2003-10-08 04:04:08 +02:00
|
|
|
/* Copyright 2001,2002,2003 Roger Dingledine, Matej Pfajfar. */
|
Implemented link padding and receiver token buckets
Each socket reads at most 'bandwidth' bytes per second sustained, but
can handle bursts of up to 10*bandwidth bytes.
Cells are now sent out at evenly-spaced intervals, with padding sent
out otherwise. Set Linkpadding=0 in the rc file to send cells as soon
as they're available (and to never send padding cells).
Added license/copyrights statements at the top of most files.
router->min and router->max have been merged into a single 'bandwidth'
value. We should make the routerinfo_t reflect this (want to do that,
Mat?)
As the bandwidth increases, and we want to stop sleeping more and more
frequently to send a single cell, cpu usage goes up. At 128kB/s we're
pretty much calling poll with a timeout of 1ms or even 0ms. The current
code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll()
handles everything that should have happened in the past, so as long as
our buffers don't get too full in that 10ms, we're ok.
Speaking of too full, if you run three servers at 100kB/s with -l debug,
it spends too much time printing debugging messages to be able to keep
up with the cells. The outbuf ultimately fills up and it kills that
connection. If you run with -l err, it works fine up through 500kB/s and
probably beyond. Down the road we'll want to teach it to recognize when
an outbuf is getting full, and back off.
svn:r50
2002-07-16 03:12:15 +02:00
|
|
|
/* See LICENSE for licensing information */
|
|
|
|
/* $Id$ */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
#include "or.h"
|
2003-06-21 21:29:32 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
extern or_options_t options; /* command-line and config-file options */
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-30 20:45:55 +02:00
|
|
|
static int connection_tls_finish_handshake(connection_t *conn);
|
|
|
|
|
2003-09-16 07:41:49 +02:00
|
|
|
/**************************************************************/
|
|
|
|
|
|
|
|
static void cell_pack(char *dest, const cell_t *src) {
|
|
|
|
*(uint16_t*)dest = htons(src->aci);
|
|
|
|
*(uint8_t*)(dest+2) = src->command;
|
|
|
|
*(uint8_t*)(dest+3) = src->length;
|
|
|
|
*(uint32_t*)(dest+4) = 0; /* Reserved */
|
|
|
|
memcpy(dest+8, src->payload, CELL_PAYLOAD_SIZE);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void cell_unpack(cell_t *dest, const char *src) {
|
|
|
|
dest->aci = ntohs(*(uint16_t*)(src));
|
|
|
|
dest->command = *(uint8_t*)(src+2);
|
|
|
|
dest->length = *(uint8_t*)(src+3);
|
|
|
|
dest->seq = ntohl(*(uint32_t*)(src+4));
|
|
|
|
memcpy(dest->payload, src+8, CELL_PAYLOAD_SIZE);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**************************************************************/
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
int connection_or_process_inbuf(connection_t *conn) {
|
|
|
|
|
|
|
|
assert(conn && conn->type == CONN_TYPE_OR);
|
|
|
|
|
|
|
|
if(conn->inbuf_reached_eof) {
|
2003-09-26 12:03:50 +02:00
|
|
|
log_fn(LOG_INFO,"conn reached eof. Closing.");
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2003-09-12 08:20:36 +02:00
|
|
|
if(conn->state != OR_CONN_STATE_OPEN)
|
|
|
|
return 0; /* don't do anything */
|
2003-09-07 12:24:40 +02:00
|
|
|
return connection_process_cell_from_inbuf(conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
int connection_or_finished_flushing(connection_t *conn) {
|
|
|
|
int e, len=sizeof(e);
|
|
|
|
|
|
|
|
assert(conn && conn->type == CONN_TYPE_OR);
|
|
|
|
|
|
|
|
switch(conn->state) {
|
2003-09-07 12:24:40 +02:00
|
|
|
case OR_CONN_STATE_CONNECTING:
|
2003-08-12 05:08:41 +02:00
|
|
|
if (getsockopt(conn->s, SOL_SOCKET, SO_ERROR, (void*)&e, &len) < 0) { /* not yet */
|
2003-08-14 19:13:52 +02:00
|
|
|
if(!ERRNO_CONN_EINPROGRESS(errno)){
|
2003-06-18 00:18:26 +02:00
|
|
|
log_fn(LOG_DEBUG,"in-progress connect failed. Removing.");
|
2002-06-27 00:45:49 +02:00
|
|
|
return -1;
|
|
|
|
} else {
|
|
|
|
return 0; /* no change, see if next time is better */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/* the connect has finished. */
|
|
|
|
|
2003-09-26 12:03:50 +02:00
|
|
|
log_fn(LOG_INFO,"OR connect() to router %s:%u finished.",
|
2002-08-24 09:55:49 +02:00
|
|
|
conn->address,conn->port);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-12 08:50:21 +02:00
|
|
|
if(connection_tls_start_handshake(conn, 0) < 0)
|
2003-09-08 12:59:00 +02:00
|
|
|
return -1;
|
2003-09-26 12:03:50 +02:00
|
|
|
return 0;
|
2002-06-27 00:45:49 +02:00
|
|
|
case OR_CONN_STATE_OPEN:
|
2002-07-18 08:37:58 +02:00
|
|
|
connection_stop_writing(conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
return 0;
|
|
|
|
default:
|
2003-09-26 12:03:50 +02:00
|
|
|
log_fn(LOG_WARNING,"BUG: called in unexpected state.");
|
2002-06-27 00:45:49 +02:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*********************/
|
|
|
|
|
2003-09-25 12:42:07 +02:00
|
|
|
void connection_or_init_conn_from_router(connection_t *conn, routerinfo_t *router) {
|
|
|
|
conn->addr = router->addr;
|
|
|
|
conn->port = router->or_port;
|
2003-09-27 23:09:56 +02:00
|
|
|
conn->receiver_bucket = conn->bandwidth = router->bandwidth;
|
2003-09-25 12:42:07 +02:00
|
|
|
conn->onion_pkey = crypto_pk_dup_key(router->onion_pkey);
|
|
|
|
conn->link_pkey = crypto_pk_dup_key(router->link_pkey);
|
|
|
|
conn->identity_pkey = crypto_pk_dup_key(router->identity_pkey);
|
2003-10-04 05:29:09 +02:00
|
|
|
conn->nickname = tor_strdup(router->nickname);
|
2003-09-25 12:42:07 +02:00
|
|
|
if(conn->address)
|
|
|
|
free(conn->address);
|
2003-10-04 05:29:09 +02:00
|
|
|
conn->address = tor_strdup(router->address);
|
2003-09-25 12:42:07 +02:00
|
|
|
}
|
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
connection_t *connection_or_connect(routerinfo_t *router) {
|
2002-06-27 00:45:49 +02:00
|
|
|
connection_t *conn;
|
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
assert(router);
|
|
|
|
|
2003-10-01 03:49:53 +02:00
|
|
|
if(options.Nickname && !strcmp(router->nickname,options.Nickname)) {
|
|
|
|
log_fn(LOG_WARNING,"You asked me to connect to myself! Failing.");
|
2003-05-28 04:03:25 +02:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* this function should never be called if we're already connected to router, but */
|
|
|
|
/* check first to be sure */
|
|
|
|
conn = connection_exact_get_by_addr_port(router->addr,router->or_port);
|
|
|
|
if(conn)
|
|
|
|
return conn;
|
|
|
|
|
2002-06-30 09:37:49 +02:00
|
|
|
conn = connection_new(CONN_TYPE_OR);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
|
|
|
/* set up conn so it's got all the data we need to remember */
|
2003-09-25 12:42:07 +02:00
|
|
|
connection_or_init_conn_from_router(conn, router);
|
2002-06-27 00:45:49 +02:00
|
|
|
|
2003-09-16 03:58:46 +02:00
|
|
|
if(connection_add(conn) < 0) { /* no space, forget it */
|
2002-06-27 00:45:49 +02:00
|
|
|
connection_free(conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
return NULL;
|
2002-06-27 00:45:49 +02:00
|
|
|
}
|
|
|
|
|
2003-09-16 03:58:46 +02:00
|
|
|
switch(connection_connect(conn, router->address, router->addr, router->or_port)) {
|
|
|
|
case -1:
|
|
|
|
connection_remove(conn);
|
2002-06-27 00:45:49 +02:00
|
|
|
connection_free(conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
return NULL;
|
2003-09-16 03:58:46 +02:00
|
|
|
case 0:
|
|
|
|
connection_set_poll_socket(conn);
|
2003-08-14 19:13:52 +02:00
|
|
|
connection_watch_events(conn, POLLIN | POLLOUT | POLLERR);
|
|
|
|
/* writable indicates finish, readable indicates broken link,
|
|
|
|
error indicates broken link on windows */
|
2003-09-08 12:59:00 +02:00
|
|
|
conn->state = OR_CONN_STATE_CONNECTING;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
return conn;
|
2003-09-16 03:58:46 +02:00
|
|
|
/* case 1: fall through */
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
}
|
|
|
|
|
2003-09-16 03:58:46 +02:00
|
|
|
connection_set_poll_socket(conn);
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2003-09-12 08:50:21 +02:00
|
|
|
if(connection_tls_start_handshake(conn, 0) >= 0)
|
2003-09-08 12:59:00 +02:00
|
|
|
return conn;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
|
2003-05-28 04:03:25 +02:00
|
|
|
/* failure */
|
|
|
|
connection_remove(conn);
|
|
|
|
connection_free(conn);
|
|
|
|
return NULL;
|
Integrated onion proxy into or/
The 'or' process can now be told (by the global_role variable) what
roles this server should play -- connect to all ORs, listen for ORs,
listen for OPs, listen for APs, or any combination.
* everything in /src/op/ is now obsolete.
* connection_ap.c now handles all interactions with application proxies
* "port" is now or_port, op_port, ap_port. But routers are still always
referenced (say, in conn_get_by_addr_port()) by addr / or_port. We
should make routers.c actually read these new ports (currently I've
kludged it so op_port = or_port+10, ap_port=or_port+20)
* circuits currently know if they're at the beginning of the path because
circ->cpath is set. They use this instead for crypts (both ways),
if it's set.
* I still obey the "send a 0 back to the AP when you're ready" protocol,
but I think we should phase it out. I can simply not read from the AP
socket until I'm ready.
I need to do a lot of cleanup work here, but the code appears to work, so
now's a good time for a checkin.
svn:r22
2002-07-02 11:36:58 +02:00
|
|
|
}
|
|
|
|
|
2003-06-21 21:29:32 +02:00
|
|
|
/* ********************************** */
|
2003-09-30 20:45:55 +02:00
|
|
|
|
|
|
|
int connection_tls_start_handshake(connection_t *conn, int receiving) {
|
|
|
|
conn->state = OR_CONN_STATE_HANDSHAKING;
|
|
|
|
conn->tls = tor_tls_new(conn->s, receiving);
|
|
|
|
if(!conn->tls) {
|
|
|
|
log_fn(LOG_WARNING,"tor_tls_new failed. Closing.");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
connection_start_reading(conn);
|
|
|
|
log_fn(LOG_DEBUG,"starting the handshake");
|
|
|
|
if(connection_tls_continue_handshake(conn) < 0)
|
|
|
|
return -1;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
int connection_tls_continue_handshake(connection_t *conn) {
|
|
|
|
switch(tor_tls_handshake(conn->tls)) {
|
|
|
|
case TOR_TLS_ERROR:
|
|
|
|
case TOR_TLS_CLOSE:
|
|
|
|
log_fn(LOG_INFO,"tls error. breaking.");
|
|
|
|
return -1;
|
|
|
|
case TOR_TLS_DONE:
|
|
|
|
return connection_tls_finish_handshake(conn);
|
|
|
|
case TOR_TLS_WANTWRITE:
|
|
|
|
connection_start_writing(conn);
|
|
|
|
log_fn(LOG_DEBUG,"wanted write");
|
|
|
|
return 0;
|
|
|
|
case TOR_TLS_WANTREAD: /* handshaking conns are *always* reading */
|
|
|
|
log_fn(LOG_DEBUG,"wanted read");
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int connection_tls_finish_handshake(connection_t *conn) {
|
|
|
|
crypto_pk_env_t *pk;
|
|
|
|
routerinfo_t *router;
|
|
|
|
|
|
|
|
conn->state = OR_CONN_STATE_OPEN;
|
|
|
|
directory_set_dirty();
|
|
|
|
connection_watch_events(conn, POLLIN);
|
|
|
|
log_fn(LOG_DEBUG,"tls handshake done. verifying.");
|
|
|
|
if(options.OnionRouter) { /* I'm an OR */
|
|
|
|
if(tor_tls_peer_has_cert(conn->tls)) { /* it's another OR */
|
|
|
|
pk = tor_tls_verify(conn->tls);
|
|
|
|
if(!pk) {
|
2003-10-08 06:10:59 +02:00
|
|
|
log_fn(LOG_WARNING,"Other side (%s:%d) has a cert but it's invalid. Closing.",
|
2003-10-08 01:54:02 +02:00
|
|
|
conn->address, conn->port);
|
2003-09-30 20:45:55 +02:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
router = router_get_by_link_pk(pk);
|
|
|
|
if (!router) {
|
2003-10-08 01:54:02 +02:00
|
|
|
log_fn(LOG_WARNING,"Unrecognized public key from peer (%s:%d). Closing.",
|
|
|
|
conn->address, conn->port);
|
2003-09-30 20:45:55 +02:00
|
|
|
crypto_free_pk_env(pk);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
if(conn->link_pkey) { /* I initiated this connection. */
|
|
|
|
if(crypto_pk_cmp_keys(conn->link_pkey, pk)) {
|
|
|
|
log_fn(LOG_WARNING,"We connected to '%s' but he gave us a different key. Closing.",
|
|
|
|
router->nickname);
|
|
|
|
crypto_free_pk_env(pk);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
log_fn(LOG_DEBUG,"The router's pk matches the one we meant to connect to. Good.");
|
|
|
|
} else {
|
|
|
|
if(connection_exact_get_by_addr_port(router->addr,router->or_port)) {
|
|
|
|
log_fn(LOG_INFO,"Router %s is already connected. Dropping.", router->nickname);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
connection_or_init_conn_from_router(conn, router);
|
|
|
|
}
|
|
|
|
crypto_free_pk_env(pk);
|
|
|
|
} else { /* it's an OP */
|
|
|
|
conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
|
|
|
|
}
|
|
|
|
} else { /* I'm a client */
|
|
|
|
if(!tor_tls_peer_has_cert(conn->tls)) { /* it's a client too?! */
|
|
|
|
log_fn(LOG_WARNING,"Neither peer sent a cert! Closing.");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
pk = tor_tls_verify(conn->tls);
|
|
|
|
if(!pk) {
|
2003-10-08 01:54:02 +02:00
|
|
|
log_fn(LOG_WARNING,"Other side (%s:%d) has a cert but it's invalid. Closing.",
|
|
|
|
conn->address, conn->port);
|
2003-09-30 20:45:55 +02:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
router = router_get_by_link_pk(pk);
|
|
|
|
if (!router) {
|
2003-10-08 01:54:02 +02:00
|
|
|
log_fn(LOG_WARNING,"Unrecognized public key from peer (%s:%d). Closing.",
|
|
|
|
conn->address, conn->port);
|
2003-09-30 20:45:55 +02:00
|
|
|
crypto_free_pk_env(pk);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
if(crypto_pk_cmp_keys(conn->link_pkey, pk)) {
|
|
|
|
log_fn(LOG_WARNING,"We connected to '%s' but he gave us a different key. Closing.",
|
|
|
|
router->nickname);
|
|
|
|
crypto_free_pk_env(pk);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
log_fn(LOG_DEBUG,"The router's pk matches the one we meant to connect to. Good.");
|
|
|
|
crypto_free_pk_env(pk);
|
|
|
|
conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
|
|
|
|
circuit_n_conn_open(conn); /* send the pending create */
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* ********************************** */
|
2003-06-21 21:29:32 +02:00
|
|
|
|
2003-10-04 04:38:18 +02:00
|
|
|
void connection_write_cell_to_buf(const cell_t *cellp, connection_t *conn) {
|
2003-09-13 00:45:31 +02:00
|
|
|
char networkcell[CELL_NETWORK_SIZE];
|
|
|
|
char *n = networkcell;
|
|
|
|
|
|
|
|
cell_pack(n, cellp);
|
|
|
|
|
2003-10-04 04:38:18 +02:00
|
|
|
connection_write_to_buf(n, CELL_NETWORK_SIZE, conn);
|
2003-09-13 00:45:31 +02:00
|
|
|
}
|
|
|
|
|
cleanups, bugfixes, more verbose logs
Fixed up the assert_*_ok funcs some (more work remains)
Changed config so it reads either /etc/torrc or the -f arg, never both
Finally tracked down a nasty bug with our use of tls:
It turns out that if you ask SSL_read() for no more than n bytes, it
will read the entire record from the network (and maybe part of the next
record, I'm not sure), give you n bytes of it, and keep the remaining
bytes internally. This is fine, except our poll-for-read looks at the
network, and there are no bytes pending on the network, so we never know
to ask SSL_read() for more bytes. Currently I've hacked it so if we ask
for n bytes and it returns n bytes, then it reads again right then. This
will interact poorly with our rate limiting; we need a cleaner solution.
svn:r481
2003-09-24 23:24:52 +02:00
|
|
|
/* if there's a whole cell there, pull it off and process it. */
|
2003-09-13 00:45:31 +02:00
|
|
|
int connection_process_cell_from_inbuf(connection_t *conn) {
|
|
|
|
char buf[CELL_NETWORK_SIZE];
|
|
|
|
cell_t cell;
|
2003-09-25 07:17:11 +02:00
|
|
|
|
2003-09-30 22:36:20 +02:00
|
|
|
log_fn(LOG_DEBUG,"%d: starting, inbuf_datalen %d (%d pending in tls object).",
|
|
|
|
conn->s,buf_datalen(conn->inbuf),tor_tls_get_pending_bytes(conn->tls));
|
2003-09-25 07:17:11 +02:00
|
|
|
if(buf_datalen(conn->inbuf) < CELL_NETWORK_SIZE) /* entire response available? */
|
2003-09-13 00:45:31 +02:00
|
|
|
return 0; /* not yet */
|
|
|
|
|
|
|
|
connection_fetch_from_buf(buf, CELL_NETWORK_SIZE, conn);
|
|
|
|
|
|
|
|
/* retrieve cell info from buf (create the host-order struct from the network-order string) */
|
|
|
|
cell_unpack(&cell, buf);
|
|
|
|
|
|
|
|
command_process_cell(&cell, conn);
|
|
|
|
|
|
|
|
return connection_process_inbuf(conn); /* process the remainder of the buffer */
|
|
|
|
}
|
|
|
|
|
2003-04-07 04:12:02 +02:00
|
|
|
/*
|
|
|
|
Local Variables:
|
|
|
|
mode:c
|
|
|
|
indent-tabs-mode:nil
|
|
|
|
c-basic-offset:2
|
|
|
|
End:
|
|
|
|
*/
|