2004-11-07 02:33:06 +01:00
|
|
|
/* Copyright 2004 Roger Dingledine, Nick Mathewson. */
|
2004-11-03 02:32:26 +01:00
|
|
|
/* See LICENSE for licensing information */
|
|
|
|
/* $Id$ */
|
2004-11-29 23:25:31 +01:00
|
|
|
const char control_c_id[] = "$Id$";
|
2004-11-03 02:32:26 +01:00
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/**
|
2004-11-30 07:17:35 +01:00
|
|
|
* \file control.c
|
2004-11-07 22:37:50 +01:00
|
|
|
*
|
2004-11-30 07:17:35 +01:00
|
|
|
* \brief Implementation for Tor's control-socket interface.
|
2004-11-07 22:37:50 +01:00
|
|
|
*/
|
|
|
|
|
2004-11-03 02:32:26 +01:00
|
|
|
#include "or.h"
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/* Protocol outline: a bidirectional stream, over which each side
|
2004-11-07 23:37:59 +01:00
|
|
|
* sends a series of messages. Each message has a two-byte length field,
|
|
|
|
* a two-byte typecode, and a variable-length body whose length is
|
2004-11-07 22:37:50 +01:00
|
|
|
* given in the length field.
|
|
|
|
*
|
|
|
|
* By default, the server only sends messages in response to client messages.
|
|
|
|
* Every client message gets a message in response. The client may, however,
|
|
|
|
* _request_ that other messages be delivered asynchronously.
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* Every message type is either client-only or server-only, and every
|
|
|
|
* server message type is either synchronous-only (only occurs in
|
|
|
|
* response to a client request) or asynchronous-only (never is an
|
|
|
|
* answer to a client request.
|
|
|
|
*
|
|
|
|
* See control-spec.txt for full details.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* Recognized message type codes. */
|
2004-11-03 02:32:26 +01:00
|
|
|
#define CONTROL_CMD_ERROR 0x0000
|
|
|
|
#define CONTROL_CMD_DONE 0x0001
|
|
|
|
#define CONTROL_CMD_SETCONF 0x0002
|
|
|
|
#define CONTROL_CMD_GETCONF 0x0003
|
|
|
|
#define CONTROL_CMD_CONFVALUE 0x0004
|
|
|
|
#define CONTROL_CMD_SETEVENTS 0x0005
|
|
|
|
#define CONTROL_CMD_EVENT 0x0006
|
|
|
|
#define CONTROL_CMD_AUTHENTICATE 0x0007
|
2004-11-09 11:21:19 +01:00
|
|
|
#define CONTROL_CMD_SAVECONF 0x0008
|
2004-11-07 23:37:59 +01:00
|
|
|
#define _CONTROL_CMD_MAX_RECOGNIZED 0x0008
|
2004-11-03 02:32:26 +01:00
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/* Recognized error codes. */
|
2004-11-03 02:32:26 +01:00
|
|
|
#define ERR_UNSPECIFIED 0x0000
|
2004-11-07 23:58:35 +01:00
|
|
|
#define ERR_INTERNAL 0x0001
|
|
|
|
#define ERR_UNRECOGNIZED_TYPE 0x0002
|
|
|
|
#define ERR_SYNTAX 0x0003
|
|
|
|
#define ERR_UNRECOGNIZED_CONFIG_KEY 0x0004
|
|
|
|
#define ERR_INVALID_CONFIG_VALUE 0x0005
|
|
|
|
#define ERR_UNRECOGNIZED_EVENT_CODE 0x0006
|
|
|
|
#define ERR_UNAUTHORIZED 0x0007
|
|
|
|
#define ERR_REJECTED_AUTHENTICATION 0x0008
|
2004-11-03 02:32:26 +01:00
|
|
|
|
2004-11-09 02:24:10 +01:00
|
|
|
/* Recognized asynchronous event types. */
|
2004-11-03 02:32:26 +01:00
|
|
|
#define _EVENT_MIN 0x0001
|
|
|
|
#define EVENT_CIRCUIT_STATUS 0x0001
|
|
|
|
#define EVENT_STREAM_STATUS 0x0002
|
|
|
|
#define EVENT_OR_CONN_STATUS 0x0003
|
|
|
|
#define EVENT_BANDWIDTH_USED 0x0004
|
|
|
|
#define EVENT_WARNING 0x0005
|
|
|
|
#define _EVENT_MAX 0x0005
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Array mapping from message type codes to human-readable message
|
|
|
|
* type names. */
|
|
|
|
static const char * CONTROL_COMMANDS[] = {
|
2004-11-03 02:32:26 +01:00
|
|
|
"error",
|
|
|
|
"done",
|
|
|
|
"setconf",
|
|
|
|
"getconf",
|
|
|
|
"confvalue",
|
|
|
|
"setevents",
|
|
|
|
"events",
|
|
|
|
"authenticate",
|
2004-11-07 23:37:59 +01:00
|
|
|
"saveconf",
|
2004-11-03 02:32:26 +01:00
|
|
|
};
|
|
|
|
|
2004-11-07 23:37:59 +01:00
|
|
|
/** Bitfield: The bit 1<<e is set if <b>any</b> open control
|
2004-11-07 22:37:50 +01:00
|
|
|
* connection is interested in events of type <b>e</b>. We use this
|
|
|
|
* so that we can decide to skip generating event messages that nobody
|
2004-11-09 02:24:10 +01:00
|
|
|
* has interest in without having to walk over the global connection
|
2004-11-07 22:37:50 +01:00
|
|
|
* list to find out.
|
|
|
|
**/
|
2004-11-03 02:32:26 +01:00
|
|
|
static uint32_t global_event_mask = 0;
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Macro: true if any control connection is interested in events of type
|
|
|
|
* <b>e</b>. */
|
|
|
|
#define EVENT_IS_INTERESTING(e) (global_event_mask & (1<<(e)))
|
|
|
|
|
|
|
|
/** If we're using cookie-type authentication, how long should our cookies be?
|
|
|
|
*/
|
2004-11-03 20:49:03 +01:00
|
|
|
#define AUTHENTICATION_COOKIE_LEN 32
|
2004-11-07 22:37:50 +01:00
|
|
|
|
|
|
|
/** If true, we've set authentication_cookie to a secret code and
|
|
|
|
* stored it to disk. */
|
2004-11-03 20:49:03 +01:00
|
|
|
static int authentication_cookie_is_set = 0;
|
|
|
|
static char authentication_cookie[AUTHENTICATION_COOKIE_LEN];
|
|
|
|
|
2004-11-03 02:32:26 +01:00
|
|
|
static void update_global_event_mask(void);
|
|
|
|
static void send_control_message(connection_t *conn, uint16_t type,
|
|
|
|
uint16_t len, const char *body);
|
|
|
|
static void send_control_done(connection_t *conn);
|
|
|
|
static void send_control_error(connection_t *conn, uint16_t error,
|
|
|
|
const char *message);
|
|
|
|
static void send_control_event(uint16_t event, uint16_t len, const char *body);
|
|
|
|
static int handle_control_setconf(connection_t *conn, uint16_t len,
|
2004-11-04 23:31:50 +01:00
|
|
|
char *body);
|
2004-11-03 02:32:26 +01:00
|
|
|
static int handle_control_getconf(connection_t *conn, uint16_t len,
|
|
|
|
const char *body);
|
|
|
|
static int handle_control_setevents(connection_t *conn, uint16_t len,
|
|
|
|
const char *body);
|
|
|
|
static int handle_control_authenticate(connection_t *conn, uint16_t len,
|
|
|
|
const char *body);
|
2004-11-07 23:37:59 +01:00
|
|
|
static int handle_control_saveconf(connection_t *conn, uint16_t len,
|
|
|
|
const char *body);
|
2004-11-03 02:32:26 +01:00
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Given a possibly invalid message type code <b>cmd</b>, return a
|
|
|
|
* human-readable string equivalent. */
|
2004-11-03 02:32:26 +01:00
|
|
|
static INLINE const char *
|
|
|
|
control_cmd_to_string(uint16_t cmd)
|
|
|
|
{
|
|
|
|
return (cmd<=_CONTROL_CMD_MAX_RECOGNIZED) ? CONTROL_COMMANDS[cmd] : "Unknown";
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Set <b>global_event_mask</b> to the bitwise OR of each live control
|
|
|
|
* connection's event_mask field. */
|
2004-11-03 02:32:26 +01:00
|
|
|
static void update_global_event_mask(void)
|
|
|
|
{
|
|
|
|
connection_t **conns;
|
|
|
|
int n_conns, i;
|
|
|
|
|
|
|
|
global_event_mask = 0;
|
|
|
|
get_connection_array(&conns, &n_conns);
|
|
|
|
for (i = 0; i < n_conns; ++i) {
|
|
|
|
if (conns[i]->type == CONN_TYPE_CONTROL &&
|
|
|
|
conns[i]->state == CONTROL_CONN_STATE_OPEN) {
|
|
|
|
global_event_mask |= conns[i]->event_mask;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Send a message of type <b>type</b> containing <b>len</b> bytes
|
|
|
|
* from <b>body</b> along the control connection <b>conn</b> */
|
2004-11-03 02:32:26 +01:00
|
|
|
static void
|
|
|
|
send_control_message(connection_t *conn, uint16_t type, uint16_t len,
|
|
|
|
const char *body)
|
|
|
|
{
|
|
|
|
char buf[4];
|
|
|
|
tor_assert(conn);
|
2004-11-09 11:08:42 +01:00
|
|
|
tor_assert(len || !body);
|
2004-11-03 02:32:26 +01:00
|
|
|
tor_assert(type <= _CONTROL_CMD_MAX_RECOGNIZED);
|
2004-11-09 11:08:42 +01:00
|
|
|
set_uint16(buf, htons(len));
|
|
|
|
set_uint16(buf+2, htons(type));
|
2004-11-03 02:32:26 +01:00
|
|
|
connection_write_to_buf(buf, 4, conn);
|
|
|
|
if (len)
|
|
|
|
connection_write_to_buf(body, len, conn);
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Send a "DONE" message down the control connection <b>conn</b> */
|
2004-11-03 02:32:26 +01:00
|
|
|
static void
|
|
|
|
send_control_done(connection_t *conn)
|
|
|
|
{
|
|
|
|
send_control_message(conn, CONTROL_CMD_DONE, 0, NULL);
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Send an error message with error code <b>error</b> and body
|
|
|
|
* <b>message</b> down the connection <b>conn</b> */
|
2004-11-03 02:32:26 +01:00
|
|
|
static void
|
|
|
|
send_control_error(connection_t *conn, uint16_t error, const char *message)
|
|
|
|
{
|
|
|
|
char buf[256];
|
|
|
|
size_t len;
|
|
|
|
set_uint16(buf, htons(error));
|
|
|
|
len = strlen(message);
|
|
|
|
tor_assert(len < (256-2));
|
|
|
|
memcpy(buf+2, message, len);
|
2004-11-03 22:53:54 +01:00
|
|
|
send_control_message(conn, CONTROL_CMD_ERROR, (uint16_t)(len+2), buf);
|
2004-11-03 02:32:26 +01:00
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Send an 'event' message of event type <b>event</b>, containing
|
|
|
|
* <b>len</b> bytes in <b>body</b> to every control connection that
|
|
|
|
* is interested in it. */
|
2004-11-03 02:32:26 +01:00
|
|
|
static void
|
|
|
|
send_control_event(uint16_t event, uint16_t len, const char *body)
|
|
|
|
{
|
|
|
|
connection_t **conns;
|
|
|
|
int n_conns, i;
|
2004-11-11 01:54:53 +01:00
|
|
|
size_t buflen;
|
|
|
|
char *buf;
|
|
|
|
|
|
|
|
buflen = len + 2;
|
|
|
|
buf = tor_malloc_zero(buflen);
|
|
|
|
set_uint16(buf, htons(event));
|
|
|
|
memcpy(buf+2, body, len);
|
2004-11-03 02:32:26 +01:00
|
|
|
|
|
|
|
get_connection_array(&conns, &n_conns);
|
|
|
|
for (i = 0; i < n_conns; ++i) {
|
|
|
|
if (conns[i]->type == CONN_TYPE_CONTROL &&
|
|
|
|
conns[i]->state == CONTROL_CONN_STATE_OPEN &&
|
|
|
|
conns[i]->event_mask & (1<<event)) {
|
2004-11-11 01:54:53 +01:00
|
|
|
send_control_message(conns[i], CONTROL_CMD_EVENT, (uint16_t)(buflen), buf);
|
2004-11-03 02:32:26 +01:00
|
|
|
}
|
|
|
|
}
|
2004-11-11 01:54:53 +01:00
|
|
|
|
2004-11-12 17:39:03 +01:00
|
|
|
tor_free(buf);
|
2004-11-03 02:32:26 +01:00
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Called when we receive a SETCONF message: parse the body and try
|
|
|
|
* to update our configuration. Reply with a DONE or ERROR message. */
|
2004-11-03 19:33:07 +01:00
|
|
|
static int
|
2004-11-07 22:37:50 +01:00
|
|
|
handle_control_setconf(connection_t *conn, uint16_t len, char *body)
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
2004-11-07 23:58:35 +01:00
|
|
|
int r;
|
2004-11-06 06:18:11 +01:00
|
|
|
struct config_line_t *lines=NULL;
|
2004-11-04 23:31:50 +01:00
|
|
|
|
2004-11-06 06:18:11 +01:00
|
|
|
if (config_get_lines(body, &lines) < 0) {
|
|
|
|
log_fn(LOG_WARN,"Controller gave us config lines we can't parse.");
|
2004-11-07 23:58:35 +01:00
|
|
|
send_control_error(conn, ERR_SYNTAX, "Couldn't parse configuration");
|
2004-11-06 06:18:11 +01:00
|
|
|
return 0;
|
|
|
|
}
|
2004-11-04 23:31:50 +01:00
|
|
|
|
2004-11-09 18:15:17 +01:00
|
|
|
if ((r=config_trial_assign(lines, 1)) < 0) {
|
2004-11-06 06:18:11 +01:00
|
|
|
log_fn(LOG_WARN,"Controller gave us config lines that didn't validate.");
|
2004-11-08 00:11:29 +01:00
|
|
|
if (r==-1) {
|
|
|
|
send_control_error(conn, ERR_UNRECOGNIZED_CONFIG_KEY,
|
2004-11-07 23:58:35 +01:00
|
|
|
"Unrecognized option");
|
|
|
|
} else {
|
|
|
|
send_control_error(conn, ERR_INVALID_CONFIG_VALUE,"Invalid option value");
|
|
|
|
}
|
2004-11-06 06:18:11 +01:00
|
|
|
config_free_lines(lines);
|
|
|
|
return 0;
|
|
|
|
}
|
2004-11-04 23:31:50 +01:00
|
|
|
|
2004-11-06 06:18:11 +01:00
|
|
|
config_free_lines(lines);
|
2004-11-09 05:28:18 +01:00
|
|
|
if (options_act() < 0) { /* acting on them failed. die. */
|
|
|
|
log_fn(LOG_ERR,"Acting on config options left us in a broken state. Dying.");
|
|
|
|
exit(1);
|
|
|
|
}
|
2004-11-06 06:18:11 +01:00
|
|
|
send_control_done(conn);
|
2004-11-03 02:32:26 +01:00
|
|
|
return 0;
|
|
|
|
}
|
2004-11-03 19:33:07 +01:00
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Called when we receive a GETCONF message. Parse the request, and
|
|
|
|
* reply with a CONFVALUE or an ERROR message */
|
2004-11-04 23:31:50 +01:00
|
|
|
static int
|
2004-11-07 22:37:50 +01:00
|
|
|
handle_control_getconf(connection_t *conn, uint16_t body_len, const char *body)
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
2004-11-04 23:31:50 +01:00
|
|
|
smartlist_t *questions = NULL;
|
|
|
|
smartlist_t *answers = NULL;
|
2004-11-03 19:33:07 +01:00
|
|
|
char *msg = NULL;
|
|
|
|
size_t msg_len;
|
2004-11-06 06:18:11 +01:00
|
|
|
or_options_t *options = get_options();
|
2004-11-03 19:33:07 +01:00
|
|
|
|
2004-11-04 23:31:50 +01:00
|
|
|
questions = smartlist_create();
|
|
|
|
smartlist_split_string(questions, body, "\n",
|
|
|
|
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
|
|
|
|
answers = smartlist_create();
|
|
|
|
SMARTLIST_FOREACH(questions, const char *, q,
|
|
|
|
{
|
2004-11-09 07:40:32 +01:00
|
|
|
int recognized = config_option_is_recognized(q);
|
|
|
|
if (!recognized) {
|
2004-11-03 19:33:07 +01:00
|
|
|
send_control_error(conn, ERR_UNRECOGNIZED_CONFIG_KEY, body);
|
|
|
|
goto done;
|
|
|
|
} else {
|
2004-11-09 07:40:32 +01:00
|
|
|
struct config_line_t *answer = config_get_assigned_option(options,q);
|
|
|
|
|
2004-11-03 19:33:07 +01:00
|
|
|
while (answer) {
|
|
|
|
struct config_line_t *next;
|
2004-11-04 23:31:50 +01:00
|
|
|
size_t alen = strlen(answer->key)+strlen(answer->value)+2;
|
|
|
|
char *astr = tor_malloc(alen);
|
|
|
|
tor_snprintf(astr, alen, "%s %s\n", answer->key, answer->value);
|
|
|
|
smartlist_add(answers, astr);
|
|
|
|
|
2004-11-03 19:33:07 +01:00
|
|
|
next = answer->next;
|
2004-11-04 23:31:50 +01:00
|
|
|
tor_free(answer->key);
|
|
|
|
tor_free(answer->value);
|
2004-11-03 19:33:07 +01:00
|
|
|
tor_free(answer);
|
|
|
|
answer = next;
|
|
|
|
}
|
|
|
|
}
|
2004-11-04 23:31:50 +01:00
|
|
|
});
|
2004-11-03 19:33:07 +01:00
|
|
|
|
2004-11-04 23:31:50 +01:00
|
|
|
msg = smartlist_join_strings(answers, "", 0, &msg_len);
|
2004-11-03 22:53:54 +01:00
|
|
|
send_control_message(conn, CONTROL_CMD_CONFVALUE,
|
2004-11-09 11:18:41 +01:00
|
|
|
(uint16_t)msg_len, msg_len?msg:NULL);
|
2004-11-03 19:33:07 +01:00
|
|
|
|
|
|
|
done:
|
2004-11-04 23:31:50 +01:00
|
|
|
if (answers) SMARTLIST_FOREACH(answers, char *, cp, tor_free(cp));
|
|
|
|
if (questions) SMARTLIST_FOREACH(questions, char *, cp, tor_free(cp));
|
|
|
|
smartlist_free(answers);
|
|
|
|
smartlist_free(questions);
|
2004-11-03 19:33:07 +01:00
|
|
|
tor_free(msg);
|
|
|
|
|
2004-11-03 02:32:26 +01:00
|
|
|
return 0;
|
|
|
|
}
|
2004-11-04 23:31:50 +01:00
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Called when we get a SETEVENTS message: update conn->event_mask,
|
|
|
|
* and reply with DONE or ERROR. */
|
|
|
|
static int
|
|
|
|
handle_control_setevents(connection_t *conn, uint16_t len, const char *body)
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
|
|
|
uint16_t event_code;
|
|
|
|
uint32_t event_mask = 0;
|
|
|
|
if (len % 2) {
|
2004-11-07 23:58:35 +01:00
|
|
|
send_control_error(conn, ERR_SYNTAX,
|
2004-11-03 02:32:26 +01:00
|
|
|
"Odd number of bytes in setevents message");
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (; len; len -= 2, body += 2) {
|
|
|
|
event_code = ntohs(get_uint16(body));
|
|
|
|
if (event_code < _EVENT_MIN || event_code > _EVENT_MAX) {
|
|
|
|
send_control_error(conn, ERR_UNRECOGNIZED_EVENT_CODE,
|
|
|
|
"Unrecognized event code");
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
event_mask |= (1 << event_code);
|
|
|
|
}
|
|
|
|
|
|
|
|
conn->event_mask = event_mask;
|
|
|
|
|
|
|
|
update_global_event_mask();
|
|
|
|
send_control_done(conn);
|
|
|
|
return 0;
|
|
|
|
}
|
2004-11-04 23:31:50 +01:00
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Called when we get an AUTHENTICATE message. Check whether the
|
|
|
|
* authentication is valid, and if so, update the connection's state to
|
|
|
|
* OPEN. Reply with DONE or ERROR.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
handle_control_authenticate(connection_t *conn, uint16_t len, const char *body)
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
2004-11-06 06:18:11 +01:00
|
|
|
or_options_t *options = get_options();
|
2004-11-12 17:39:03 +01:00
|
|
|
if (options->CookieAuthentication) {
|
|
|
|
if (len == AUTHENTICATION_COOKIE_LEN &&
|
|
|
|
!memcmp(authentication_cookie, body, len)) {
|
|
|
|
goto ok;
|
|
|
|
}
|
|
|
|
} else if (options->HashedControlPassword) {
|
2004-11-03 20:49:03 +01:00
|
|
|
char expected[S2K_SPECIFIER_LEN+DIGEST_LEN];
|
|
|
|
char received[DIGEST_LEN];
|
|
|
|
if (base64_decode(expected,sizeof(expected),
|
2004-11-06 06:18:11 +01:00
|
|
|
options->HashedControlPassword,
|
|
|
|
strlen(options->HashedControlPassword))<0) {
|
2004-11-03 20:49:03 +01:00
|
|
|
log_fn(LOG_WARN,"Couldn't decode HashedControlPassword: invalid base64");
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
secret_to_key(received,DIGEST_LEN,body,len,expected);
|
|
|
|
if (!memcmp(expected+S2K_SPECIFIER_LEN, received, DIGEST_LEN))
|
|
|
|
goto ok;
|
2004-11-07 23:37:59 +01:00
|
|
|
goto err;
|
2004-11-12 17:39:03 +01:00
|
|
|
} else {
|
|
|
|
if (len == 0) {
|
|
|
|
/* if Tor doesn't demand any stronger authentication, then
|
|
|
|
* the controller can get in with a blank auth line. */
|
|
|
|
goto ok;
|
|
|
|
}
|
|
|
|
goto err;
|
2004-11-07 12:33:04 +01:00
|
|
|
}
|
2004-11-03 20:49:03 +01:00
|
|
|
|
|
|
|
err:
|
2004-11-07 23:58:35 +01:00
|
|
|
send_control_error(conn, ERR_REJECTED_AUTHENTICATION,"Authentication failed");
|
2004-11-03 02:32:26 +01:00
|
|
|
return 0;
|
2004-11-03 20:49:03 +01:00
|
|
|
ok:
|
|
|
|
log_fn(LOG_INFO, "Authenticated control connection (%d)", conn->s);
|
|
|
|
send_control_done(conn);
|
|
|
|
conn->state = CONTROL_CONN_STATE_OPEN;
|
|
|
|
return 0;
|
2004-11-03 02:32:26 +01:00
|
|
|
}
|
|
|
|
|
2004-11-07 23:37:59 +01:00
|
|
|
static int
|
|
|
|
handle_control_saveconf(connection_t *conn, uint16_t len,
|
|
|
|
const char *body)
|
|
|
|
{
|
2004-11-14 21:51:28 +01:00
|
|
|
if (save_current_config()<0) {
|
|
|
|
send_control_error(conn, ERR_INTERNAL,
|
|
|
|
"Unable to write configuration to disk.");
|
2004-11-15 05:02:59 +01:00
|
|
|
} else {
|
|
|
|
send_control_done(conn);
|
2004-11-14 21:51:28 +01:00
|
|
|
}
|
2004-11-07 23:37:59 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Called when <b>conn</b> has no more bytes left on its outbuf. */
|
|
|
|
int
|
|
|
|
connection_control_finished_flushing(connection_t *conn) {
|
2004-11-03 02:32:26 +01:00
|
|
|
tor_assert(conn);
|
|
|
|
tor_assert(conn->type == CONN_TYPE_CONTROL);
|
|
|
|
|
|
|
|
connection_stop_writing(conn);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-11-21 11:14:57 +01:00
|
|
|
/** Called when <b>conn</b> has gotten its socket closed. */
|
|
|
|
int connection_control_reached_eof(connection_t *conn) {
|
|
|
|
log_fn(LOG_INFO,"Control connection reached EOF. Closing.");
|
|
|
|
connection_mark_for_close(conn);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/** Called when <b>conn</b> has received more bytes on its inbuf.
|
|
|
|
*/
|
2004-11-07 22:37:50 +01:00
|
|
|
int
|
|
|
|
connection_control_process_inbuf(connection_t *conn) {
|
2004-11-03 02:32:26 +01:00
|
|
|
uint16_t body_len, command_type;
|
|
|
|
char *body;
|
|
|
|
|
|
|
|
tor_assert(conn);
|
|
|
|
tor_assert(conn->type == CONN_TYPE_CONTROL);
|
|
|
|
|
|
|
|
again:
|
2004-11-07 22:37:50 +01:00
|
|
|
/* Try to suck a control message from the buffer. */
|
2004-11-28 10:05:49 +01:00
|
|
|
switch (fetch_from_buf_control(conn->inbuf, &body_len, &command_type, &body))
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
|
|
|
case -1:
|
2004-11-07 23:58:35 +01:00
|
|
|
tor_free(body);
|
2004-11-03 02:32:26 +01:00
|
|
|
log_fn(LOG_WARN, "Error in control command. Failing.");
|
|
|
|
return -1;
|
|
|
|
case 0:
|
|
|
|
/* Control command not all here yet. Wait. */
|
|
|
|
return 0;
|
|
|
|
case 1:
|
|
|
|
/* We got a command. Process it. */
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
tor_assert(0);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* We got a command. If we need authentication, only authentication
|
|
|
|
* commands will be considered. */
|
|
|
|
if (conn->state == CONTROL_CONN_STATE_NEEDAUTH &&
|
|
|
|
command_type != CONTROL_CMD_AUTHENTICATE) {
|
|
|
|
log_fn(LOG_WARN, "Rejecting '%s' command; authentication needed.",
|
|
|
|
control_cmd_to_string(command_type));
|
2004-11-07 23:58:35 +01:00
|
|
|
send_control_error(conn, ERR_UNAUTHORIZED, "Authentication required");
|
2004-11-03 02:32:26 +01:00
|
|
|
tor_free(body);
|
|
|
|
goto again;
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/* Okay, we're willing to process the command. */
|
2004-11-28 10:05:49 +01:00
|
|
|
switch (command_type)
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
|
|
|
case CONTROL_CMD_SETCONF:
|
|
|
|
if (handle_control_setconf(conn, body_len, body))
|
|
|
|
return -1;
|
|
|
|
break;
|
|
|
|
case CONTROL_CMD_GETCONF:
|
|
|
|
if (handle_control_getconf(conn, body_len, body))
|
|
|
|
return -1;
|
|
|
|
break;
|
|
|
|
case CONTROL_CMD_SETEVENTS:
|
|
|
|
if (handle_control_setevents(conn, body_len, body))
|
|
|
|
return -1;
|
|
|
|
break;
|
|
|
|
case CONTROL_CMD_AUTHENTICATE:
|
|
|
|
if (handle_control_authenticate(conn, body_len, body))
|
|
|
|
return -1;
|
|
|
|
break;
|
2004-11-09 11:21:19 +01:00
|
|
|
case CONTROL_CMD_SAVECONF:
|
2004-11-07 23:37:59 +01:00
|
|
|
if (handle_control_saveconf(conn, body_len, body))
|
|
|
|
return -1;
|
|
|
|
break;
|
2004-11-03 02:32:26 +01:00
|
|
|
case CONTROL_CMD_ERROR:
|
|
|
|
case CONTROL_CMD_DONE:
|
|
|
|
case CONTROL_CMD_CONFVALUE:
|
|
|
|
case CONTROL_CMD_EVENT:
|
|
|
|
log_fn(LOG_WARN, "Received client-only '%s' command; ignoring.",
|
|
|
|
control_cmd_to_string(command_type));
|
|
|
|
send_control_error(conn, ERR_UNRECOGNIZED_TYPE,
|
2004-11-03 11:08:44 +01:00
|
|
|
"Command type only valid from server to tor client");
|
2004-11-03 02:32:26 +01:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
log_fn(LOG_WARN, "Received unrecognized command type %d; ignoring.",
|
|
|
|
(int)command_type);
|
|
|
|
send_control_error(conn, ERR_UNRECOGNIZED_TYPE,
|
|
|
|
"Unrecognized command type");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
tor_free(body);
|
|
|
|
goto again; /* There might be more data. */
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Something has happened to circuit <b>circ</b>: tell any interested
|
|
|
|
* control connections. */
|
|
|
|
int
|
|
|
|
control_event_circuit_status(circuit_t *circ, circuit_status_event_t tp)
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
2004-11-03 19:33:07 +01:00
|
|
|
char *path, *msg;
|
|
|
|
size_t path_len;
|
2004-11-03 02:32:26 +01:00
|
|
|
if (!EVENT_IS_INTERESTING(EVENT_CIRCUIT_STATUS))
|
|
|
|
return 0;
|
2004-11-03 19:33:07 +01:00
|
|
|
tor_assert(circ);
|
|
|
|
tor_assert(CIRCUIT_IS_ORIGIN(circ));
|
|
|
|
|
2004-11-23 01:11:36 +01:00
|
|
|
path = circuit_list_path(circ,0);
|
2004-11-03 19:33:07 +01:00
|
|
|
path_len = strlen(path);
|
|
|
|
msg = tor_malloc(1+4+path_len+1); /* event, circid, path, NUL. */
|
|
|
|
msg[0] = (uint8_t) tp;
|
|
|
|
set_uint32(msg+1, htonl(circ->global_identifier));
|
|
|
|
strlcpy(msg+5,path,path_len+1);
|
|
|
|
|
|
|
|
send_control_event(EVENT_STREAM_STATUS, (uint16_t)(path_len+6), msg);
|
|
|
|
tor_free(path);
|
|
|
|
tor_free(msg);
|
2004-11-03 02:32:26 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Something has happened to the stream associated with AP connection
|
|
|
|
* <b>conn</b>: tell any interested control connections. */
|
|
|
|
int
|
|
|
|
control_event_stream_status(connection_t *conn, stream_status_event_t tp)
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
2004-11-03 19:33:07 +01:00
|
|
|
char *msg;
|
|
|
|
size_t len;
|
2004-11-03 02:32:26 +01:00
|
|
|
tor_assert(conn->type == CONN_TYPE_AP);
|
2004-11-03 19:33:07 +01:00
|
|
|
tor_assert(conn->socks_request);
|
2004-11-03 02:32:26 +01:00
|
|
|
|
|
|
|
if (!EVENT_IS_INTERESTING(EVENT_STREAM_STATUS))
|
|
|
|
return 0;
|
|
|
|
|
2004-11-03 19:33:07 +01:00
|
|
|
len = strlen(conn->socks_request->address);
|
|
|
|
msg = tor_malloc(5+len+1);
|
|
|
|
msg[0] = (uint8_t) tp;
|
|
|
|
set_uint32(msg+1, htonl(conn->s)); /* ???? Is this a security problem? */
|
|
|
|
strlcpy(msg+5, conn->socks_request->address, len+1);
|
2004-11-03 02:32:26 +01:00
|
|
|
|
2004-11-03 19:33:07 +01:00
|
|
|
send_control_event(EVENT_STREAM_STATUS, (uint16_t)(5+len+1), msg);
|
|
|
|
tor_free(msg);
|
2004-11-03 02:32:26 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Something has happened to the OR connection <b>conn</b>: tell any
|
|
|
|
* interested control connections. */
|
|
|
|
int
|
|
|
|
control_event_or_conn_status(connection_t *conn,or_conn_status_event_t tp)
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
2004-11-03 19:33:07 +01:00
|
|
|
char buf[HEX_DIGEST_LEN+3]; /* status, dollar, identity, NUL */
|
|
|
|
size_t len;
|
|
|
|
|
2004-11-03 02:32:26 +01:00
|
|
|
tor_assert(conn->type == CONN_TYPE_OR);
|
|
|
|
|
|
|
|
if (!EVENT_IS_INTERESTING(EVENT_OR_CONN_STATUS))
|
|
|
|
return 0;
|
|
|
|
|
2004-11-03 19:33:07 +01:00
|
|
|
buf[0] = (uint8_t)tp;
|
|
|
|
strlcpy(buf+1,conn->nickname,sizeof(buf)-1);
|
|
|
|
len = strlen(buf+1);
|
|
|
|
send_control_event(EVENT_OR_CONN_STATUS, (uint16_t)(len+1), buf);
|
2004-11-03 02:32:26 +01:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** A second or more has elapsed: tell any interested control
|
|
|
|
* connections how much bandwidth we used. */
|
|
|
|
int
|
|
|
|
control_event_bandwidth_used(uint32_t n_read, uint32_t n_written)
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
|
|
|
char buf[8];
|
|
|
|
|
|
|
|
if (!EVENT_IS_INTERESTING(EVENT_BANDWIDTH_USED))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
set_uint32(buf, htonl(n_read));
|
2004-11-09 11:08:42 +01:00
|
|
|
set_uint32(buf+4, htonl(n_written));
|
2004-11-03 02:32:26 +01:00
|
|
|
send_control_event(EVENT_BANDWIDTH_USED, 8, buf);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** We got a log message: tell any interested control connections. */
|
|
|
|
void
|
|
|
|
control_event_logmsg(int severity, const char *msg)
|
2004-11-03 02:32:26 +01:00
|
|
|
{
|
|
|
|
size_t len;
|
2004-11-03 19:33:07 +01:00
|
|
|
if (severity > LOG_WARN) /* Less important than warning? ignore for now. */
|
|
|
|
return;
|
2004-11-03 02:32:26 +01:00
|
|
|
if (!EVENT_IS_INTERESTING(EVENT_WARNING))
|
2004-11-03 19:33:07 +01:00
|
|
|
return;
|
2004-11-03 02:32:26 +01:00
|
|
|
|
|
|
|
len = strlen(msg);
|
2004-11-03 19:33:07 +01:00
|
|
|
send_control_event(EVENT_WARNING, (uint16_t)(len+1), msg);
|
2004-11-03 02:32:26 +01:00
|
|
|
}
|
|
|
|
|
2004-11-07 22:37:50 +01:00
|
|
|
/** Choose a random authentication cookie and write it to disk.
|
|
|
|
* Anybody who can read the cookie from disk will be considered
|
|
|
|
* authorized to use the control connection. */
|
|
|
|
int
|
2004-11-12 17:39:03 +01:00
|
|
|
init_cookie_authentication(int enabled)
|
2004-11-03 20:49:03 +01:00
|
|
|
{
|
|
|
|
char fname[512];
|
|
|
|
|
2004-11-12 17:39:03 +01:00
|
|
|
if (!enabled)
|
|
|
|
authentication_cookie_is_set = 0;
|
2004-11-03 20:49:03 +01:00
|
|
|
|
|
|
|
tor_snprintf(fname, sizeof(fname), "%s/control_auth_cookie",
|
2004-11-09 08:05:53 +01:00
|
|
|
get_options()->DataDirectory);
|
2004-11-03 20:49:03 +01:00
|
|
|
crypto_rand(authentication_cookie, AUTHENTICATION_COOKIE_LEN);
|
|
|
|
authentication_cookie_is_set = 1;
|
|
|
|
if (write_bytes_to_file(fname, authentication_cookie,
|
|
|
|
AUTHENTICATION_COOKIE_LEN, 1)) {
|
|
|
|
log_fn(LOG_WARN,"Error writing authentication cookie.");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|