nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 13:43:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
d07146b778
tor/src/or/connection_ap.c

517 lines
18 KiB
C
Raw Normal View History

Implemented link padding and receiver token buckets Each socket reads at most 'bandwidth' bytes per second sustained, but can handle bursts of up to 10*bandwidth bytes. Cells are now sent out at evenly-spaced intervals, with padding sent out otherwise. Set Linkpadding=0 in the rc file to send cells as soon as they're available (and to never send padding cells). Added license/copyrights statements at the top of most files. router->min and router->max have been merged into a single 'bandwidth' value. We should make the routerinfo_t reflect this (want to do that, Mat?) As the bandwidth increases, and we want to stop sleeping more and more frequently to send a single cell, cpu usage goes up. At 128kB/s we're pretty much calling poll with a timeout of 1ms or even 0ms. The current code takes a timeout of 0-9ms and makes it 10ms. prepare_for_poll() handles everything that should have happened in the past, so as long as our buffers don't get too full in that 10ms, we're ok. Speaking of too full, if you run three servers at 100kB/s with -l debug, it spends too much time printing debugging messages to be able to keep up with the cells. The outbuf ultimately fills up and it kills that connection. If you run with -l err, it works fine up through 500kB/s and probably beyond. Down the road we'll want to teach it to recognize when an outbuf is getting full, and back off. svn:r50
2002-07-16 03:12:15 +02:00
/* Copyright 2001,2002 Roger Dingledine, Matej Pfajfar. */
/* See LICENSE for licensing information */
/* $Id$ */
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
#include "or.h"
greatly simplify this notion of 'roles': if your ORPort is non-zero then you must connect to all nodes if your DirPort is non-zero then you must act like a directory server svn:r192
2003-03-18 02:49:55 +01:00
extern or_options_t options; /* command-line and config-file options */
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
int connection_ap_process_inbuf(connection_t *conn) {
assert(conn && conn->type == CONN_TYPE_AP);
if(conn->inbuf_reached_eof) {
/* eof reached, kill it. */
log(LOG_DEBUG,"connection_ap_process_inbuf(): conn reached eof. Closing.");
return -1;
}
Code cleaned up to be less noisy svn:r71
2002-07-22 06:08:37 +02:00
// log(LOG_DEBUG,"connection_ap_process_inbuf(): state %d.",conn->state);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
switch(conn->state) {
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
case AP_CONN_STATE_SOCKS_WAIT:
return ap_handshake_process_socks(conn);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
case AP_CONN_STATE_OPEN:
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
if(connection_package_raw_inbuf(conn) < 0)
return -1;
circuit_consider_stop_edge_reading(circuit_get_by_conn(conn), EDGE_AP);
return 0;
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
default:
log(LOG_DEBUG,"connection_ap_process_inbuf() called in state where I'm waiting. Ignoring buf for now.");
}
return 0;
}
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
int ap_handshake_process_socks(connection_t *conn) {
char c;
socks4_t socks4_info;
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
circuit_t *circ;
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
assert(conn);
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
log(LOG_DEBUG,"ap_handshake_process_socks() entered.");
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
if(!conn->socks_version) { /* try to pull it in */
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
if(conn->inbuf_datalen < sizeof(socks4_t)) /* basic info available? */
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
return 0; /* not yet */
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
if(connection_fetch_from_buf((char *)&socks4_info,sizeof(socks4_t),conn) < 0)
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
return -1;
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
log(LOG_DEBUG,"ap_handshake_process_socks(): Successfully read socks info.");
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
if(socks4_info.version != 4) {
log(LOG_NOTICE,"ap_handshake_process_socks(): Unrecognized version %d.",socks4_info.version);
ap_handshake_socks_reply(conn, SOCKS4_REQUEST_REJECT);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
return -1;
}
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
conn->socks_version = socks4_info.version;
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
if(socks4_info.command != 1) { /* not a connect? we don't support it. */
log(LOG_NOTICE,"ap_handshake_process_socks(): command %d not '1'.",socks4_info.command);
ap_handshake_socks_reply(conn, SOCKS4_REQUEST_REJECT);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
return -1;
}
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
conn->dest_port = ntohs(*(uint16_t*)&socks4_info.destport);
if(!conn->dest_port) {
log(LOG_NOTICE,"ap_handshake_process_socks(): Port is zero.");
ap_handshake_socks_reply(conn, SOCKS4_REQUEST_REJECT);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
return -1;
}
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
log(LOG_NOTICE,"ap_handshake_process_socks(): Dest port is %d.",conn->dest_port);
if(socks4_info.destip[0] ||
socks4_info.destip[1] ||
socks4_info.destip[2] ||
support socks4 too svn:r118
2002-09-28 01:16:39 +02:00
!socks4_info.destip[3]) { /* not 0.0.0.x */
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
log(LOG_NOTICE,"ap_handshake_process_socks(): destip not in form 0.0.0.x.");
support socks4 too svn:r118
2002-09-28 01:16:39 +02:00
sprintf(conn->dest_tmp, "%d.%d.%d.%d", socks4_info.destip[0],
socks4_info.destip[1], socks4_info.destip[2], socks4_info.destip[3]);
conn->dest_addr = strdup(conn->dest_tmp);
log(LOG_DEBUG,"ap_handshake_process_socks(): Successfully read destip (%s)", conn->dest_addr);
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
}
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
}
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
if(!conn->read_username) { /* the socks spec says we've got to read stuff until we get a null */
more robust when only some of the socks info has arrived svn:r108
2002-09-23 03:04:59 +02:00
for(;;) {
if(!conn->inbuf_datalen)
return 0; /* maybe next time */
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
if(connection_fetch_from_buf((char *)&c,1,conn) < 0)
return -1;
if(!c) {
conn->read_username = 1;
log(LOG_DEBUG,"ap_handshake_process_socks(): Successfully read username.");
break;
}
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
}
}
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
if(!conn->dest_addr) { /* no dest_addr found yet */
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
more robust when only some of the socks info has arrived svn:r108
2002-09-23 03:04:59 +02:00
for(;;) {
if(!conn->inbuf_datalen)
return 0; /* maybe next time */
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
if(connection_fetch_from_buf((char *)&c,1,conn) < 0)
return -1;
more robust when only some of the socks info has arrived svn:r108
2002-09-23 03:04:59 +02:00
conn->dest_tmp[conn->dest_tmplen++] = c;
if(conn->dest_tmplen > 500) {
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
log(LOG_NOTICE,"ap_handshake_process_socks(): dest_addr too long!");
ap_handshake_socks_reply(conn, SOCKS4_REQUEST_REJECT);
return -1;
}
if(!c) { /* we found the null; we're done */
more robust when only some of the socks info has arrived svn:r108
2002-09-23 03:04:59 +02:00
conn->dest_addr = strdup(conn->dest_tmp);
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
log(LOG_NOTICE,"ap_handshake_process_socks(): successfully read dest addr '%s'",
conn->dest_addr);
break;
}
}
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
}
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
/* find the circuit that we should use, if there is one. */
make reusing circuits work (and be the default) performance is better, but not by much. not sure why yet. svn:r153
2003-02-06 09:00:49 +01:00
circ = circuit_get_by_edge_type(EDGE_AP);
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
/* now we're all ready to make an onion or send a begin */
make reusing circuits work (and be the default) performance is better, but not by much. not sure why yet. svn:r153
2003-02-06 09:00:49 +01:00
if(circ && circ->state == CIRCUIT_STATE_OPEN) {
Bugfixes and enhancements in sendmes and dns farm svn:r161
2003-02-18 02:35:55 +01:00
/* FIXME if circ not yet open, figure out how to queue this begin? */
make reusing circuits work (and be the default) performance is better, but not by much. not sure why yet. svn:r153
2003-02-06 09:00:49 +01:00
/* add it into the linked list of topics on this circuit */
log(LOG_DEBUG,"ap_handshake_process_socks(): attaching new conn to circ. n_aci %d.", circ->n_aci);
conn->next_topic = circ->p_conn;
circ->p_conn = conn;
if(ap_handshake_send_begin(conn, circ) < 0) {
circuit_close(circ);
return -1;
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
}
} else {
if(ap_handshake_create_onion(conn) < 0) {
make reusing circuits work (and be the default) performance is better, but not by much. not sure why yet. svn:r153
2003-02-06 09:00:49 +01:00
if(circ)
circuit_close(circ);
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
return -1;
}
}
return 0;
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
}
int ap_handshake_create_onion(connection_t *conn) {
int i;
int routelen = 0; /* length of the route */
unsigned int *route = NULL; /* hops in the route as an array of indexes into rarray */
unsigned char *onion = NULL; /* holds the onion */
int onionlen = 0; /* onion length in host order */
crypt_path_t **cpath = NULL; /* defines the crypt operations that need to be performed on incoming/outgoing data */
assert(conn);
/* choose a route */
route = (unsigned int *)router_new_route(&routelen);
if (!route) {
log(LOG_ERR,"ap_handshake_create_onion(): Error choosing a route through the OR network.");
return -1;
}
log(LOG_DEBUG,"ap_handshake_create_onion(): Chosen a route of length %u : ",routelen);
#if 0
for (i=routelen-1;i>=0;i--)
{
log(LOG_DEBUG,"ap_handshake_process_ss() : %u : %s:%u, %u",routelen-i,(routerarray[route[i]])->address,ntohs((routerarray[route[i]])->port),RSA_size((routerarray[route[i]])->pkey));
}
#endif
/* allocate memory for the crypt path */
cpath = malloc(routelen * sizeof(crypt_path_t *));
if (!cpath) {
log(LOG_ERR,"ap_handshake_create_onion(): Error allocating memory for cpath.");
free(route);
return -1;
}
/* create an onion and calculate crypto keys */
onion = router_create_onion(route,routelen,&onionlen,cpath);
if (!onion) {
log(LOG_ERR,"ap_handshake_create_onion(): Error creating an onion.");
free(route);
free(cpath); /* it's got nothing in it, since !onion */
return -1;
}
log(LOG_DEBUG,"ap_handshake_create_onion(): Created an onion of size %u bytes.",onionlen);
log(LOG_DEBUG,"ap_handshake_create_onion(): Crypt path :");
for (i=0;i<routelen;i++) {
log(LOG_DEBUG,"ap_handshake_create_onion() : %u/%u",(cpath[i])->forwf, (cpath[i])->backf);
}
return ap_handshake_establish_circuit(conn, route, routelen, onion, onionlen, cpath);
}
int ap_handshake_establish_circuit(connection_t *conn, unsigned int *route, int routelen, char *onion,
int onionlen, crypt_path_t **cpath) {
routerinfo_t *firsthop;
connection_t *n_conn;
circuit_t *circ;
/* now see if we're already connected to the first OR in 'route' */
firsthop = router_get_first_in_route(route, routelen);
assert(firsthop); /* should always be defined */
free(route); /* we don't need it anymore */
circ = circuit_new(0, conn); /* sets circ->p_aci and circ->p_conn */
circ->state = CIRCUIT_STATE_OR_WAIT;
circ->onion = onion;
circ->onionlen = onionlen;
circ->cpath = cpath;
circ->cpathlen = routelen;
log(LOG_DEBUG,"ap_handshake_establish_circuit(): Looking for firsthop '%s:%u'",
port is now kept in host order except in sin_port svn:r82
2002-08-24 09:55:49 +02:00
firsthop->address,firsthop->or_port);
put in the support for 'router twins' basically, a twin is a router which is different except it shares the same keypair. so in cases where we want to find a "next router" and all we really care is that it can decrypt the next onion layer, then a twin is just as good. we still need to decide how to mark twins in the routerinfo_t and in the routers config file. svn:r30
2002-07-08 10:59:15 +02:00
n_conn = connection_twin_get_by_addr_port(firsthop->addr,firsthop->or_port);
laying the groundwork for dynamic router lists revamped the router reading section reference counting for crypto pk env's (so we can dup them) we now read and write pem pk keys from string rather than from FILE*, in anticipation of fetching directories over a socket (so now on startup we slurp in the whole file, then parse it as a string) fixed a bug in the proxy side, where you could get some circuits wedged if they showed up while the connection was being made svn:r110
2002-09-24 12:43:57 +02:00
if(!n_conn || n_conn->state != OR_CONN_STATE_OPEN) { /* not currently connected */
Implemented router twins I modified new_route so we don't pick twins back-to-back in the path. I also had to patch my previous uses of connection_twin_get_by_addr_port() because they assumed that "addr" and "port" would be the same for a twin as for the original router. svn:r56
2002-07-19 01:44:57 +02:00
circ->n_addr = firsthop->addr;
circ->n_port = firsthop->or_port;
greatly simplify this notion of 'roles': if your ORPort is non-zero then you must connect to all nodes if your DirPort is non-zero then you must act like a directory server svn:r192
2003-03-18 02:49:55 +01:00
if(options.ORPort) { /* we would be connected if he were up. but he's not. */
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
log(LOG_DEBUG,"ap_handshake_establish_circuit(): Route's firsthop isn't connected.");
circuit_close(circ);
return -1;
}
laying the groundwork for dynamic router lists revamped the router reading section reference counting for crypto pk env's (so we can dup them) we now read and write pem pk keys from string rather than from FILE*, in anticipation of fetching directories over a socket (so now on startup we slurp in the whole file, then parse it as a string) fixed a bug in the proxy side, where you could get some circuits wedged if they showed up while the connection was being made svn:r110
2002-09-24 12:43:57 +02:00
another bugfix on the proxy side should be more reliable now (?) svn:r111
2002-09-26 07:50:51 +02:00
conn->state = AP_CONN_STATE_OR_WAIT;
connection_stop_reading(conn); /* Stop listening for input from the AP! */
laying the groundwork for dynamic router lists revamped the router reading section reference counting for crypto pk env's (so we can dup them) we now read and write pem pk keys from string rather than from FILE*, in anticipation of fetching directories over a socket (so now on startup we slurp in the whole file, then parse it as a string) fixed a bug in the proxy side, where you could get some circuits wedged if they showed up while the connection was being made svn:r110
2002-09-24 12:43:57 +02:00
if(!n_conn) { /* launch the connection */
cleanup and a variety of bugfixes svn:r132
2002-10-03 00:54:20 +02:00
n_conn = connection_or_connect_as_op(firsthop);
laying the groundwork for dynamic router lists revamped the router reading section reference counting for crypto pk env's (so we can dup them) we now read and write pem pk keys from string rather than from FILE*, in anticipation of fetching directories over a socket (so now on startup we slurp in the whole file, then parse it as a string) fixed a bug in the proxy side, where you could get some circuits wedged if they showed up while the connection was being made svn:r110
2002-09-24 12:43:57 +02:00
if(!n_conn) { /* connect failed, forget the whole thing */
log(LOG_DEBUG,"ap_handshake_establish_circuit(): connect to firsthop failed. Closing.");
circuit_close(circ);
return -1;
}
}
another bugfix on the proxy side should be more reliable now (?) svn:r111
2002-09-26 07:50:51 +02:00
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
return 0; /* return success. The onion/circuit/etc will be taken care of automatically
* (may already have been) whenever n_conn reaches OR_CONN_STATE_OPEN.
*/
Implemented router twins I modified new_route so we don't pick twins back-to-back in the path. I also had to patch my previous uses of connection_twin_get_by_addr_port() because they assumed that "addr" and "port" would be the same for a twin as for the original router. svn:r56
2002-07-19 01:44:57 +02:00
} else { /* it (or a twin) is already open. use it. */
circ->n_addr = n_conn->addr;
circ->n_port = n_conn->port;
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
return ap_handshake_send_onion(conn, n_conn, circ);
}
}
laying the groundwork for dynamic router lists revamped the router reading section reference counting for crypto pk env's (so we can dup them) we now read and write pem pk keys from string rather than from FILE*, in anticipation of fetching directories over a socket (so now on startup we slurp in the whole file, then parse it as a string) fixed a bug in the proxy side, where you could get some circuits wedged if they showed up while the connection was being made svn:r110
2002-09-24 12:43:57 +02:00
/* find circuits that are waiting on me, if any, and get them to send the onion */
void ap_handshake_n_conn_open(connection_t *or_conn) {
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
circuit_t *circ;
laying the groundwork for dynamic router lists revamped the router reading section reference counting for crypto pk env's (so we can dup them) we now read and write pem pk keys from string rather than from FILE*, in anticipation of fetching directories over a socket (so now on startup we slurp in the whole file, then parse it as a string) fixed a bug in the proxy side, where you could get some circuits wedged if they showed up while the connection was being made svn:r110
2002-09-24 12:43:57 +02:00
connection_t *p_conn;
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
log(LOG_DEBUG,"ap_handshake_n_conn_open(): Starting.");
laying the groundwork for dynamic router lists revamped the router reading section reference counting for crypto pk env's (so we can dup them) we now read and write pem pk keys from string rather than from FILE*, in anticipation of fetching directories over a socket (so now on startup we slurp in the whole file, then parse it as a string) fixed a bug in the proxy side, where you could get some circuits wedged if they showed up while the connection was being made svn:r110
2002-09-24 12:43:57 +02:00
circ = circuit_enumerate_by_naddr_nport(NULL, or_conn->addr, or_conn->port);
for(;;) {
if(!circ)
return;
p_conn = circ->p_conn;
if(p_conn->state != AP_CONN_STATE_OR_WAIT) {
log(LOG_WARNING,"Bug: ap_handshake_n_conn_open() got an ap_conn not in OR_WAIT state.");
}
connection_start_reading(p_conn); /* resume listening for reads */
log(LOG_DEBUG,"ap_handshake_n_conn_open(): Found circ, sending onion.");
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
if(ap_handshake_send_onion(p_conn, or_conn, circ) < 0) {
laying the groundwork for dynamic router lists revamped the router reading section reference counting for crypto pk env's (so we can dup them) we now read and write pem pk keys from string rather than from FILE*, in anticipation of fetching directories over a socket (so now on startup we slurp in the whole file, then parse it as a string) fixed a bug in the proxy side, where you could get some circuits wedged if they showed up while the connection was being made svn:r110
2002-09-24 12:43:57 +02:00
log(LOG_DEBUG,"ap_handshake_n_conn_open(): circuit marked for closing.");
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
circuit_close(circ);
return; /* FIXME will want to try the other circuits too? */
laying the groundwork for dynamic router lists revamped the router reading section reference counting for crypto pk env's (so we can dup them) we now read and write pem pk keys from string rather than from FILE*, in anticipation of fetching directories over a socket (so now on startup we slurp in the whole file, then parse it as a string) fixed a bug in the proxy side, where you could get some circuits wedged if they showed up while the connection was being made svn:r110
2002-09-24 12:43:57 +02:00
}
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
for(p_conn = p_conn->next_topic; p_conn; p_conn = p_conn->next_topic) { /* start up any other pending topics */
if(ap_handshake_send_begin(p_conn, circ) < 0) {
circuit_close(circ);
return;
}
}
circ = circuit_enumerate_by_naddr_nport(circ, or_conn->addr, or_conn->port);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
}
}
int ap_handshake_send_onion(connection_t *ap_conn, connection_t *n_conn, circuit_t *circ) {
cell_t cell;
int tmpbuflen, dataleft;
char *tmpbuf;
circ->n_aci = get_unique_aci_by_addr_port(circ->n_addr, circ->n_port, ACI_TYPE_BOTH);
circ->n_conn = n_conn;
port is now kept in host order except in sin_port svn:r82
2002-08-24 09:55:49 +02:00
log(LOG_DEBUG,"ap_handshake_send_onion(): n_conn is %s:%u",n_conn->address,n_conn->port);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
/* deliver the onion as one or more create cells */
cell.command = CELL_CREATE;
cell.aci = circ->n_aci;
tmpbuflen = circ->onionlen+4;
tmpbuf = malloc(tmpbuflen);
if(!tmpbuf)
return -1;
port is now kept in host order except in sin_port svn:r82
2002-08-24 09:55:49 +02:00
*(uint32_t*)tmpbuf = htonl(circ->onionlen);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
memcpy(tmpbuf+4, circ->onion, circ->onionlen);
dataleft = tmpbuflen;
while(dataleft) {
cell.command = CELL_CREATE;
cell.aci = circ->n_aci;
log(LOG_DEBUG,"ap_handshake_send_onion(): Sending a create cell for the onion...");
if(dataleft >= CELL_PAYLOAD_SIZE) {
cell.length = CELL_PAYLOAD_SIZE;
memcpy(cell.payload, tmpbuf + tmpbuflen - dataleft, CELL_PAYLOAD_SIZE);
Bugfixes and enhancements in sendmes and dns farm svn:r161
2003-02-18 02:35:55 +01:00
connection_write_cell_to_buf(&cell, n_conn);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
dataleft -= CELL_PAYLOAD_SIZE;
} else { /* last cell */
cell.length = dataleft;
memcpy(cell.payload, tmpbuf + tmpbuflen - dataleft, dataleft);
Make ACI anti-collision logic work; make sure that cells are filled with 0s. svn:r176
2003-03-11 22:38:38 +01:00
/* fill extra space with 0 bytes */
memset(cell.payload + dataleft, 0, CELL_PAYLOAD_SIZE - dataleft);
Bugfixes and enhancements in sendmes and dns farm svn:r161
2003-02-18 02:35:55 +01:00
connection_write_cell_to_buf(&cell, n_conn);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
dataleft = 0;
}
}
free(tmpbuf);
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
if(ap_handshake_send_begin(ap_conn, circ) < 0) {
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
return -1;
}
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
circ->state = CIRCUIT_STATE_OPEN;
/* FIXME should set circ->expire to something here */
return 0;
}
int ap_handshake_send_begin(connection_t *ap_conn, circuit_t *circ) {
cell_t cell;
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
memset(&cell, 0, sizeof(cell_t));
/* deliver the dest_addr in a data cell */
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
cell.command = CELL_DATA;
cell.aci = circ->n_aci;
fix endian issues for topics -- they might work on bsd now (they wouldn't have before) alternate code which bypasses the dns farm, so we can compare speed svn:r154
2003-02-07 00:48:35 +01:00
crypto_pseudo_rand(2, cell.payload+2); /* bytes 0-1 is blank, bytes 2-3 are random */
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
/* FIXME check for collisions */
fix endian issues for topics -- they might work on bsd now (they wouldn't have before) alternate code which bypasses the dns farm, so we can compare speed svn:r154
2003-02-07 00:48:35 +01:00
ap_conn->topic_id = ntohs(*(uint16_t *)(cell.payload+2));
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
cell.payload[0] = TOPIC_COMMAND_BEGIN;
snprintf(cell.payload+4, CELL_PAYLOAD_SIZE-4, "%s,%d", ap_conn->dest_addr, ap_conn->dest_port);
cell.length = strlen(cell.payload+TOPIC_HEADER_SIZE)+1+TOPIC_HEADER_SIZE;
log(LOG_DEBUG,"ap_handshake_send_begin(): Sending data cell to begin topic %d.", ap_conn->topic_id);
if(circuit_deliver_data_cell_from_edge(&cell, circ, EDGE_AP) < 0) {
log(LOG_DEBUG,"ap_handshake_send_begin(): failed to deliver begin cell. Closing.");
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
return -1;
}
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
ap_conn->n_receive_topicwindow = TOPICWINDOW_START;
ap_conn->p_receive_topicwindow = TOPICWINDOW_START;
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
ap_conn->state = AP_CONN_STATE_OPEN;
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
log(LOG_INFO,"ap_handshake_send_begin(): Address/port sent, ap socket %d, n_aci %d",ap_conn->s,circ->n_aci);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
return 0;
}
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
int ap_handshake_socks_reply(connection_t *conn, char result) {
socks4_t socks4_info;
added 'connected' cell type see http://archives.seul.org/or/dev/Sep-2002/msg00018.html svn:r103
2002-09-17 10:14:37 +02:00
assert(conn);
mozilla actually cares about the reply version tor can now interface directly with mozilla, as a socks 4 host. but note that mozilla does the dns resolution itself, so you're leaking anonymity. svn:r119
2002-09-28 01:34:51 +02:00
socks4_info.version = 0;
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
socks4_info.command = result;
socks4_info.destport[0] = socks4_info.destport[1] = 0;
socks4_info.destip[0] = socks4_info.destip[1] = socks4_info.destip[2] = socks4_info.destip[3] = 0;
expire unfinished handshakes too don't list non-open ORs in the directory svn:r134
2002-10-13 15:17:27 +02:00
if(connection_write_to_buf((char *)&socks4_info, sizeof(socks4_t), conn) < 0)
return -1;
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
return connection_flush_buf(conn); /* try to flush it, in case we're about to close the conn */
}
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
int connection_ap_process_data_cell(cell_t *cell, circuit_t *circ) {
connection_t *conn;
int topic_command;
int topic_id;
make reusing circuits work (and be the default) performance is better, but not by much. not sure why yet. svn:r153
2003-02-06 09:00:49 +01:00
static int num_seen=0;
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
/* an incoming data cell has arrived */
added 'connected' cell type see http://archives.seul.org/or/dev/Sep-2002/msg00018.html svn:r103
2002-09-17 10:14:37 +02:00
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
assert(cell && circ);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
topic_command = *cell->payload;
fix endian issues for topics -- they might work on bsd now (they wouldn't have before) alternate code which bypasses the dns farm, so we can compare speed svn:r154
2003-02-07 00:48:35 +01:00
topic_id = ntohs(*(uint16_t *)(cell->payload+2));
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
log(LOG_DEBUG,"connection_ap_process_data_cell(): command %d topic %d", topic_command, topic_id);
make reusing circuits work (and be the default) performance is better, but not by much. not sure why yet. svn:r153
2003-02-06 09:00:49 +01:00
num_seen++;
Bugfixes and enhancements in sendmes and dns farm svn:r161
2003-02-18 02:35:55 +01:00
log(LOG_DEBUG,"connection_ap_process_data_cell(): Now seen %d data cells here.", num_seen);
make reusing circuits work (and be the default) performance is better, but not by much. not sure why yet. svn:r153
2003-02-06 09:00:49 +01:00
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
circuit_consider_sending_sendme(circ, EDGE_AP);
for(conn = circ->p_conn; conn && conn->topic_id != topic_id; conn = conn->next_topic) ;
/* now conn is either NULL, in which case we don't recognize the topic_id, or
* it is set, in which case cell is talking about this conn.
*/
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
if(conn && conn->state != AP_CONN_STATE_OPEN) {
Implemented congestion control Servers are allowed to send 100 cells initially, and can't send more until they receive a 'sendme' cell from that direction, indicating that they can send 10 more cells. As it currently stands, the exit node quickly runs out of window, and sends bursts of 10 whenever a sendme cell gets to him. This is much much much faster (and more flexible) than the old "give each circuit 1 kB/s and hope nothing overflows" approach. Also divided out the connection_watch_events into stop_reading, start_writing, etc. That way we can control them separately. svn:r54
2002-07-18 08:37:58 +02:00
/* we should not have gotten this cell */
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
log(LOG_DEBUG,"connection_ap_process_data_cell(): Got a data cell when not in 'open' state. Dropping.");
return 0;
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
}
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
switch(topic_command) {
case TOPIC_COMMAND_BEGIN:
log(LOG_INFO,"connection_ap_process_data_cell(): topic begin request unsupported. Dropping.");
break;
case TOPIC_COMMAND_DATA:
if(!conn) {
log(LOG_DEBUG,"connection_ap_process_data_cell(): data cell dropped, unknown topic %d.",topic_id);
return 0;
}
if(--conn->n_receive_topicwindow < 0) { /* is it below 0 after decrement? */
log(LOG_DEBUG,"connection_ap_process_data_cell(): receive_topicwindow at exit below 0. Killing.");
return -1; /* exit node breaking protocol. kill the whole circuit. */
}
log(LOG_DEBUG,"connection_ap_process_data_cell(): willing to receive %d more cells from circ",conn->n_receive_topicwindow);
Implemented congestion control Servers are allowed to send 100 cells initially, and can't send more until they receive a 'sendme' cell from that direction, indicating that they can send 10 more cells. As it currently stands, the exit node quickly runs out of window, and sends bursts of 10 whenever a sendme cell gets to him. This is much much much faster (and more flexible) than the old "give each circuit 1 kB/s and hope nothing overflows" approach. Also divided out the connection_watch_events into stop_reading, start_writing, etc. That way we can control them separately. svn:r54
2002-07-18 08:37:58 +02:00
Add code for end-to-end zlib compression. Still needs flow-control svn:r187
2003-03-17 03:42:45 +01:00
#ifdef USE_ZLIB
if(connection_decompress_to_buf(cell->payload + TOPIC_HEADER_SIZE,
Finish zlib and half-open; switch to 3des (ede/ofb) svn:r198
2003-03-19 21:48:56 +01:00
cell->length - TOPIC_HEADER_SIZE,
conn, Z_SYNC_FLUSH) < 0) {
Add code for end-to-end zlib compression. Still needs flow-control svn:r187
2003-03-17 03:42:45 +01:00
log(LOG_INFO,"connection_exit_process_data_cell(): write to buf failed. Marking for close.");
conn->marked_for_close = 1;
return 0;
}
#else
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
if(connection_write_to_buf(cell->payload + TOPIC_HEADER_SIZE,
cell->length - TOPIC_HEADER_SIZE, conn) < 0) {
conn->marked_for_close = 1;
return 0;
}
Add code for end-to-end zlib compression. Still needs flow-control svn:r187
2003-03-17 03:42:45 +01:00
#endif
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
if(connection_consider_sending_sendme(conn, EDGE_AP) < 0)
conn->marked_for_close = 1;
return 0;
case TOPIC_COMMAND_END:
if(!conn) {
log(LOG_DEBUG,"connection_ap_process_data_cell(): end cell dropped, unknown topic %d.",topic_id);
return 0;
}
log(LOG_DEBUG,"connection_ap_process_data_cell(): end cell for topic %d. Removing topic.",topic_id);
/* go through and identify who points to conn. remove conn from the list. */
#if 0
if(conn == circ->p_conn) {
circ->p_conn = conn->next_topic;
}
for(prevconn = circ->p_conn; prevconn->next_topic != conn; prevconn = prevconn->next_topic) ;
prevconn->next_topic = conn->next_topic;
Add code for end-to-end zlib compression. Still needs flow-control svn:r187
2003-03-17 03:42:45 +01:00
#endif
Be clear about whether we are using half-open connections svn:r204
2003-03-19 22:59:07 +01:00
#ifdef HALF_OPEN
Add code for end-to-end zlib compression. Still needs flow-control svn:r187
2003-03-17 03:42:45 +01:00
conn->done_sending = 1;
shutdown(conn->s, 1); /* XXX check return; refactor NM */
if (conn->done_receiving)
Finish zlib and half-open; switch to 3des (ede/ofb) svn:r198
2003-03-19 21:48:56 +01:00
conn->marked_for_close = 1;
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
#endif
conn->marked_for_close = 1;
break;
case TOPIC_COMMAND_CONNECTED:
if(!conn) {
log(LOG_DEBUG,"connection_ap_process_data_cell(): connected cell dropped, unknown topic %d.",topic_id);
break;
}
log(LOG_DEBUG,"connection_ap_process_data_cell(): Connected! Notifying application.");
if(ap_handshake_socks_reply(conn, SOCKS4_REQUEST_GRANTED) < 0) {
conn->marked_for_close = 1;
}
break;
case TOPIC_COMMAND_SENDME:
if(!conn) {
Bugfixes and enhancements in sendmes and dns farm svn:r161
2003-02-18 02:35:55 +01:00
log(LOG_DEBUG,"connection_ap_process_data_cell(): sendme cell dropped, unknown topic %d.",topic_id);
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
return 0;
}
conn->p_receive_topicwindow += TOPICWINDOW_INCREMENT;
connection_start_reading(conn);
connection_package_raw_inbuf(conn); /* handle whatever might still be on the inbuf */
circuit_consider_stop_edge_reading(circ, EDGE_AP);
break;
default:
log(LOG_DEBUG,"connection_ap_process_data_cell(): unknown topic command %d.",topic_command);
}
return 0;
}
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
int connection_ap_finished_flushing(connection_t *conn) {
assert(conn && conn->type == CONN_TYPE_AP);
switch(conn->state) {
case AP_CONN_STATE_OPEN:
/* FIXME down the road, we'll clear out circuits that are pending to close */
Implemented congestion control Servers are allowed to send 100 cells initially, and can't send more until they receive a 'sendme' cell from that direction, indicating that they can send 10 more cells. As it currently stands, the exit node quickly runs out of window, and sends bursts of 10 whenever a sendme cell gets to him. This is much much much faster (and more flexible) than the old "give each circuit 1 kB/s and hope nothing overflows" approach. Also divided out the connection_watch_events into stop_reading, start_writing, etc. That way we can control them separately. svn:r54
2002-07-18 08:37:58 +02:00
connection_stop_writing(conn);
Finish zlib and half-open; switch to 3des (ede/ofb) svn:r198
2003-03-19 21:48:56 +01:00
#ifdef USE_ZLIB
if (connection_decompress_to_buf(NULL, 0, conn, Z_SYNC_FLUSH) < 0)
return 0;
#endif
major overhaul: dns slave subsystem, topics on startup, it forks off a master dns handler, which forks off dns slaves (like the apache model). slaves as spawned as load increases, and then reused. excess slaves are not ever killed, currently. implemented topics. each topic has a receive window in each direction at each edge of the circuit, and sends sendme's at the data level, as per before. each circuit also has receive windows in each direction at each hop; an edge sends a circuit-level sendme as soon as enough data cells have arrived (regardless of whether the data cells were flushed to the exit conns). removed the 'connected' cell type, since it's now a topic command within data cells. at the edge of the circuit, there can be multiple connections associated with a single circuit. you find them via the linked list conn->next_topic. currently each new ap connection starts its own circuit, so we ought to see comparable performance to what we had before. but that's only because i haven't written the code to reattach to old circuits. please try to break it as-is, and then i'll make it reuse the same circuit and we'll try to break that. svn:r152
2003-01-26 10:02:24 +01:00
return connection_consider_sending_sendme(conn, EDGE_AP);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
default:
log(LOG_DEBUG,"Bug: connection_ap_finished_flushing() called in unexpected state.");
return 0;
}
return 0;
}
cleanup and a variety of bugfixes svn:r132
2002-10-03 00:54:20 +02:00
int connection_ap_create_listener(struct sockaddr_in *bindaddr) {
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
log(LOG_DEBUG,"connection_create_ap_listener starting");
cleanup and a variety of bugfixes svn:r132
2002-10-03 00:54:20 +02:00
return connection_create_listener(bindaddr, CONN_TYPE_AP_LISTENER);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
}
int connection_ap_handle_listener_read(connection_t *conn) {
onion proxy now speaks socks4a httpap is obsolete; we support privoxy directly now! smtpap is obsolete; need to find a good socks4a-enabled smtp proxy/client I dub thee 0.0.1. svn:r107
2002-09-22 13:09:07 +02:00
log(LOG_NOTICE,"AP: Received a connection request. Waiting for socksinfo.");
return connection_handle_listener_read(conn, CONN_TYPE_AP, AP_CONN_STATE_SOCKS_WAIT);
Integrated onion proxy into or/ The 'or' process can now be told (by the global_role variable) what roles this server should play -- connect to all ORs, listen for ORs, listen for OPs, listen for APs, or any combination. * everything in /src/op/ is now obsolete. * connection_ap.c now handles all interactions with application proxies * "port" is now or_port, op_port, ap_port. But routers are still always referenced (say, in conn_get_by_addr_port()) by addr / or_port. We should make routers.c actually read these new ports (currently I've kludged it so op_port = or_port+10, ap_port=or_port+20) * circuits currently know if they're at the beginning of the path because circ->cpath is set. They use this instead for crypts (both ways), if it's set. * I still obey the "send a 0 back to the AP when you're ready" protocol, but I think we should phase it out. I can simply not read from the AP socket until I'm ready. I need to do a lot of cleanup work here, but the code appears to work, so now's a good time for a checkin. svn:r22
2002-07-02 11:36:58 +02:00
}
Reference in New Issue Copy Permalink