mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 05:33:47 +01:00
Move or_connection_t to its own header.
This commit is contained in:
parent
6c0fe9d07c
commit
19c34b4658
@ -23,6 +23,8 @@
|
||||
#include "compat_time.h"
|
||||
#include "rendservice.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
STATIC int32_t channelpadding_get_netflow_inactive_timeout_ms(
|
||||
const channel_t *);
|
||||
STATIC int channelpadding_send_disable_command(channel_t *);
|
||||
|
@ -60,6 +60,8 @@
|
||||
#include "channelpadding_negotiation.h"
|
||||
#include "channelpadding.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
/** How many CELL_PADDING cells have we received, ever? */
|
||||
uint64_t stats_n_padding_cells_processed = 0;
|
||||
/** How many CELL_VERSIONS cells have we received, ever? */
|
||||
|
@ -117,6 +117,7 @@
|
||||
#include "control_connection_st.h"
|
||||
#include "entry_connection_st.h"
|
||||
#include "listener_connection_st.h"
|
||||
#include "or_connection_st.h"
|
||||
#include "port_cfg_st.h"
|
||||
|
||||
static connection_t *connection_listener_new(
|
||||
|
@ -61,6 +61,8 @@
|
||||
#include "torcert.h"
|
||||
#include "channelpadding.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
static int connection_tls_finish_handshake(or_connection_t *conn);
|
||||
static int connection_or_launch_v3_or_handshake(or_connection_t *conn);
|
||||
static int connection_or_process_cells_from_inbuf(or_connection_t *conn);
|
||||
@ -86,6 +88,15 @@ static void connection_or_check_canonicity(or_connection_t *conn,
|
||||
|
||||
/**************************************************************/
|
||||
|
||||
/** Convert a connection_t* to an or_connection_t*; assert if the cast is
|
||||
* invalid. */
|
||||
or_connection_t *
|
||||
TO_OR_CONN(connection_t *c)
|
||||
{
|
||||
tor_assert(c->magic == OR_CONNECTION_MAGIC);
|
||||
return DOWNCAST(or_connection_t, c);
|
||||
}
|
||||
|
||||
/** Global map between Extended ORPort identifiers and OR
|
||||
* connections. */
|
||||
static digestmap_t *orconn_ext_or_id_map = NULL;
|
||||
|
@ -12,6 +12,8 @@
|
||||
#ifndef TOR_CONNECTION_OR_H
|
||||
#define TOR_CONNECTION_OR_H
|
||||
|
||||
or_connection_t *TO_OR_CONN(connection_t *);
|
||||
|
||||
void connection_or_clear_identity(or_connection_t *conn);
|
||||
void connection_or_clear_identity_map(void);
|
||||
void clear_broken_connection_map(int disable);
|
||||
|
@ -83,6 +83,7 @@
|
||||
|
||||
#include "control_connection_st.h"
|
||||
#include "entry_connection_st.h"
|
||||
#include "or_connection_st.h"
|
||||
|
||||
#ifndef _WIN32
|
||||
#include <pwd.h>
|
||||
|
@ -11,6 +11,7 @@
|
||||
#include "or.h"
|
||||
#include "channel.h"
|
||||
#include "config.h"
|
||||
#include "connection_or.h"
|
||||
#include "crypto_rand.h"
|
||||
#include "geoip.h"
|
||||
#include "main.h"
|
||||
@ -21,6 +22,8 @@
|
||||
|
||||
#include "dos.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
/*
|
||||
* Circuit creation denial of service mitigation.
|
||||
*
|
||||
|
@ -29,6 +29,8 @@
|
||||
#include "proto_ext_or.h"
|
||||
#include "util.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
/** Allocate and return a structure capable of holding an Extended
|
||||
* ORPort message of body length <b>len</b>. */
|
||||
ext_or_cmd_t *
|
||||
|
@ -42,6 +42,8 @@ hibernating, phase 2:
|
||||
#include "router.h"
|
||||
#include "statefile.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
/** Are we currently awake, asleep, running out of bandwidth, or shutting
|
||||
* down? */
|
||||
static hibernate_state_t hibernate_state = HIBERNATE_STATE_INITIAL;
|
||||
|
@ -249,6 +249,7 @@ ORHEADERS = \
|
||||
src/or/onion_ntor.h \
|
||||
src/or/onion_tap.h \
|
||||
src/or/or.h \
|
||||
src/or/or_connection_st.h \
|
||||
src/or/transports.h \
|
||||
src/or/parsecommon.h \
|
||||
src/or/periodic.h \
|
||||
|
@ -123,6 +123,7 @@
|
||||
#include "dirauth/shared_random.h"
|
||||
|
||||
#include "entry_connection_st.h"
|
||||
#include "or_connection_st.h"
|
||||
#include "port_cfg_st.h"
|
||||
|
||||
#ifdef HAVE_SYSTEMD
|
||||
|
88
src/or/or.h
88
src/or/or.h
@ -1550,88 +1550,12 @@ typedef struct or_handshake_state_t {
|
||||
* drops below this size. */
|
||||
#define OR_CONN_LOWWATER (16*1024)
|
||||
|
||||
/** Subtype of connection_t for an "OR connection" -- that is, one that speaks
|
||||
* cells over TLS. */
|
||||
typedef struct or_connection_t {
|
||||
connection_t base_;
|
||||
|
||||
/** Hash of the public RSA key for the other side's identity key, or zeroes
|
||||
* if the other side hasn't shown us a valid identity key. */
|
||||
char identity_digest[DIGEST_LEN];
|
||||
|
||||
/** Extended ORPort connection identifier. */
|
||||
char *ext_or_conn_id;
|
||||
/** This is the ClientHash value we expect to receive from the
|
||||
* client during the Extended ORPort authentication protocol. We
|
||||
* compute it upon receiving the ClientNoce from the client, and we
|
||||
* compare it with the acual ClientHash value sent by the
|
||||
* client. */
|
||||
char *ext_or_auth_correct_client_hash;
|
||||
/** String carrying the name of the pluggable transport
|
||||
* (e.g. "obfs2") that is obfuscating this connection. If no
|
||||
* pluggable transports are used, it's NULL. */
|
||||
char *ext_or_transport;
|
||||
|
||||
char *nickname; /**< Nickname of OR on other side (if any). */
|
||||
|
||||
tor_tls_t *tls; /**< TLS connection state. */
|
||||
int tls_error; /**< Last tor_tls error code. */
|
||||
/** When we last used this conn for any client traffic. If not
|
||||
* recent, we can rate limit it further. */
|
||||
|
||||
/* Channel using this connection */
|
||||
channel_tls_t *chan;
|
||||
|
||||
tor_addr_t real_addr; /**< The actual address that this connection came from
|
||||
* or went to. The <b>addr</b> field is prone to
|
||||
* getting overridden by the address from the router
|
||||
* descriptor matching <b>identity_digest</b>. */
|
||||
|
||||
/** Should this connection be used for extending circuits to the server
|
||||
* matching the <b>identity_digest</b> field? Set to true if we're pretty
|
||||
* sure we aren't getting MITMed, either because we're connected to an
|
||||
* address listed in a server descriptor, or because an authenticated
|
||||
* NETINFO cell listed the address we're connected to as recognized. */
|
||||
unsigned int is_canonical:1;
|
||||
|
||||
/** True iff this is an outgoing connection. */
|
||||
unsigned int is_outgoing:1;
|
||||
unsigned int proxy_type:2; /**< One of PROXY_NONE...PROXY_SOCKS5 */
|
||||
unsigned int wide_circ_ids:1;
|
||||
/** True iff this connection has had its bootstrap failure logged with
|
||||
* control_event_bootstrap_problem. */
|
||||
unsigned int have_noted_bootstrap_problem:1;
|
||||
/** True iff this is a client connection and its address has been put in the
|
||||
* geoip cache and handled by the DoS mitigation subsystem. We use this to
|
||||
* insure we have a coherent count of concurrent connection. */
|
||||
unsigned int tracked_for_dos_mitigation : 1;
|
||||
|
||||
uint16_t link_proto; /**< What protocol version are we using? 0 for
|
||||
* "none negotiated yet." */
|
||||
uint16_t idle_timeout; /**< How long can this connection sit with no
|
||||
* circuits on it before we close it? Based on
|
||||
* IDLE_CIRCUIT_TIMEOUT_{NON,}CANONICAL and
|
||||
* on is_canonical, randomized. */
|
||||
or_handshake_state_t *handshake_state; /**< If we are setting this connection
|
||||
* up, state information to do so. */
|
||||
|
||||
time_t timestamp_lastempty; /**< When was the outbuf last completely empty?*/
|
||||
|
||||
token_bucket_rw_t bucket; /**< Used for rate limiting when the connection is
|
||||
* in state CONN_OPEN. */
|
||||
|
||||
/*
|
||||
* Count the number of bytes flushed out on this orconn, and the number of
|
||||
* bytes TLS actually sent - used for overhead estimation for scheduling.
|
||||
*/
|
||||
uint64_t bytes_xmitted, bytes_xmitted_by_tls;
|
||||
} or_connection_t;
|
||||
|
||||
typedef struct control_connection_t control_connection_t;
|
||||
typedef struct dir_connection_t dir_connection_t;
|
||||
typedef struct edge_connection_t edge_connection_t;
|
||||
typedef struct entry_connection_t entry_connection_t;
|
||||
typedef struct listener_connection_t listener_connection_t;
|
||||
typedef struct or_connection_t or_connection_t;
|
||||
|
||||
/** Cast a connection_t subtype pointer to a connection_t **/
|
||||
#define TO_CONN(c) (&(((c)->base_)))
|
||||
@ -1639,16 +1563,6 @@ typedef struct listener_connection_t listener_connection_t;
|
||||
/** Cast a entry_connection_t subtype pointer to a connection_t **/
|
||||
#define ENTRY_TO_CONN(c) (TO_CONN(ENTRY_TO_EDGE_CONN(c)))
|
||||
|
||||
/** Convert a connection_t* to an or_connection_t*; assert if the cast is
|
||||
* invalid. */
|
||||
static or_connection_t *TO_OR_CONN(connection_t *);
|
||||
|
||||
static inline or_connection_t *TO_OR_CONN(connection_t *c)
|
||||
{
|
||||
tor_assert(c->magic == OR_CONNECTION_MAGIC);
|
||||
return DOWNCAST(or_connection_t, c);
|
||||
}
|
||||
|
||||
/** What action type does an address policy indicate: accept or reject? */
|
||||
typedef enum {
|
||||
ADDR_POLICY_ACCEPT=1,
|
||||
|
88
src/or/or_connection_st.h
Normal file
88
src/or/or_connection_st.h
Normal file
@ -0,0 +1,88 @@
|
||||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2017, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#ifndef OR_CONNECTION_ST_H
|
||||
#define OR_CONNECTION_ST_H
|
||||
|
||||
/** Subtype of connection_t for an "OR connection" -- that is, one that speaks
|
||||
* cells over TLS. */
|
||||
struct or_connection_t {
|
||||
connection_t base_;
|
||||
|
||||
/** Hash of the public RSA key for the other side's identity key, or zeroes
|
||||
* if the other side hasn't shown us a valid identity key. */
|
||||
char identity_digest[DIGEST_LEN];
|
||||
|
||||
/** Extended ORPort connection identifier. */
|
||||
char *ext_or_conn_id;
|
||||
/** This is the ClientHash value we expect to receive from the
|
||||
* client during the Extended ORPort authentication protocol. We
|
||||
* compute it upon receiving the ClientNoce from the client, and we
|
||||
* compare it with the acual ClientHash value sent by the
|
||||
* client. */
|
||||
char *ext_or_auth_correct_client_hash;
|
||||
/** String carrying the name of the pluggable transport
|
||||
* (e.g. "obfs2") that is obfuscating this connection. If no
|
||||
* pluggable transports are used, it's NULL. */
|
||||
char *ext_or_transport;
|
||||
|
||||
char *nickname; /**< Nickname of OR on other side (if any). */
|
||||
|
||||
tor_tls_t *tls; /**< TLS connection state. */
|
||||
int tls_error; /**< Last tor_tls error code. */
|
||||
/** When we last used this conn for any client traffic. If not
|
||||
* recent, we can rate limit it further. */
|
||||
|
||||
/* Channel using this connection */
|
||||
channel_tls_t *chan;
|
||||
|
||||
tor_addr_t real_addr; /**< The actual address that this connection came from
|
||||
* or went to. The <b>addr</b> field is prone to
|
||||
* getting overridden by the address from the router
|
||||
* descriptor matching <b>identity_digest</b>. */
|
||||
|
||||
/** Should this connection be used for extending circuits to the server
|
||||
* matching the <b>identity_digest</b> field? Set to true if we're pretty
|
||||
* sure we aren't getting MITMed, either because we're connected to an
|
||||
* address listed in a server descriptor, or because an authenticated
|
||||
* NETINFO cell listed the address we're connected to as recognized. */
|
||||
unsigned int is_canonical:1;
|
||||
|
||||
/** True iff this is an outgoing connection. */
|
||||
unsigned int is_outgoing:1;
|
||||
unsigned int proxy_type:2; /**< One of PROXY_NONE...PROXY_SOCKS5 */
|
||||
unsigned int wide_circ_ids:1;
|
||||
/** True iff this connection has had its bootstrap failure logged with
|
||||
* control_event_bootstrap_problem. */
|
||||
unsigned int have_noted_bootstrap_problem:1;
|
||||
/** True iff this is a client connection and its address has been put in the
|
||||
* geoip cache and handled by the DoS mitigation subsystem. We use this to
|
||||
* insure we have a coherent count of concurrent connection. */
|
||||
unsigned int tracked_for_dos_mitigation : 1;
|
||||
|
||||
uint16_t link_proto; /**< What protocol version are we using? 0 for
|
||||
* "none negotiated yet." */
|
||||
uint16_t idle_timeout; /**< How long can this connection sit with no
|
||||
* circuits on it before we close it? Based on
|
||||
* IDLE_CIRCUIT_TIMEOUT_{NON,}CANONICAL and
|
||||
* on is_canonical, randomized. */
|
||||
or_handshake_state_t *handshake_state; /**< If we are setting this connection
|
||||
* up, state information to do so. */
|
||||
|
||||
time_t timestamp_lastempty; /**< When was the outbuf last completely empty?*/
|
||||
|
||||
token_bucket_rw_t bucket; /**< Used for rate limiting when the connection is
|
||||
* in state CONN_OPEN. */
|
||||
|
||||
/*
|
||||
* Count the number of bytes flushed out on this orconn, and the number of
|
||||
* bytes TLS actually sent - used for overhead estimation for scheduling.
|
||||
*/
|
||||
uint64_t bytes_xmitted, bytes_xmitted_by_tls;
|
||||
};
|
||||
|
||||
#endif
|
||||
|
@ -13,6 +13,8 @@
|
||||
#define TOR_CHANNEL_INTERNAL_
|
||||
#include "channeltls.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
/**
|
||||
* \file scheduler.c
|
||||
* \brief Channel scheduling system: decides which channels should send and
|
||||
|
@ -14,6 +14,8 @@
|
||||
#define SCHEDULER_PRIVATE_
|
||||
#include "scheduler.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
#define TLS_PER_CELL_OVERHEAD 29
|
||||
|
||||
#ifdef HAVE_KIST_SUPPORT
|
||||
|
@ -20,6 +20,8 @@
|
||||
#include "networkstatus.h"
|
||||
#include "log_test_helpers.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
int channelpadding_get_netflow_inactive_timeout_ms(channel_t *chan);
|
||||
int64_t channelpadding_compute_time_until_pad_for_netflow(channel_t *chan);
|
||||
int channelpadding_send_disable_command(channel_t*);
|
||||
|
@ -17,6 +17,8 @@
|
||||
#include "scheduler.h"
|
||||
#include "tortls.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
/* Test suite stuff */
|
||||
#include "test.h"
|
||||
#include "fakechans.h"
|
||||
|
@ -26,6 +26,7 @@
|
||||
|
||||
#include "dir_connection_st.h"
|
||||
#include "entry_connection_st.h"
|
||||
#include "or_connection_st.h"
|
||||
|
||||
static void * test_conn_get_basic_setup(const struct testcase_t *tc);
|
||||
static int test_conn_get_basic_teardown(const struct testcase_t *tc,
|
||||
|
@ -15,6 +15,9 @@
|
||||
#include "networkstatus.h"
|
||||
#include "nodelist.h"
|
||||
#include "routerlist.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
#include "test.h"
|
||||
#include "log_test_helpers.h"
|
||||
|
||||
|
@ -13,6 +13,9 @@
|
||||
#include "crypto_rand.h"
|
||||
#include "ext_orport.h"
|
||||
#include "main.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
#include "test.h"
|
||||
|
||||
/* Test connection_or_remove_from_ext_or_id_map and
|
||||
|
@ -21,6 +21,8 @@
|
||||
#include "scheduler.h"
|
||||
#include "torcert.h"
|
||||
|
||||
#include "or_connection_st.h"
|
||||
|
||||
#include "test.h"
|
||||
#include "log_test_helpers.h"
|
||||
|
||||
|
@ -13,6 +13,7 @@
|
||||
#include "test.h"
|
||||
|
||||
#include "dir_connection_st.h"
|
||||
#include "or_connection_st.h"
|
||||
|
||||
static or_options_t mock_options;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user