
|
|
|
|
|
|
|
#define _EXIT_CONN_STATE_MIN 1
|
|
|
|
|
#define EXIT_CONN_STATE_RESOLVING 1 /* waiting for response from dns farm */
|
|
|
|
|
#define EXIT_CONN_STATE_CONNECTING 2 /* waiting for connect() to finish */
|
|
|
|
|
#define EXIT_CONN_STATE_OPEN 3
|
2004-03-03 04:02:06 +01:00
|
|
|
#define EXIT_CONN_STATE_RESOLVEFAILED 4 /* waiting to be removed */
|
2004-03-02 08:24:11 +01:00
|
|
|
#define _EXIT_CONN_STATE_MAX 4
|
2002-06-27 00:45:49 +02:00
|
|
|
#if 0
|
2002-06-30 09:37:49 +02:00
|
|
|
#define EXIT_CONN_STATE_CLOSE 3 /* flushing the buffer, then will close */
|
|
|
|
|
#define EXIT_CONN_STATE_CLOSE_WAIT 4 /* have sent a destroy, awaiting a confirmation */
|
2002-06-27 00:45:49 +02:00
|
|
|
#endif
|
|
|
|
|
|
2003-09-27 09:33:07 +02:00
|
|
|
/* the AP state values must be disjoint from the EXIT state values */
|
2004-03-02 08:24:11 +01:00
|
|
|
#define _AP_CONN_STATE_MIN 5
|
|
|
|
|
#define AP_CONN_STATE_SOCKS_WAIT 5
|
2004-04-05 02:47:48 +02:00
|
|
|
#define AP_CONN_STATE_RENDDESC_WAIT 6
|
|
|
|
|
#define AP_CONN_STATE_CIRCUIT_WAIT 7
|
|
|
|
|
#define AP_CONN_STATE_CONNECT_WAIT 8
|
|
|
|
|
#define AP_CONN_STATE_OPEN 9
|
|
|
|
|
#define _AP_CONN_STATE_MAX 9
|
2004-04-01 23:32:01 +02:00
|
|
|
|
2003-09-27 09:33:07 +02:00
|
|
|
#define _DIR_CONN_STATE_MIN 1
|
2004-03-31 00:57:49 +02:00
|
|
|
#define DIR_CONN_STATE_CONNECTING 1
|
|
|
|
|
#define DIR_CONN_STATE_CLIENT_SENDING 2
|
|
|
|
|
#define DIR_CONN_STATE_CLIENT_READING 3
|
|
|
|
|
#define DIR_CONN_STATE_SERVER_COMMAND_WAIT 4
|
|
|
|
|
#define DIR_CONN_STATE_SERVER_WRITING 5
|
|
|
|
|
#define _DIR_CONN_STATE_MAX 5
|
|
|
|
|
|
|
|
|
|
#define _DIR_PURPOSE_MIN 1
|
|
|
|
|
#define DIR_PURPOSE_FETCH_DIR 1
|
2004-04-01 23:32:01 +02:00
|
|
|
#define DIR_PURPOSE_FETCH_RENDDESC 2
|
2004-04-08 00:41:00 +02:00
|
|
|
#define DIR_PURPOSE_HAS_FETCHED_RENDDESC 3
|
|
|
|
|
#define DIR_PURPOSE_UPLOAD_DIR 4
|
|
|
|
|
#define DIR_PURPOSE_UPLOAD_RENDDESC 5
|
|
|
|
|
#define DIR_PURPOSE_SERVER 6
|
|
|
|
|
#define _DIR_PURPOSE_MAX 6
|
2002-09-26 14:09:10 +02:00
|
|
|
|
2003-05-06 01:24:46 +02:00
|
|
|
#define CIRCUIT_STATE_BUILDING 0 /* I'm the OP, still haven't done all my handshakes */
|
2003-09-16 22:57:09 +02:00
|
|
|
#define CIRCUIT_STATE_ONIONSKIN_PENDING 1 /* waiting to process the onionskin */
|
2003-05-06 01:24:46 +02:00
|
|
|
#define CIRCUIT_STATE_OR_WAIT 2 /* I'm the OP, my firsthop is still connecting */
|
2003-09-16 22:57:09 +02:00
|
|
|
#define CIRCUIT_STATE_OPEN 3 /* onionskin(s) processed, ready to send/receive cells */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2004-03-30 00:14:19 +02:00
|
|
|
#define _CIRCUIT_PURPOSE_MIN 1
|
2004-04-05 02:47:48 +02:00
|
|
|
|
2004-03-30 00:14:19 +02:00
|
|
|
/* these circuits were initiated elsewhere */
|
2004-04-08 04:24:06 +02:00
|
|
|
#define _CIRCUIT_PURPOSE_OR_MIN 1
|
2004-04-03 01:30:54 +02:00
|
|
|
#define CIRCUIT_PURPOSE_OR 1 /* normal circuit, at OR. */
|
2004-03-30 21:52:42 +02:00
|
|
|
#define CIRCUIT_PURPOSE_INTRO_POINT 2 /* At OR, from Bob, waiting for intro from Alices */
|
|
|
|
|
#define CIRCUIT_PURPOSE_REND_POINT_WAITING 3 /* At OR, from Alice, waiting for Bob */
|
|
|
|
|
#define CIRCUIT_PURPOSE_REND_ESTABLISHED 4 /* At OR, both circuits have this purpose */
|
2004-04-08 04:24:06 +02:00
|
|
|
#define _CIRCUIT_PURPOSE_OR_MAX 4
|
2004-04-05 02:47:48 +02:00
|
|
|
|
2004-03-30 21:52:42 +02:00
|
|
|
/* these circuits originate at this node */
|
2004-04-05 02:47:48 +02:00
|
|
|
|
|
|
|
|
/* here's how circ client-side purposes work:
|
|
|
|
|
* normal circuits are C_GENERAL.
|
|
|
|
|
* circuits that are c_introducing are either on their way to
|
|
|
|
|
* becoming open, or they are open but haven't been used yet.
|
|
|
|
|
* (as soon as they are used, they are destroyed.)
|
|
|
|
|
* circuits that are c_establish_rend are either on their way
|
|
|
|
|
* to becoming open, or they are open and have sent the
|
|
|
|
|
* establish_rendezvous cell but haven't received an ack.
|
|
|
|
|
* circuits that are c_rend_ready are open and have received an
|
|
|
|
|
* ack, but haven't heard from bob yet. if they have a
|
|
|
|
|
* buildstate->pending_final_cpath then they're expecting a
|
|
|
|
|
* cell from bob, else they're not.
|
|
|
|
|
* circuits that are c_rend_joined are open, have heard from
|
|
|
|
|
* bob, and are talking to him.
|
|
|
|
|
*/
|
2004-03-30 00:14:19 +02:00
|
|
|
#define CIRCUIT_PURPOSE_C_GENERAL 5 /* normal circuit, with cpath */
|
2004-04-03 06:55:22 +02:00
|
|
|
#define CIRCUIT_PURPOSE_C_INTRODUCING 6 /* at Alice, connecting to intro point */
|
2004-04-13 03:41:39 +02:00
|
|
|
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT 7 /* at alice, sent INTRODUCE1 to intro point, waiting for ACK/NAK */
|
2004-04-03 06:55:22 +02:00
|
|
|
|
2004-04-13 03:41:39 +02:00
|
|
|
#define CIRCUIT_PURPOSE_C_ESTABLISH_REND 8 /* at Alice, waiting for ack */
|
|
|
|
|
#define CIRCUIT_PURPOSE_C_REND_READY 9 /* at Alice, waiting for Bob */
|
|
|
|
|
#define CIRCUIT_PURPOSE_C_REND_JOINED 10 /* at Alice, rendezvous established */
|
2004-04-03 06:55:22 +02:00
|
|
|
|
2004-04-13 03:41:39 +02:00
|
|
|
#define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO 11 /* at Bob, waiting for introductions */
|
|
|
|
|
#define CIRCUIT_PURPOSE_S_INTRO 12 /* at Bob, successfully established intro */
|
|
|
|
|
#define CIRCUIT_PURPOSE_S_CONNECT_REND 13 /* at Bob, connecting to rend point */
|
|
|
|
|
|
|
|
|
|
#define CIRCUIT_PURPOSE_S_REND_JOINED 14 /* at Bob, rendezvous established.*/
|
|
|
|
|
#define _CIRCUIT_PURPOSE_MAX 14
|
2004-03-30 00:14:19 +02:00
|
|
|
|
2004-04-08 04:24:06 +02:00
|
|
|
#define CIRCUIT_PURPOSE_IS_ORIGIN(p) ((p)>_CIRCUIT_PURPOSE_OR_MAX)
|
|
|
|
|
#define CIRCUIT_IS_ORIGIN(c) (CIRCUIT_PURPOSE_IS_ORIGIN((c)->purpose))
|
|
|
|
|
|
2003-05-01 08:42:29 +02:00
|
|
|
#define RELAY_COMMAND_BEGIN 1
|
|
|
|
|
#define RELAY_COMMAND_DATA 2
|
|
|
|
|
#define RELAY_COMMAND_END 3
|
|
|
|
|
#define RELAY_COMMAND_CONNECTED 4
|
|
|
|
|
#define RELAY_COMMAND_SENDME 5
|
2003-05-06 01:24:46 +02:00
|
|
|
#define RELAY_COMMAND_EXTEND 6
|
|
|
|
|
#define RELAY_COMMAND_EXTENDED 7
|
2003-06-12 12:16:33 +02:00
|
|
|
#define RELAY_COMMAND_TRUNCATE 8
|
|
|
|
|
#define RELAY_COMMAND_TRUNCATED 9
|
2003-11-17 01:57:56 +01:00
|
|
|
#define RELAY_COMMAND_DROP 10
|
2004-03-08 00:50:15 +01:00
|
|
|
#define RELAY_COMMAND_RESOLVE 11
|
|
|
|
|
#define RELAY_COMMAND_RESOLVED 12
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
|
2004-04-01 03:11:28 +02:00
|
|
|
#define RELAY_COMMAND_ESTABLISH_INTRO 32
|
|
|
|
|
#define RELAY_COMMAND_ESTABLISH_RENDEZVOUS 33
|
|
|
|
|
#define RELAY_COMMAND_INTRODUCE1 34
|
|
|
|
|
#define RELAY_COMMAND_INTRODUCE2 35
|
2004-04-13 02:38:16 +02:00
|
|
|
#define RELAY_COMMAND_RENDEZVOUS1 36
|
|
|
|
|
#define RELAY_COMMAND_RENDEZVOUS2 37
|
2004-04-03 06:55:22 +02:00
|
|
|
/* DOCDOC Spec these next two. */
|
2004-04-13 02:38:16 +02:00
|
|
|
#define RELAY_COMMAND_INTRO_ESTABLISHED 38
|
|
|
|
|
#define RELAY_COMMAND_RENDEZVOUS_ESTABLISHED 39
|
|
|
|
|
#define RELAY_COMMAND_INTRODUCE_ACK 40
|
2004-04-01 03:11:28 +02:00
|
|
|
|
2004-02-27 23:00:26 +01:00
|
|
|
#define _MIN_END_STREAM_REASON 1
|
2003-10-22 09:55:44 +02:00
|
|
|
#define END_STREAM_REASON_MISC 1
|
|
|
|
|
#define END_STREAM_REASON_RESOLVEFAILED 2
|
|
|
|
|
#define END_STREAM_REASON_CONNECTFAILED 3
|
|
|
|
|
#define END_STREAM_REASON_EXITPOLICY 4
|
|
|
|
|
#define END_STREAM_REASON_DESTROY 5
|
|
|
|
|
#define END_STREAM_REASON_DONE 6
|
2004-02-29 00:56:50 +01:00
|
|
|
#define END_STREAM_REASON_TIMEOUT 7
|
|
|
|
|
#define _MAX_END_STREAM_REASON 7
|
2003-10-22 09:55:44 +02:00
|
|
|
|
2004-04-01 23:32:01 +02:00
|
|
|
/* length of 'y' portion of 'y.onion' URL. */
|
|
|
|
|
#define REND_SERVICE_ID_LEN 16
|
|
|
|
|
|
2004-03-20 05:59:29 +01:00
|
|
|
/* Reasons used by connection_mark_for_close */
|
|
|
|
|
#define CLOSE_REASON_UNUSED_OR_CONN 100
|
|
|
|
|
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
#define CELL_DIRECTION_IN 1
|
|
|
|
|
#define CELL_DIRECTION_OUT 2
|
2004-04-08 11:41:28 +02:00
|
|
|
//#define EDGE_EXIT CONN_TYPE_EXIT
|
|
|
|
|
//#define EDGE_AP CONN_TYPE_AP
|
|
|
|
|
//#define CELL_DIRECTION(x) ((x) == EDGE_EXIT ? CELL_DIRECTION_IN : CELL_DIRECTION_OUT)
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
|
2004-01-20 03:14:30 +01:00
|
|
|
#ifdef TOR_PERF
|
|
|
|
|
#define CIRCWINDOW_START 10000
|
|
|
|
|
#define CIRCWINDOW_INCREMENT 1000
|
|
|
|
|
#define STREAMWINDOW_START 5000
|
|
|
|
|
#define STREAMWINDOW_INCREMENT 500
|
|
|
|
|
#else
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
#define CIRCWINDOW_START 1000
|
|
|
|
|
#define CIRCWINDOW_INCREMENT 100
|
2003-05-01 08:42:29 +02:00
|
|
|
#define STREAMWINDOW_START 500
|
|
|
|
|
#define STREAMWINDOW_INCREMENT 50
|
2004-01-20 03:14:30 +01:00
|
|
|
#endif
|
2002-07-18 08:37:58 +02:00
|
|
|
|
2002-07-19 20:48:28 +02:00
|
|
|
/* cell commands */
|
|
|
|
|
#define CELL_PADDING 0
|
|
|
|
|
#define CELL_CREATE 1
|
2003-05-06 01:24:46 +02:00
|
|
|
#define CELL_CREATED 2
|
|
|
|
|
#define CELL_RELAY 3
|
|
|
|
|
#define CELL_DESTROY 4
|
2002-07-19 20:48:28 +02:00
|
|
|
|
2003-09-27 23:30:10 +02:00
|
|
|
/* legal characters in a nickname */
|
|
|
|
|
#define LEGAL_NICKNAME_CHARACTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
|
2002-11-23 07:49:01 +01:00
|
|
|
|
2003-09-21 08:15:43 +02:00
|
|
|
#define SOCKS4_NETWORK_LEN 8
|
|
|
|
|
|
2003-12-16 10:48:17 +01:00
|
|
|
/*
|
|
|
|
|
* Relay payload:
|
|
|
|
|
* Relay command [1 byte]
|
2003-12-19 06:09:51 +01:00
|
|
|
* Recognized [2 bytes]
|
|
|
|
|
* Stream ID [2 bytes]
|
2003-12-16 10:48:17 +01:00
|
|
|
* Partial SHA-1 [4 bytes]
|
|
|
|
|
* Length [2 bytes]
|
2003-12-19 06:09:51 +01:00
|
|
|
* Relay payload [498 bytes]
|
2003-12-16 10:48:17 +01:00
|
|
|
*/
|
2003-04-16 19:44:33 +02:00
|
|
|
|
2003-12-19 06:09:51 +01:00
|
|
|
#if 0
|
2003-05-01 08:42:29 +02:00
|
|
|
#define CELL_RELAY_COMMAND(c) (*(uint8_t*)((c).payload))
|
|
|
|
|
#define SET_CELL_RELAY_COMMAND(c,cmd) (*(uint8_t*)((c).payload) = (cmd))
|
2003-12-16 10:48:17 +01:00
|
|
|
|
2003-12-19 06:09:51 +01:00
|
|
|
#define CELL_RELAY_RECOGNIZED(c) (ntohs(*(uint16_t*)((c).payload+1)))
|
|
|
|
|
#define SET_CELL_RELAY_RECOGNIZED(c,r) (*(uint16_t*)((c).payload+1) = htons(r))
|
2003-12-16 10:48:17 +01:00
|
|
|
|
2003-12-19 06:09:51 +01:00
|
|
|
#define STREAM_ID_SIZE 2
|
|
|
|
|
//#define SET_CELL_STREAM_ID(c,id) memcpy((c).payload+1,(id),STREAM_ID_SIZE)
|
|
|
|
|
#define CELL_RELAY_STREAM_ID(c) (ntohs(*(uint16_t*)((c).payload+3)))
|
|
|
|
|
#define SET_CELL_RELAY_STREAM_ID(c,id) (*(uint16_t*)((c).payload+3) = htons(id))
|
|
|
|
|
#define ZERO_STREAM 0
|
2003-05-02 23:29:25 +02:00
|
|
|
|
2003-12-16 23:56:50 +01:00
|
|
|
/* integrity is the first 32 bits (in network order) of a sha-1 of all
|
|
|
|
|
* cell payloads that are relay cells that have been sent / delivered
|
|
|
|
|
* to the hop on the * circuit (the integrity is zeroed while doing
|
|
|
|
|
* each calculation)
|
|
|
|
|
*/
|
2003-12-19 06:09:51 +01:00
|
|
|
#define CELL_RELAY_INTEGRITY(c) (ntohl(*(uint32_t*)((c).payload+5)))
|
|
|
|
|
#define SET_CELL_RELAY_INTEGRITY(c,i) (*(uint32_t*)((c).payload+5) = htonl(i))
|
2003-12-16 23:56:50 +01:00
|
|
|
|
2003-12-16 10:48:17 +01:00
|
|
|
/* relay length is how many bytes are used in the cell payload past relay_header_size */
|
2003-12-19 06:09:51 +01:00
|
|
|
#define CELL_RELAY_LENGTH(c) (ntohs(*(uint16_t*)((c).payload+9)))
|
|
|
|
|
#define SET_CELL_RELAY_LENGTH(c,len) (*(uint16_t*)((c).payload+9) = htons(len))
|
|
|
|
|
#endif
|
2003-12-16 10:48:17 +01:00
|
|
|
|
|
|
|
|
#define CELL_PAYLOAD_SIZE 509
|
|
|
|
|
#define CELL_NETWORK_SIZE 512
|
|
|
|
|
|
2003-12-19 06:09:51 +01:00
|
|
|
#define RELAY_HEADER_SIZE (1+2+2+4+2)
|
|
|
|
|
#define RELAY_PAYLOAD_SIZE (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)
|
|
|
|
|
|
2003-12-16 10:48:17 +01:00
|
|
|
/* cell definition */
|
|
|
|
|
typedef struct {
|
2003-12-19 20:55:02 +01:00
|
|
|
uint16_t circ_id;
|
2003-12-16 10:48:17 +01:00
|
|
|
unsigned char command;
|
|
|
|
|
unsigned char payload[CELL_PAYLOAD_SIZE];
|
|
|
|
|
} cell_t;
|
|
|
|
|
|
2003-12-19 06:09:51 +01:00
|
|
|
typedef struct {
|
|
|
|
|
uint8_t command;
|
|
|
|
|
uint16_t recognized;
|
|
|
|
|
uint16_t stream_id;
|
2004-01-02 10:03:38 +01:00
|
|
|
char integrity[4];
|
2003-12-19 06:09:51 +01:00
|
|
|
uint16_t length;
|
|
|
|
|
} relay_header_t;
|
2002-07-19 20:48:28 +02:00
|
|
|
|
2003-09-25 07:17:11 +02:00
|
|
|
typedef struct buf_t buf_t;
|
2003-11-11 03:41:31 +01:00
|
|
|
typedef struct socks_request_t socks_request_t;
|
2003-09-25 07:17:11 +02:00
|
|
|
|
2004-02-25 08:31:46 +01:00
|
|
|
#define CONNECTION_MAGIC 0x7C3C304Eu
|
2003-12-16 10:48:17 +01:00
|
|
|
struct connection_t {
|
2004-02-25 08:31:46 +01:00
|
|
|
uint32_t magic; /* for memory debugging */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-07-05 07:46:06 +02:00
|
|
|
uint8_t type;
|
2003-09-05 08:04:03 +02:00
|
|
|
uint8_t state;
|
2004-04-05 02:47:48 +02:00
|
|
|
uint8_t purpose; /* only used for DIR types currently */
|
2003-09-05 08:04:03 +02:00
|
|
|
uint8_t wants_to_read; /* should we start reading again once
|
|
|
|
|
* the bandwidth throttler allows it?
|
|
|
|
|
*/
|
2003-09-07 12:24:40 +02:00
|
|
|
uint8_t wants_to_write; /* should we start writing again once
|
|
|
|
|
* the bandwidth throttler allows reads?
|
|
|
|
|
*/
|
2002-06-27 00:45:49 +02:00
|
|
|
int s; /* our socket */
|
2003-09-05 08:04:03 +02:00
|
|
|
int poll_index; /* index of this conn into the poll_array */
|
|
|
|
|
int marked_for_close; /* should we close this conn on the next
|
|
|
|
|
* iteration of the main loop?
|
|
|
|
|
*/
|
2004-02-28 05:11:53 +01:00
|
|
|
char *marked_for_close_file; /* for debugging: in which file were we marked
|
|
|
|
|
* for close? */
|
2004-03-03 06:08:01 +01:00
|
|
|
int hold_open_until_flushed;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-25 07:17:11 +02:00
|
|
|
buf_t *inbuf;
|
2003-09-05 08:04:03 +02:00
|
|
|
int inbuf_reached_eof; /* did read() return 0 on this conn? */
|
2003-11-17 00:43:08 +01:00
|
|
|
time_t timestamp_lastread; /* when was the last time poll() said we could read? */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-25 07:17:11 +02:00
|
|
|
buf_t *outbuf;
|
2002-08-24 06:59:21 +02:00
|
|
|
int outbuf_flushlen; /* how much data should we try to flush from the outbuf? */
|
2003-11-17 00:43:08 +01:00
|
|
|
time_t timestamp_lastwritten; /* when was the last time poll() said we could write? */
|
2002-10-02 01:37:31 +02:00
|
|
|
|
2003-11-17 00:43:08 +01:00
|
|
|
time_t timestamp_created; /* when was this connection_t created? */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-05 08:04:03 +02:00
|
|
|
uint32_t addr; /* these two uniquely identify a router. Both in host order. */
|
|
|
|
|
uint16_t port; /* if non-zero, they identify the guy on the other end
|
|
|
|
|
* of the connection. */
|
|
|
|
|
char *address; /* FQDN (or IP) of the guy on the other end.
|
|
|
|
|
* strdup into this, because free_connection frees it
|
|
|
|
|
*/
|
2003-09-25 07:17:11 +02:00
|
|
|
crypto_pk_env_t *onion_pkey; /* public RSA key for the other side's onions */
|
|
|
|
|
crypto_pk_env_t *link_pkey; /* public RSA key for the other side's TLS */
|
|
|
|
|
crypto_pk_env_t *identity_pkey; /* public RSA key for the other side's signing */
|
2003-09-27 23:30:10 +02:00
|
|
|
char *nickname;
|
2003-09-05 08:04:03 +02:00
|
|
|
|
|
|
|
|
/* Used only by OR connections: */
|
2003-09-08 07:16:18 +02:00
|
|
|
tor_tls *tls;
|
2003-12-19 20:55:02 +01:00
|
|
|
uint16_t next_circ_id; /* Which circ_id do we try to use next on this connection?
|
|
|
|
|
* This is always in the range 0..1<<15-1.*/
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-27 23:09:56 +02:00
|
|
|
/* bandwidth and receiver_bucket only used by ORs in OPEN state: */
|
2004-03-09 23:01:17 +01:00
|
|
|
int bandwidth; /* connection bandwidth. */
|
2003-09-27 23:09:56 +02:00
|
|
|
int receiver_bucket; /* when this hits 0, stop receiving. Every second we
|
|
|
|
|
* add 'bandwidth' to this, capping it at 10*bandwidth.
|
|
|
|
|
*/
|
|
|
|
|
|
2004-04-03 01:54:48 +02:00
|
|
|
/* Used only by DIR and AP connections: */
|
2004-04-01 23:32:01 +02:00
|
|
|
char rend_query[REND_SERVICE_ID_LEN+1];
|
|
|
|
|
|
2003-09-05 08:04:03 +02:00
|
|
|
/* Used only by edge connections: */
|
2003-12-19 06:09:51 +01:00
|
|
|
uint16_t stream_id;
|
2003-09-05 08:04:03 +02:00
|
|
|
struct connection_t *next_stream; /* points to the next stream at this edge, if any */
|
2003-05-02 23:29:25 +02:00
|
|
|
struct crypt_path_t *cpath_layer; /* a pointer to which node in the circ this conn exits at */
|
2003-09-05 08:04:03 +02:00
|
|
|
int package_window; /* how many more relay cells can i send into the circuit? */
|
|
|
|
|
int deliver_window; /* how many more relay cells can end at me? */
|
2002-09-22 13:09:07 +02:00
|
|
|
|
2003-09-05 08:04:03 +02:00
|
|
|
int done_sending; /* for half-open connections; not used currently */
|
|
|
|
|
int done_receiving;
|
2003-10-21 10:37:07 +02:00
|
|
|
char has_sent_end; /* for debugging: set once we've set the stream end,
|
|
|
|
|
and check in circuit_about_to_close_connection() */
|
2004-03-08 00:50:15 +01:00
|
|
|
char num_retries; /* how many times have we re-tried beginning this stream? */
|
2003-12-17 22:09:31 +01:00
|
|
|
|
2003-11-11 03:41:31 +01:00
|
|
|
/* Used only by AP connections */
|
|
|
|
|
socks_request_t *socks_request;
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
typedef struct connection_t connection_t;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-04-07 06:38:19 +02:00
|
|
|
#define EXIT_POLICY_ACCEPT 1
|
|
|
|
|
#define EXIT_POLICY_REJECT 2
|
|
|
|
|
|
|
|
|
|
struct exit_policy_t {
|
|
|
|
|
char policy_type;
|
|
|
|
|
char *string;
|
2003-11-14 21:45:47 +01:00
|
|
|
uint32_t addr;
|
|
|
|
|
uint32_t msk;
|
2003-12-13 03:44:02 +01:00
|
|
|
uint16_t prt_min;
|
|
|
|
|
uint16_t prt_max;
|
2003-04-07 06:38:19 +02:00
|
|
|
|
|
|
|
|
struct exit_policy_t *next;
|
|
|
|
|
};
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/* config stuff we know about the other ORs in the network */
|
2002-12-03 23:18:23 +01:00
|
|
|
typedef struct {
|
2002-06-27 00:45:49 +02:00
|
|
|
char *address;
|
2003-09-12 00:19:48 +02:00
|
|
|
char *nickname;
|
2003-12-17 22:09:31 +01:00
|
|
|
|
2002-10-03 00:54:20 +02:00
|
|
|
uint32_t addr; /* all host order */
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
uint16_t or_port;
|
2003-10-21 11:48:17 +02:00
|
|
|
uint16_t socks_port;
|
2002-09-24 12:43:57 +02:00
|
|
|
uint16_t dir_port;
|
2003-09-26 20:27:35 +02:00
|
|
|
|
|
|
|
|
time_t published_on;
|
2003-12-17 22:09:31 +01:00
|
|
|
|
2003-09-25 07:17:11 +02:00
|
|
|
crypto_pk_env_t *onion_pkey; /* public RSA key for onions */
|
|
|
|
|
crypto_pk_env_t *link_pkey; /* public RSA key for TLS */
|
|
|
|
|
crypto_pk_env_t *identity_pkey; /* public RSA key for signing */
|
2003-12-17 22:09:31 +01:00
|
|
|
|
2003-09-27 23:30:10 +02:00
|
|
|
int is_running;
|
|
|
|
|
|
2004-04-07 23:36:03 +02:00
|
|
|
char *platform;
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/* link info */
|
2004-01-11 00:40:38 +01:00
|
|
|
uint32_t bandwidthrate;
|
|
|
|
|
uint32_t bandwidthburst;
|
2003-04-07 06:38:19 +02:00
|
|
|
struct exit_policy_t *exit_policy;
|
2002-06-27 00:45:49 +02:00
|
|
|
} routerinfo_t;
|
|
|
|
|
|
2003-05-09 04:00:33 +02:00
|
|
|
#define MAX_ROUTERS_IN_DIR 1024
|
2003-05-06 19:38:16 +02:00
|
|
|
typedef struct {
|
2004-04-07 21:46:27 +02:00
|
|
|
smartlist_t *routers;
|
2003-05-09 04:25:37 +02:00
|
|
|
char *software_versions;
|
2003-09-27 23:30:10 +02:00
|
|
|
time_t published_on;
|
2003-12-05 10:51:49 +01:00
|
|
|
} routerlist_t;
|
2003-05-06 19:38:16 +02:00
|
|
|
|
2003-12-17 22:09:31 +01:00
|
|
|
struct crypt_path_t {
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2002-08-22 09:30:03 +02:00
|
|
|
/* crypto environments */
|
|
|
|
|
crypto_cipher_env_t *f_crypto;
|
|
|
|
|
crypto_cipher_env_t *b_crypto;
|
2003-05-02 00:55:51 +02:00
|
|
|
|
2003-12-16 09:21:58 +01:00
|
|
|
crypto_digest_env_t *f_digest; /* for integrity checking */
|
|
|
|
|
crypto_digest_env_t *b_digest;
|
|
|
|
|
|
2003-05-06 01:24:46 +02:00
|
|
|
crypto_dh_env_t *handshake_state;
|
2004-04-03 04:40:30 +02:00
|
|
|
char handshake_digest[DIGEST_LEN];/* KH in tor-spec.txt */
|
2003-05-06 01:24:46 +02:00
|
|
|
|
|
|
|
|
uint32_t addr;
|
|
|
|
|
uint16_t port;
|
|
|
|
|
|
2003-09-05 08:04:03 +02:00
|
|
|
uint8_t state;
|
2003-05-02 00:55:51 +02:00
|
|
|
#define CPATH_STATE_CLOSED 0
|
2003-05-06 01:24:46 +02:00
|
|
|
#define CPATH_STATE_AWAITING_KEYS 1
|
2003-05-02 00:55:51 +02:00
|
|
|
#define CPATH_STATE_OPEN 2
|
2003-05-02 23:29:25 +02:00
|
|
|
struct crypt_path_t *next;
|
|
|
|
|
struct crypt_path_t *prev; /* doubly linked list */
|
|
|
|
|
|
2003-05-20 08:41:23 +02:00
|
|
|
int package_window;
|
|
|
|
|
int deliver_window;
|
2003-05-02 23:29:25 +02:00
|
|
|
};
|
2003-05-02 00:55:51 +02:00
|
|
|
|
2004-04-05 22:53:50 +02:00
|
|
|
#define DH_KEY_LEN DH_BYTES
|
2004-01-05 06:23:03 +01:00
|
|
|
#define ONIONSKIN_CHALLENGE_LEN (16+DH_KEY_LEN)
|
2003-12-16 09:21:58 +01:00
|
|
|
#define ONIONSKIN_REPLY_LEN (DH_KEY_LEN+20)
|
2004-04-03 04:40:30 +02:00
|
|
|
#define REND_COOKIE_LEN DIGEST_LEN
|
2003-05-06 07:54:42 +02:00
|
|
|
|
2003-05-02 23:29:25 +02:00
|
|
|
typedef struct crypt_path_t crypt_path_t;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2003-11-16 18:00:02 +01:00
|
|
|
typedef struct {
|
|
|
|
|
int desired_path_len;
|
2004-04-02 00:21:01 +02:00
|
|
|
/* nickname of planned exit node */
|
|
|
|
|
char *chosen_exit;
|
|
|
|
|
/* cpath to append after rendezvous. */
|
|
|
|
|
struct crypt_path_t *pending_final_cpath;
|
2003-11-16 18:00:02 +01:00
|
|
|
} cpath_build_state_t;
|
2003-11-14 21:45:47 +01:00
|
|
|
|
2003-04-16 08:18:31 +02:00
|
|
|
/* struct for a path (circuit) through the network */
|
2004-02-25 08:31:46 +01:00
|
|
|
#define CIRCUIT_MAGIC 0x35315243u
|
2003-08-21 01:05:22 +02:00
|
|
|
struct circuit_t {
|
2004-02-25 08:31:46 +01:00
|
|
|
uint32_t magic; /* for memory debugging. */
|
|
|
|
|
|
2004-02-27 23:00:26 +01:00
|
|
|
int marked_for_close; /* Should we close this circuit at the end of the main
|
|
|
|
|
* loop? */
|
2004-03-02 18:48:17 +01:00
|
|
|
char *marked_for_close_file;
|
2004-02-27 23:00:26 +01:00
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
uint32_t n_addr;
|
|
|
|
|
uint16_t n_port;
|
|
|
|
|
connection_t *p_conn;
|
2003-05-28 01:39:04 +02:00
|
|
|
connection_t *n_conn; /* for the OR conn, if there is one */
|
|
|
|
|
connection_t *p_streams;
|
|
|
|
|
connection_t *n_streams;
|
2003-12-19 22:25:44 +01:00
|
|
|
uint16_t next_stream_id;
|
2003-05-20 08:41:23 +02:00
|
|
|
int package_window;
|
|
|
|
|
int deliver_window;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-12-19 20:55:02 +01:00
|
|
|
uint16_t p_circ_id; /* circuit identifiers */
|
|
|
|
|
uint16_t n_circ_id;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-05-02 00:55:51 +02:00
|
|
|
crypto_cipher_env_t *p_crypto; /* used only for intermediate hops */
|
2002-08-22 09:30:03 +02:00
|
|
|
crypto_cipher_env_t *n_crypto;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-12-16 09:21:58 +01:00
|
|
|
crypto_digest_env_t *p_digest; /* for integrity checking, */
|
|
|
|
|
crypto_digest_env_t *n_digest; /* intermediate hops only */
|
|
|
|
|
|
2003-11-14 21:45:47 +01:00
|
|
|
cpath_build_state_t *build_state;
|
2003-05-02 00:55:51 +02:00
|
|
|
crypt_path_t *cpath;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2003-12-16 09:21:58 +01:00
|
|
|
char onionskin[ONIONSKIN_CHALLENGE_LEN]; /* for storage while onionskin pending */
|
2004-04-03 04:40:30 +02:00
|
|
|
char handshake_digest[DIGEST_LEN]; /* Stores KH for intermediate hops */
|
2004-04-02 00:21:01 +02:00
|
|
|
|
2003-11-17 00:43:08 +01:00
|
|
|
time_t timestamp_created;
|
|
|
|
|
time_t timestamp_dirty; /* when the circuit was first used, or 0 if clean */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-05 08:04:03 +02:00
|
|
|
uint8_t state;
|
2004-03-30 21:52:42 +02:00
|
|
|
uint8_t purpose;
|
|
|
|
|
|
2004-04-03 01:38:26 +02:00
|
|
|
/*
|
|
|
|
|
* rend_query holds y portion of y.onion (nul-terminated) if purpose
|
|
|
|
|
* is C_INTRODUCING or C_ESTABLISH_REND, or is a C_GENERAL for a
|
2004-04-08 04:24:06 +02:00
|
|
|
* hidden service, or is S_*.
|
2004-03-30 21:52:42 +02:00
|
|
|
*/
|
2004-04-03 01:38:26 +02:00
|
|
|
char rend_query[REND_SERVICE_ID_LEN+1];
|
|
|
|
|
|
|
|
|
|
/* rend_pk_digest holds a hash of location-hidden service's PK if
|
|
|
|
|
* purpose is INTRO_POINT or S_ESTABLISH_INTRO or S_RENDEZVOUSING
|
|
|
|
|
*/
|
2004-04-03 04:40:30 +02:00
|
|
|
char rend_pk_digest[DIGEST_LEN];
|
2004-04-01 22:05:57 +02:00
|
|
|
|
2004-03-30 21:52:42 +02:00
|
|
|
/* Holds rendezvous cookie if purpose is REND_POINT_WAITING or
|
2004-04-02 23:56:52 +02:00
|
|
|
* C_ESTABLISH_REND. Filled with zeroes otherwise.
|
|
|
|
|
*/
|
2004-03-30 21:52:42 +02:00
|
|
|
char rend_cookie[REND_COOKIE_LEN];
|
|
|
|
|
|
|
|
|
|
/* Points to spliced circuit if purpose is REND_ESTABLISHED, and circuit
|
|
|
|
|
* is not marked for close. */
|
|
|
|
|
struct circuit_t *rend_splice;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2004-03-02 18:48:17 +01:00
|
|
|
struct circuit_t *next;
|
2003-08-21 01:05:22 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
typedef struct circuit_t circuit_t;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2004-03-30 21:52:42 +02:00
|
|
|
typedef struct circuit_data_rend_point_t {
|
|
|
|
|
/* for CIRCUIT_PURPOSE_INTRO_POINT (at OR, from Bob, waiting for intro) */
|
|
|
|
|
char rend_cookie[20];
|
|
|
|
|
} circuit_data_intro_point_t;
|
|
|
|
|
|
2002-12-03 23:18:23 +01:00
|
|
|
typedef struct {
|
2003-10-25 14:01:09 +02:00
|
|
|
char *LogLevel;
|
|
|
|
|
char *LogFile;
|
|
|
|
|
char *DebugLogFile;
|
|
|
|
|
char *DataDirectory;
|
|
|
|
|
char *RouterFile;
|
|
|
|
|
char *Nickname;
|
|
|
|
|
char *Address;
|
|
|
|
|
char *PidFile;
|
2004-04-01 22:33:29 +02:00
|
|
|
|
2003-11-12 20:34:34 +01:00
|
|
|
char *ExitNodes;
|
|
|
|
|
char *EntryNodes;
|
2004-02-28 06:09:37 +01:00
|
|
|
char *ExcludeNodes;
|
2004-04-01 22:33:29 +02:00
|
|
|
|
|
|
|
|
char *RendNodes;
|
|
|
|
|
char *RendExcludeNodes;
|
|
|
|
|
|
2003-10-25 14:01:09 +02:00
|
|
|
char *ExitPolicy;
|
|
|
|
|
char *SocksBindAddress;
|
|
|
|
|
char *ORBindAddress;
|
|
|
|
|
char *DirBindAddress;
|
2003-11-13 07:49:25 +01:00
|
|
|
char *RecommendedVersions;
|
2003-10-25 14:01:09 +02:00
|
|
|
char *User;
|
|
|
|
|
char *Group;
|
2003-11-14 00:01:56 +01:00
|
|
|
double PathlenCoinWeight;
|
2003-10-25 14:01:09 +02:00
|
|
|
int ORPort;
|
|
|
|
|
int SocksPort;
|
|
|
|
|
int DirPort;
|
|
|
|
|
int MaxConn;
|
|
|
|
|
int TrafficShaping;
|
|
|
|
|
int LinkPadding;
|
|
|
|
|
int IgnoreVersion;
|
|
|
|
|
int RunAsDaemon;
|
|
|
|
|
int DirRebuildPeriod;
|
|
|
|
|
int DirFetchPostPeriod;
|
|
|
|
|
int KeepalivePeriod;
|
|
|
|
|
int MaxOnionsPending;
|
|
|
|
|
int NewCircuitPeriod;
|
2004-01-11 00:40:38 +01:00
|
|
|
int BandwidthRate;
|
|
|
|
|
int BandwidthBurst;
|
2003-10-25 14:01:09 +02:00
|
|
|
int NumCpus;
|
|
|
|
|
int loglevel;
|
2004-03-21 04:03:10 +01:00
|
|
|
int RunTesting;
|
2004-03-31 23:35:23 +02:00
|
|
|
struct config_line_t *RendConfigLines;
|
2002-07-03 18:31:22 +02:00
|
|
|
} or_options_t;
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-12-16 10:48:17 +01:00
|
|
|
/* XXX are these good enough defaults? */
|
2004-02-26 23:02:22 +01:00
|
|
|
#define MAX_SOCKS_REPLY_LEN 1024
|
|
|
|
|
#define MAX_SOCKS_ADDR_LEN 256
|
2003-11-11 03:41:31 +01:00
|
|
|
struct socks_request_t {
|
|
|
|
|
char socks_version;
|
|
|
|
|
int replylen;
|
|
|
|
|
char reply[MAX_SOCKS_REPLY_LEN];
|
2004-03-27 06:45:52 +01:00
|
|
|
int has_finished; /* has the socks handshake finished? */
|
2003-11-16 18:00:02 +01:00
|
|
|
char address[MAX_SOCKS_ADDR_LEN];
|
2003-11-11 03:41:31 +01:00
|
|
|
uint16_t port;
|
|
|
|
|
};
|
|
|
|
|
|
2003-10-25 14:01:09 +02:00
|
|
|
/* all the function prototypes go here */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
/********************************* buffers.c ***************************/
|
|
|
|
|
|
2003-09-25 12:42:07 +02:00
|
|
|
int find_on_inbuf(char *string, int string_len, buf_t *buf);
|
|
|
|
|
|
2003-09-25 07:17:11 +02:00
|
|
|
buf_t *buf_new();
|
|
|
|
|
buf_t *buf_new_with_capacity(size_t size);
|
|
|
|
|
void buf_free(buf_t *buf);
|
2004-02-28 20:14:11 +01:00
|
|
|
void buf_clear(buf_t *buf);
|
2003-09-25 07:17:11 +02:00
|
|
|
|
|
|
|
|
size_t buf_datalen(const buf_t *buf);
|
|
|
|
|
size_t buf_capacity(const buf_t *buf);
|
|
|
|
|
const char *_buf_peek_raw_buffer(const buf_t *buf);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-25 07:17:11 +02:00
|
|
|
int read_to_buf(int s, int at_most, buf_t *buf, int *reached_eof);
|
|
|
|
|
int read_to_buf_tls(tor_tls *tls, int at_most, buf_t *buf);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-25 07:17:11 +02:00
|
|
|
int flush_buf(int s, buf_t *buf, int *buf_flushlen);
|
|
|
|
|
int flush_buf_tls(tor_tls *tls, buf_t *buf, int *buf_flushlen);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-25 12:42:07 +02:00
|
|
|
int write_to_buf(const char *string, int string_len, buf_t *buf);
|
2003-09-25 07:17:11 +02:00
|
|
|
int fetch_from_buf(char *string, int string_len, buf_t *buf);
|
|
|
|
|
int fetch_from_buf_http(buf_t *buf,
|
2003-12-17 10:42:28 +01:00
|
|
|
char **headers_out, int max_headerlen,
|
2004-03-31 07:01:30 +02:00
|
|
|
char **body_out, int *body_used, int max_bodylen);
|
2003-11-11 03:41:31 +01:00
|
|
|
int fetch_from_buf_socks(buf_t *buf, socks_request_t *req);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2004-03-03 23:49:15 +01:00
|
|
|
void assert_buf_ok(buf_t *buf);
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/********************************* circuit.c ***************************/
|
|
|
|
|
|
2004-04-09 22:02:16 +02:00
|
|
|
extern char *circuit_state_to_string[];
|
2002-06-27 00:45:49 +02:00
|
|
|
void circuit_add(circuit_t *circ);
|
|
|
|
|
void circuit_remove(circuit_t *circ);
|
2003-12-19 20:55:02 +01:00
|
|
|
circuit_t *circuit_new(uint16_t p_circ_id, connection_t *p_conn);
|
2004-03-02 18:48:17 +01:00
|
|
|
void circuit_close_all_marked(void);
|
2003-09-16 07:41:49 +02:00
|
|
|
void circuit_free(circuit_t *circ);
|
2003-11-12 03:32:20 +01:00
|
|
|
void circuit_free_cpath(crypt_path_t *cpath);
|
2004-03-02 18:48:17 +01:00
|
|
|
int _circuit_mark_for_close(circuit_t *circ);
|
|
|
|
|
|
|
|
|
|
#define circuit_mark_for_close(c) \
|
|
|
|
|
do { \
|
|
|
|
|
if (_circuit_mark_for_close(c)<0) { \
|
|
|
|
|
log(LOG_WARN,"Duplicate call to circuit_mark_for_close at %s:%d (first at %s:%d)", \
|
|
|
|
|
__FILE__,__LINE__,c->marked_for_close_file,c->marked_for_close); \
|
|
|
|
|
} else { \
|
|
|
|
|
c->marked_for_close_file = __FILE__; \
|
|
|
|
|
c->marked_for_close = __LINE__; \
|
|
|
|
|
} \
|
|
|
|
|
} while (0)
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-12-19 20:55:02 +01:00
|
|
|
circuit_t *circuit_get_by_circ_id_conn(uint16_t circ_id, connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
circuit_t *circuit_get_by_conn(connection_t *conn);
|
2004-04-05 02:47:48 +02:00
|
|
|
circuit_t *circuit_get_best(connection_t *conn,
|
|
|
|
|
int must_be_open, uint8_t purpose);
|
2004-04-03 01:44:46 +02:00
|
|
|
circuit_t *circuit_get_next_by_pk_and_purpose(circuit_t *circuit,
|
2004-04-03 02:55:53 +02:00
|
|
|
const char *servid, uint8_t purpose);
|
2004-04-02 23:56:52 +02:00
|
|
|
circuit_t *circuit_get_rendezvous(const char *cookie);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-11-18 08:48:00 +01:00
|
|
|
void circuit_expire_building(void);
|
|
|
|
|
int circuit_count_building(void);
|
2003-12-13 00:03:25 +01:00
|
|
|
int circuit_stream_is_being_handled(connection_t *conn);
|
2004-04-13 00:47:12 +02:00
|
|
|
void circuit_build_needed_circs(time_t now);
|
2003-11-18 08:48:00 +01:00
|
|
|
|
2003-12-23 08:45:31 +01:00
|
|
|
int circuit_receive_relay_cell(cell_t *cell, circuit_t *circ,
|
|
|
|
|
int cell_direction);
|
|
|
|
|
int circuit_package_relay_cell(cell_t *cell, circuit_t *circ,
|
2003-05-02 23:29:25 +02:00
|
|
|
int cell_direction, crypt_path_t *layer_hint);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2004-04-08 11:41:28 +02:00
|
|
|
void circuit_resume_edge_reading(circuit_t *circ, crypt_path_t *layer_hint);
|
|
|
|
|
int circuit_consider_stop_edge_reading(circuit_t *circ, crypt_path_t *layer_hint);
|
|
|
|
|
void circuit_consider_sending_sendme(circuit_t *circ, crypt_path_t *layer_hint);
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
|
2004-02-18 02:21:20 +01:00
|
|
|
void circuit_detach_stream(circuit_t *circ, connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
void circuit_about_to_close_connection(connection_t *conn);
|
|
|
|
|
|
2004-01-20 10:21:46 +01:00
|
|
|
void circuit_log_path(int severity, circuit_t *circ);
|
2003-10-15 20:37:19 +02:00
|
|
|
void circuit_dump_by_conn(connection_t *conn, int severity);
|
2002-09-22 00:41:48 +02:00
|
|
|
|
2003-04-16 18:17:27 +02:00
|
|
|
void circuit_expire_unused_circuits(void);
|
2004-04-01 05:44:49 +02:00
|
|
|
circuit_t *circuit_launch_new(uint8_t purpose, const char *exit_nickname);
|
2003-11-19 03:22:52 +01:00
|
|
|
void circuit_increment_failure_count(void);
|
|
|
|
|
void circuit_reset_failure_count(void);
|
2003-04-16 08:18:31 +02:00
|
|
|
void circuit_n_conn_open(connection_t *or_conn);
|
2003-05-06 01:24:46 +02:00
|
|
|
int circuit_send_next_onion_skin(circuit_t *circ);
|
|
|
|
|
int circuit_extend(cell_t *cell, circuit_t *circ);
|
2004-04-02 00:21:01 +02:00
|
|
|
#define CPATH_KEY_MATERIAL_LEN (20*2+16*2)
|
2004-04-05 22:53:50 +02:00
|
|
|
int circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data,int reverse);
|
2003-05-06 01:24:46 +02:00
|
|
|
int circuit_finish_handshake(circuit_t *circ, char *reply);
|
2003-06-12 12:16:33 +02:00
|
|
|
int circuit_truncated(circuit_t *circ, crypt_path_t *layer);
|
2003-04-16 08:18:31 +02:00
|
|
|
|
cleanups, bugfixes, more verbose logs
Fixed up the assert_*_ok funcs some (more work remains)
Changed config so it reads either /etc/torrc or the -f arg, never both
Finally tracked down a nasty bug with our use of tls:
It turns out that if you ask SSL_read() for no more than n bytes, it
will read the entire record from the network (and maybe part of the next
record, I'm not sure), give you n bytes of it, and keep the remaining
bytes internally. This is fine, except our poll-for-read looks at the
network, and there are no bytes pending on the network, so we never know
to ask SSL_read() for more bytes. Currently I've hacked it so if we ask
for n bytes and it returns n bytes, then it reads again right then. This
will interact poorly with our rate limiting; we need a cleaner solution.
svn:r481
2003-09-24 23:24:52 +02:00
|
|
|
void assert_cpath_ok(const crypt_path_t *c);
|
|
|
|
|
void assert_cpath_layer_ok(const crypt_path_t *c);
|
|
|
|
|
void assert_circuit_ok(const circuit_t *c);
|
2003-09-16 21:36:19 +02:00
|
|
|
|
2003-10-02 22:00:38 +02:00
|
|
|
extern unsigned long stats_n_relay_cells_relayed;
|
|
|
|
|
extern unsigned long stats_n_relay_cells_delivered;
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/********************************* command.c ***************************/
|
|
|
|
|
|
|
|
|
|
void command_process_cell(cell_t *cell, connection_t *conn);
|
|
|
|
|
|
2003-10-02 22:00:38 +02:00
|
|
|
extern unsigned long stats_n_padding_cells_processed;
|
|
|
|
|
extern unsigned long stats_n_create_cells_processed;
|
|
|
|
|
extern unsigned long stats_n_created_cells_processed;
|
|
|
|
|
extern unsigned long stats_n_relay_cells_processed;
|
|
|
|
|
extern unsigned long stats_n_destroy_cells_processed;
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/********************************* config.c ***************************/
|
|
|
|
|
|
2004-03-31 23:35:23 +02:00
|
|
|
struct config_line_t {
|
|
|
|
|
char *key;
|
|
|
|
|
char *value;
|
|
|
|
|
struct config_line_t *next;
|
|
|
|
|
};
|
|
|
|
|
|
2004-02-26 23:56:36 +01:00
|
|
|
int config_assign_default_dirservers(void);
|
2002-11-23 07:49:01 +01:00
|
|
|
int getconfig(int argc, char **argv, or_options_t *options);
|
2002-07-03 18:31:22 +02:00
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/********************************* connection.c ***************************/
|
|
|
|
|
|
2004-03-14 17:00:52 +01:00
|
|
|
#define CONN_TYPE_TO_STRING(t) (((t) < _CONN_TYPE_MIN || (t) > _CONN_TYPE_MAX) ? \
|
|
|
|
|
"Unknown" : conn_type_to_string[(t)])
|
2004-03-11 07:19:08 +01:00
|
|
|
|
|
|
|
|
extern char *conn_type_to_string[];
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
connection_t *connection_new(int type);
|
|
|
|
|
void connection_free(connection_t *conn);
|
2004-01-06 08:53:40 +01:00
|
|
|
void connection_free_all(void);
|
2004-02-28 20:14:11 +01:00
|
|
|
void connection_close_immediate(connection_t *conn);
|
2004-02-27 23:00:26 +01:00
|
|
|
int _connection_mark_for_close(connection_t *conn, char reason);
|
|
|
|
|
|
|
|
|
|
#define connection_mark_for_close(c,r) \
|
|
|
|
|
do { \
|
|
|
|
|
if (_connection_mark_for_close(c,r)<0) { \
|
2004-02-28 05:11:53 +01:00
|
|
|
log(LOG_WARN,"Duplicate call to connection_mark_for_close at %s:%d (first at %s:%d)", \
|
|
|
|
|
__FILE__,__LINE__,c->marked_for_close_file,c->marked_for_close); \
|
|
|
|
|
} else { \
|
|
|
|
|
c->marked_for_close_file = __FILE__; \
|
|
|
|
|
c->marked_for_close = __LINE__; \
|
2004-02-27 23:00:26 +01:00
|
|
|
} \
|
|
|
|
|
} while (0)
|
|
|
|
|
|
2004-03-03 06:08:01 +01:00
|
|
|
void connection_expire_held_open(void);
|
|
|
|
|
|
2003-10-25 14:01:09 +02:00
|
|
|
int connection_create_listener(char *bindaddress, uint16_t bindport, int type);
|
2003-09-08 12:59:00 +02:00
|
|
|
|
2003-09-16 03:58:46 +02:00
|
|
|
int connection_connect(connection_t *conn, char *address, uint32_t addr, uint16_t port);
|
2003-10-25 14:01:09 +02:00
|
|
|
int retry_all_connections(void);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2004-03-14 18:06:29 +01:00
|
|
|
void connection_bucket_init(void);
|
|
|
|
|
void connection_bucket_refill(struct timeval *now);
|
|
|
|
|
|
2003-09-05 08:04:03 +02:00
|
|
|
int connection_handle_read(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
int connection_read_to_buf(connection_t *conn);
|
|
|
|
|
|
|
|
|
|
int connection_fetch_from_buf(char *string, int len, connection_t *conn);
|
2002-09-28 07:53:00 +02:00
|
|
|
int connection_find_on_inbuf(char *string, int len, connection_t *conn);
|
2003-09-16 07:41:49 +02:00
|
|
|
|
2002-07-18 08:37:58 +02:00
|
|
|
int connection_wants_to_flush(connection_t *conn);
|
2003-09-16 07:41:49 +02:00
|
|
|
int connection_outbuf_too_full(connection_t *conn);
|
2003-09-05 08:04:03 +02:00
|
|
|
int connection_handle_write(connection_t *conn);
|
2003-10-04 04:38:18 +02:00
|
|
|
void connection_write_to_buf(const char *string, int len, connection_t *conn);
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
|
2003-09-30 21:06:22 +02:00
|
|
|
connection_t *connection_twin_get_by_addr_port(uint32_t addr, uint16_t port);
|
|
|
|
|
connection_t *connection_exact_get_by_addr_port(uint32_t addr, uint16_t port);
|
|
|
|
|
|
|
|
|
|
connection_t *connection_get_by_type(int type);
|
|
|
|
|
connection_t *connection_get_by_type_state(int type, int state);
|
|
|
|
|
connection_t *connection_get_by_type_state_lastwritten(int type, int state);
|
2004-04-05 02:47:48 +02:00
|
|
|
connection_t *connection_get_by_type_rendquery(int type, char *rendquery);
|
2003-09-30 21:06:22 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
#define connection_speaks_cells(conn) ((conn)->type == CONN_TYPE_OR)
|
2003-10-09 20:45:14 +02:00
|
|
|
#define connection_has_pending_tls_data(conn) \
|
|
|
|
|
((conn)->type == CONN_TYPE_OR && \
|
|
|
|
|
(conn)->state == OR_CONN_STATE_OPEN && \
|
2004-03-14 17:00:52 +01:00
|
|
|
tor_tls_get_pending_bytes((conn)->tls))
|
2002-09-22 00:41:48 +02:00
|
|
|
int connection_is_listener(connection_t *conn);
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
int connection_state_is_open(connection_t *conn);
|
|
|
|
|
|
2003-12-19 20:55:02 +01:00
|
|
|
int connection_send_destroy(uint16_t circ_id, connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
|
int connection_process_inbuf(connection_t *conn);
|
|
|
|
|
int connection_finished_flushing(connection_t *conn);
|
|
|
|
|
|
2003-09-16 21:36:19 +02:00
|
|
|
void assert_connection_ok(connection_t *conn, time_t now);
|
|
|
|
|
|
2003-04-12 00:11:11 +02:00
|
|
|
/********************************* connection_edge.c ***************************/
|
|
|
|
|
|
2003-12-19 06:09:51 +01:00
|
|
|
void relay_header_pack(char *dest, const relay_header_t *src);
|
|
|
|
|
void relay_header_unpack(relay_header_t *dest, const char *src);
|
2003-04-12 00:11:11 +02:00
|
|
|
int connection_edge_process_inbuf(connection_t *conn);
|
2004-02-29 01:11:37 +01:00
|
|
|
int connection_edge_destroy(uint16_t circ_id, connection_t *conn);
|
2003-12-14 09:32:14 +01:00
|
|
|
int connection_edge_end(connection_t *conn, char reason, crypt_path_t *cpath_layer);
|
2004-04-01 00:02:13 +02:00
|
|
|
int connection_edge_send_command(connection_t *fromconn, circuit_t *circ,
|
2004-04-03 05:37:11 +02:00
|
|
|
int relay_command, const char *payload,
|
2004-04-01 00:02:13 +02:00
|
|
|
int payload_len, crypt_path_t *cpath_layer);
|
|
|
|
|
int connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ,
|
2004-04-08 11:41:28 +02:00
|
|
|
connection_t *conn,
|
2004-04-01 00:02:13 +02:00
|
|
|
crypt_path_t *layer_hint);
|
2003-04-12 00:11:11 +02:00
|
|
|
int connection_edge_finished_flushing(connection_t *conn);
|
|
|
|
|
|
2003-10-09 20:45:14 +02:00
|
|
|
int connection_edge_package_raw_inbuf(connection_t *conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2004-04-03 01:54:48 +02:00
|
|
|
int connection_ap_handshake_attach_circuit(connection_t *conn);
|
2004-04-05 09:41:31 +02:00
|
|
|
int connection_ap_handshake_send_begin(connection_t *ap_conn, circuit_t *circ);
|
2004-04-03 01:54:48 +02:00
|
|
|
|
2004-04-01 00:02:13 +02:00
|
|
|
int connection_ap_make_bridge(char *address, uint16_t port);
|
|
|
|
|
|
2004-03-27 06:45:52 +01:00
|
|
|
void connection_ap_handshake_socks_reply(connection_t *conn, char *reply,
|
|
|
|
|
int replylen, char success);
|
|
|
|
|
|
2003-10-22 09:55:44 +02:00
|
|
|
void connection_exit_connect(connection_t *conn);
|
2004-04-06 23:52:01 +02:00
|
|
|
int connection_edge_is_rendezvous_stream(connection_t *conn);
|
2003-12-06 07:01:42 +01:00
|
|
|
int connection_ap_can_use_exit(connection_t *conn, routerinfo_t *exit);
|
2004-01-20 10:21:46 +01:00
|
|
|
void connection_ap_expire_beginning(void);
|
2003-11-11 03:41:31 +01:00
|
|
|
void connection_ap_attach_pending(void);
|
|
|
|
|
|
2003-10-02 22:00:38 +02:00
|
|
|
extern uint64_t stats_n_data_cells_packaged;
|
|
|
|
|
extern uint64_t stats_n_data_bytes_packaged;
|
|
|
|
|
extern uint64_t stats_n_data_cells_received;
|
|
|
|
|
extern uint64_t stats_n_data_bytes_received;
|
|
|
|
|
|
2003-11-16 18:00:02 +01:00
|
|
|
void client_dns_init(void);
|
2003-11-16 22:49:52 +01:00
|
|
|
void client_dns_clean(void);
|
2003-11-16 18:00:02 +01:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
/********************************* connection_or.c ***************************/
|
2002-06-27 00:45:49 +02:00
|
|
|
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
int connection_or_process_inbuf(connection_t *conn);
|
|
|
|
|
int connection_or_finished_flushing(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-25 12:42:07 +02:00
|
|
|
void connection_or_init_conn_from_router(connection_t *conn, routerinfo_t *router);
|
2003-05-28 04:03:25 +02:00
|
|
|
connection_t *connection_or_connect(routerinfo_t *router);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2003-09-30 20:45:55 +02:00
|
|
|
int connection_tls_start_handshake(connection_t *conn, int receiving);
|
|
|
|
|
int connection_tls_continue_handshake(connection_t *conn);
|
|
|
|
|
|
2003-12-23 08:45:31 +01:00
|
|
|
void connection_or_write_cell_to_buf(const cell_t *cell, connection_t *conn);
|
2003-09-13 00:45:31 +02:00
|
|
|
|
2003-08-21 01:05:22 +02:00
|
|
|
/********************************* cpuworker.c *****************************/
|
|
|
|
|
|
|
|
|
|
void cpu_init(void);
|
|
|
|
|
int connection_cpu_finished_flushing(connection_t *conn);
|
|
|
|
|
int connection_cpu_process_inbuf(connection_t *conn);
|
|
|
|
|
int cpuworker_main(void *data);
|
|
|
|
|
int assign_to_cpuworker(connection_t *cpuworker, unsigned char question_type,
|
|
|
|
|
void *task);
|
|
|
|
|
|
2002-09-26 14:09:10 +02:00
|
|
|
/********************************* directory.c ***************************/
|
|
|
|
|
|
2004-04-01 00:02:13 +02:00
|
|
|
void directory_initiate_command(routerinfo_t *router, int purpose,
|
|
|
|
|
const char *payload, int payload_len);
|
2002-09-26 14:09:10 +02:00
|
|
|
int connection_dir_process_inbuf(connection_t *conn);
|
|
|
|
|
int connection_dir_finished_flushing(connection_t *conn);
|
|
|
|
|
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
/********************************* dns.c ***************************/
|
|
|
|
|
|
2003-06-25 09:19:30 +02:00
|
|
|
void dns_init(void);
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
int connection_dns_finished_flushing(connection_t *conn);
|
|
|
|
|
int connection_dns_process_inbuf(connection_t *conn);
|
2004-02-28 23:23:44 +01:00
|
|
|
void connection_dns_remove(connection_t *conn);
|
2004-03-28 06:54:36 +02:00
|
|
|
void assert_connection_edge_not_dns_pending(connection_t *conn);
|
2004-04-09 11:39:42 +02:00
|
|
|
void assert_all_pending_dns_resolves_ok(void);
|
2004-02-28 23:23:44 +01:00
|
|
|
void dns_cancel_pending_resolve(char *question);
|
2003-02-14 08:53:55 +01:00
|
|
|
int dns_resolve(connection_t *exitconn);
|
major overhaul: dns slave subsystem, topics
on startup, it forks off a master dns handler, which forks off dns
slaves (like the apache model). slaves as spawned as load increases,
and then reused. excess slaves are not ever killed, currently.
implemented topics. each topic has a receive window in each direction
at each edge of the circuit, and sends sendme's at the data level, as
per before. each circuit also has receive windows in each direction at
each hop; an edge sends a circuit-level sendme as soon as enough data
cells have arrived (regardless of whether the data cells were flushed
to the exit conns). removed the 'connected' cell type, since it's now
a topic command within data cells.
at the edge of the circuit, there can be multiple connections associated
with a single circuit. you find them via the linked list conn->next_topic.
currently each new ap connection starts its own circuit, so we ought
to see comparable performance to what we had before. but that's only
because i haven't written the code to reattach to old circuits. please
try to break it as-is, and then i'll make it reuse the same circuit and
we'll try to break that.
svn:r152
2003-01-26 10:02:24 +01:00
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
/********************************* main.c ***************************/
|
|
|
|
|
|
|
|
|
|
int connection_add(connection_t *conn);
|
|
|
|
|
int connection_remove(connection_t *conn);
|
|
|
|
|
void connection_set_poll_socket(connection_t *conn);
|
|
|
|
|
|
2003-09-30 21:27:54 +02:00
|
|
|
void get_connection_array(connection_t ***array, int *n);
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
void connection_watch_events(connection_t *conn, short events);
|
2003-09-07 12:24:40 +02:00
|
|
|
int connection_is_reading(connection_t *conn);
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
void connection_stop_reading(connection_t *conn);
|
|
|
|
|
void connection_start_reading(connection_t *conn);
|
2004-03-03 06:08:01 +01:00
|
|
|
|
2004-02-27 05:42:14 +01:00
|
|
|
int connection_is_writing(connection_t *conn);
|
2002-07-18 08:37:58 +02:00
|
|
|
void connection_stop_writing(connection_t *conn);
|
|
|
|
|
void connection_start_writing(connection_t *conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2004-04-01 00:02:13 +02:00
|
|
|
void directory_has_arrived(void);
|
|
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
int main(int argc, char *argv[]);
|
|
|
|
|
|
|
|
|
|
/********************************* onion.c ***************************/
|
|
|
|
|
|
2003-11-11 04:01:48 +01:00
|
|
|
int decide_circ_id_type(char *local_nick, char *remote_nick);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-11-27 05:08:20 +01:00
|
|
|
int onion_pending_add(circuit_t *circ);
|
2003-08-21 01:05:22 +02:00
|
|
|
circuit_t *onion_next_task(void);
|
2002-11-27 05:08:20 +01:00
|
|
|
void onion_pending_remove(circuit_t *circ);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-14 04:58:50 +02:00
|
|
|
int onionskin_answer(circuit_t *circ, unsigned char *payload, unsigned char *keys);
|
2003-08-21 01:05:22 +02:00
|
|
|
|
2004-04-02 00:21:01 +02:00
|
|
|
|
|
|
|
|
void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop);
|
2003-12-17 22:09:31 +01:00
|
|
|
int onion_extend_cpath(crypt_path_t **head_ptr, cpath_build_state_t *state,
|
2003-11-14 21:45:47 +01:00
|
|
|
routerinfo_t **router_out);
|
2003-04-16 18:19:27 +02:00
|
|
|
|
2003-05-05 06:27:00 +02:00
|
|
|
int onion_skin_create(crypto_pk_env_t *router_key,
|
|
|
|
|
crypto_dh_env_t **handshake_state_out,
|
2003-12-16 09:21:58 +01:00
|
|
|
char *onion_skin_out);
|
2003-05-05 06:27:00 +02:00
|
|
|
|
2003-12-16 09:21:58 +01:00
|
|
|
int onion_skin_server_handshake(char *onion_skin,
|
2003-05-05 06:27:00 +02:00
|
|
|
crypto_pk_env_t *private_key,
|
2003-12-16 09:21:58 +01:00
|
|
|
char *handshake_reply_out,
|
2003-05-05 06:27:00 +02:00
|
|
|
char *key_out,
|
|
|
|
|
int key_out_len);
|
|
|
|
|
|
|
|
|
|
int onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
|
2003-12-16 09:21:58 +01:00
|
|
|
char *handshake_reply,
|
2003-05-05 06:27:00 +02:00
|
|
|
char *key_out,
|
|
|
|
|
int key_out_len);
|
|
|
|
|
|
2004-04-01 22:33:29 +02:00
|
|
|
cpath_build_state_t *onion_new_cpath_build_state(uint8_t purpose,
|
|
|
|
|
const char *exit_nickname);
|
2003-11-12 03:55:38 +01:00
|
|
|
|
2003-12-06 06:54:04 +01:00
|
|
|
/********************************* router.c ***************************/
|
|
|
|
|
|
|
|
|
|
void set_onion_key(crypto_pk_env_t *k);
|
|
|
|
|
crypto_pk_env_t *get_onion_key(void);
|
|
|
|
|
void set_identity_key(crypto_pk_env_t *k);
|
|
|
|
|
crypto_pk_env_t *get_identity_key(void);
|
|
|
|
|
crypto_pk_env_t *get_link_key(void);
|
|
|
|
|
int init_keys(void);
|
2004-03-31 23:35:23 +02:00
|
|
|
crypto_pk_env_t *init_key_from_file(const char *fname);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2002-10-03 00:54:20 +02:00
|
|
|
void router_retry_connections(void);
|
2004-04-01 05:23:28 +02:00
|
|
|
void router_upload_dir_desc_to_dirservers(void);
|
|
|
|
|
void router_post_to_dirservers(uint8_t purpose, const char *payload, int payload_len);
|
2003-12-06 06:54:04 +01:00
|
|
|
int router_compare_to_my_exit_policy(connection_t *conn);
|
2004-04-06 00:22:42 +02:00
|
|
|
routerinfo_t *router_get_my_routerinfo(void);
|
2003-12-06 06:54:04 +01:00
|
|
|
const char *router_get_my_descriptor(void);
|
2004-04-07 21:46:27 +02:00
|
|
|
int router_is_me(routerinfo_t *router);
|
2003-12-06 06:54:04 +01:00
|
|
|
int router_rebuild_descriptor(void);
|
|
|
|
|
int router_dump_router_to_string(char *s, int maxlen, routerinfo_t *router,
|
|
|
|
|
crypto_pk_env_t *ident_key);
|
|
|
|
|
|
|
|
|
|
/********************************* routerlist.c ***************************/
|
|
|
|
|
|
2002-09-26 14:09:10 +02:00
|
|
|
routerinfo_t *router_pick_directory_server(void);
|
2004-04-03 01:54:48 +02:00
|
|
|
struct smartlist_t;
|
2004-04-03 00:30:39 +02:00
|
|
|
routerinfo_t *router_choose_random_node(routerlist_t *dir,
|
|
|
|
|
char *preferred, char *excluded,
|
2004-04-03 01:01:00 +02:00
|
|
|
struct smartlist_t *excludedsmartlist);
|
2002-09-26 14:09:10 +02:00
|
|
|
routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port);
|
2003-09-25 07:17:11 +02:00
|
|
|
routerinfo_t *router_get_by_link_pk(crypto_pk_env_t *pk);
|
2003-09-30 23:27:16 +02:00
|
|
|
routerinfo_t *router_get_by_nickname(char *nickname);
|
2003-12-06 06:54:04 +01:00
|
|
|
void router_get_routerlist(routerlist_t **prouterlist);
|
|
|
|
|
void routerinfo_free(routerinfo_t *router);
|
2004-04-08 00:18:57 +02:00
|
|
|
routerinfo_t *routerinfo_copy(const routerinfo_t *router);
|
2004-04-07 23:36:03 +02:00
|
|
|
int router_version_supports_rendezvous(routerinfo_t *router);
|
|
|
|
|
void router_add_nonrendezvous_to_list(smartlist_t *sl);
|
2003-09-30 23:27:16 +02:00
|
|
|
void router_mark_as_down(char *nickname);
|
2003-12-06 06:54:04 +01:00
|
|
|
int router_set_routerlist_from_file(char *routerfile);
|
2004-02-26 22:25:51 +01:00
|
|
|
int router_set_routerlist_from_string(const char *s);
|
2003-12-09 00:45:37 +01:00
|
|
|
int router_get_dir_hash(const char *s, char *digest);
|
|
|
|
|
int router_get_router_hash(const char *s, char *digest);
|
|
|
|
|
int router_set_routerlist_from_directory(const char *s, crypto_pk_env_t *pkey);
|
2004-03-05 06:48:28 +01:00
|
|
|
routerinfo_t *router_get_entry_from_string(const char *s, const char *end);
|
2003-12-09 00:45:37 +01:00
|
|
|
int router_add_exit_policy_from_string(routerinfo_t *router, const char *s);
|
2003-11-14 21:45:47 +01:00
|
|
|
int router_compare_addr_to_exit_policy(uint32_t addr, uint16_t port,
|
|
|
|
|
struct exit_policy_t *policy);
|
2004-02-17 08:56:33 +01:00
|
|
|
#define ADDR_POLICY_ACCEPTED 0
|
|
|
|
|
#define ADDR_POLICY_REJECTED -1
|
|
|
|
|
#define ADDR_POLICY_UNKNOWN 1
|
2003-12-03 09:06:55 +01:00
|
|
|
int router_exit_policy_all_routers_reject(uint32_t addr, uint16_t port);
|
|
|
|
|
int router_exit_policy_rejects_all(routerinfo_t *router);
|
2003-04-08 08:44:38 +02:00
|
|
|
|
2003-09-27 23:30:10 +02:00
|
|
|
/********************************* dirserv.c ***************************/
|
2003-09-30 21:27:54 +02:00
|
|
|
int dirserv_add_own_fingerprint(const char *nickname, crypto_pk_env_t *pk);
|
2003-09-27 23:30:10 +02:00
|
|
|
int dirserv_parse_fingerprint_file(const char *fname);
|
|
|
|
|
int dirserv_router_fingerprint_is_known(const routerinfo_t *router);
|
|
|
|
|
void dirserv_free_fingerprint_list();
|
|
|
|
|
int dirserv_add_descriptor(const char **desc);
|
|
|
|
|
int dirserv_init_from_directory_string(const char *dir);
|
|
|
|
|
void dirserv_free_descriptors();
|
|
|
|
|
int dirserv_dump_directory_to_string(char *s, int maxlen,
|
|
|
|
|
crypto_pk_env_t *private_key);
|
2004-03-29 21:28:16 +02:00
|
|
|
void directory_set_dirty(void);
|
2003-09-27 23:30:10 +02:00
|
|
|
size_t dirserv_get_directory(const char **cp);
|
2004-03-29 21:28:16 +02:00
|
|
|
void dirserv_remove_old_servers(void);
|
2003-09-27 23:30:10 +02:00
|
|
|
|
|
|
|
|
|
2004-03-20 02:48:05 +01:00
|
|
|
/********************************* rephist.c ***************************/
|
|
|
|
|
|
|
|
|
|
void rep_hist_init(void);
|
|
|
|
|
void rep_hist_note_connect_failed(const char* nickname, time_t when);
|
|
|
|
|
void rep_hist_note_connect_succeeded(const char* nickname, time_t when);
|
2004-03-20 05:59:29 +01:00
|
|
|
void rep_hist_note_disconnect(const char* nickname, time_t when);
|
2004-03-20 02:48:05 +01:00
|
|
|
void rep_hist_note_connection_died(const char* nickname, time_t when);
|
|
|
|
|
void rep_hist_note_extend_succeeded(const char *from_name,
|
2004-04-03 00:23:15 +02:00
|
|
|
const char *to_name);
|
2004-03-20 02:48:05 +01:00
|
|
|
void rep_hist_note_extend_failed(const char *from_name, const char *to_name);
|
2004-03-20 05:59:29 +01:00
|
|
|
void rep_hist_dump_stats(time_t now, int severity);
|
2004-03-20 02:48:05 +01:00
|
|
|
|
2004-04-03 00:23:15 +02:00
|
|
|
/********************************* rendclient.c ***************************/
|
|
|
|
|
|
2004-04-05 02:47:48 +02:00
|
|
|
void rend_client_introcirc_is_open(circuit_t *circ);
|
|
|
|
|
void rend_client_rendcirc_is_open(circuit_t *circ);
|
2004-04-13 01:33:47 +02:00
|
|
|
int rend_client_introduction_acked(circuit_t *circ, const char *request, int request_len);
|
2004-04-05 02:47:48 +02:00
|
|
|
int rend_client_rendezvous_acked(circuit_t *circ, const char *request, int request_len);
|
2004-04-05 09:41:31 +02:00
|
|
|
int rend_client_receive_rendezvous(circuit_t *circ, const char *request, int request_len);
|
2004-04-03 01:38:26 +02:00
|
|
|
void rend_client_desc_fetched(char *query, int success);
|
2004-04-03 00:23:15 +02:00
|
|
|
|
2004-04-03 03:59:53 +02:00
|
|
|
int rend_cmp_service_ids(char *one, char *two);
|
2004-04-05 19:51:00 +02:00
|
|
|
char *rend_client_get_random_intro(char *query);
|
2004-04-03 03:59:53 +02:00
|
|
|
int rend_parse_rendezvous_address(char *address);
|
|
|
|
|
|
2004-04-03 06:22:22 +02:00
|
|
|
int rend_client_send_establish_rendezvous(circuit_t *circ);
|
2004-04-05 09:41:31 +02:00
|
|
|
int rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc);
|
2004-04-03 06:22:22 +02:00
|
|
|
|
2004-03-30 21:52:42 +02:00
|
|
|
/********************************* rendcommon.c ***************************/
|
|
|
|
|
|
2004-03-31 04:07:38 +02:00
|
|
|
typedef struct rend_service_descriptor_t {
|
|
|
|
|
crypto_pk_env_t *pk;
|
|
|
|
|
time_t timestamp;
|
|
|
|
|
int n_intro_points;
|
|
|
|
|
char **intro_points;
|
|
|
|
|
} rend_service_descriptor_t;
|
|
|
|
|
|
2004-04-03 05:37:11 +02:00
|
|
|
void rend_process_relay_cell(circuit_t *circ, int command, int length,
|
|
|
|
|
const char *payload);
|
|
|
|
|
|
2004-03-31 04:07:38 +02:00
|
|
|
void rend_service_descriptor_free(rend_service_descriptor_t *desc);
|
|
|
|
|
int rend_encode_service_descriptor(rend_service_descriptor_t *desc,
|
|
|
|
|
crypto_pk_env_t *key,
|
|
|
|
|
char **str_out,
|
|
|
|
|
int *len_out);
|
|
|
|
|
rend_service_descriptor_t *rend_parse_service_descriptor(const char *str, int len);
|
2004-03-31 05:42:56 +02:00
|
|
|
int rend_get_service_id(crypto_pk_env_t *pk, char *out);
|
|
|
|
|
|
2004-04-08 00:00:54 +02:00
|
|
|
typedef struct rend_cache_entry_t {
|
|
|
|
|
int len; /* Length of desc */
|
|
|
|
|
time_t received; /* When did we get the descriptor? */
|
|
|
|
|
char *desc; /* Service descriptor */
|
|
|
|
|
rend_service_descriptor_t *parsed; /* Parsed value of 'desc' */
|
|
|
|
|
} rend_cache_entry_t;
|
|
|
|
|
|
2004-03-31 06:10:10 +02:00
|
|
|
void rend_cache_init(void);
|
|
|
|
|
void rend_cache_clean(void);
|
2004-04-03 05:06:06 +02:00
|
|
|
int rend_valid_service_id(char *query);
|
2004-04-08 00:00:54 +02:00
|
|
|
int rend_cache_lookup_desc(char *query, const char **desc, int *desc_len);
|
|
|
|
|
int rend_cache_lookup_entry(char *query, rend_cache_entry_t **entry_out);
|
2004-03-31 06:10:10 +02:00
|
|
|
int rend_cache_store(char *desc, int desc_len);
|
2004-03-31 04:07:38 +02:00
|
|
|
|
2004-03-31 23:35:23 +02:00
|
|
|
/********************************* rendservice.c ***************************/
|
|
|
|
|
|
|
|
|
|
int rend_config_services(or_options_t *options);
|
|
|
|
|
int rend_service_init_keys(void);
|
2004-04-01 05:23:28 +02:00
|
|
|
int rend_services_init(void);
|
2004-03-31 23:35:23 +02:00
|
|
|
|
2004-04-02 00:21:01 +02:00
|
|
|
void rend_service_intro_is_ready(circuit_t *circuit);
|
2004-04-03 06:55:22 +02:00
|
|
|
int rend_service_intro_established(circuit_t *circuit, const char *request, int request_len);
|
2004-04-02 00:21:01 +02:00
|
|
|
void rend_service_rendezvous_is_ready(circuit_t *circuit);
|
2004-04-03 05:37:11 +02:00
|
|
|
int rend_service_introduce(circuit_t *circuit, const char *request, int request_len);
|
2004-04-07 00:05:49 +02:00
|
|
|
int rend_service_set_connection_addr_port(connection_t *conn, circuit_t *circ);
|
2004-04-09 22:02:16 +02:00
|
|
|
void rend_service_dump_stats(int severity);
|
2004-04-03 05:37:11 +02:00
|
|
|
|
|
|
|
|
/********************************* rendmid.c *******************************/
|
|
|
|
|
int rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len);
|
|
|
|
|
int rend_mid_introduce(circuit_t *circ, const char *request, int request_len);
|
|
|
|
|
int rend_mid_establish_rendezvous(circuit_t *circ, const char *request, int request_len);
|
|
|
|
|
int rend_mid_rendezvous(circuit_t *circ, const char *request, int request_len);
|
2004-04-02 00:21:01 +02:00
|
|
|
|
2002-06-27 00:45:49 +02:00
|
|
|
#endif
|
2003-04-07 04:12:02 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
Local Variables:
|
|
|
|
|
mode:c
|
|
|
|
|
indent-tabs-mode:nil
|
|
|
|
|
c-basic-offset:2
|
|
|
|
|
End:
|
|
|
|
|
*/
|