nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 13:06:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Bite the bullet and limit all our source lines to 80 characters, the way IBM intended.

Browse Source 
svn:r5582
This commit is contained in:
Nick Mathewson 2005-12-14 20:40:40 +00:00
parent 7e632a7564
commit 1af630d32c
45 changed files with 1598 additions and 884 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
contrib/checkSpace.pl
View File

@ -37,7 +37,7 @@ for $fn (@ARGV) {
}
## Terminals are still 80 columns wide in my world. I refuse to
## accept double-line lines.
if (/^.{150}/) {
if (/^.{80}/) {
print " Wide:$fn:$.\n";
}

2
doc/TODO
View File

@ -193,7 +193,7 @@ N - Clients use Stable and Fast instead of uptime and bandwidth to
- Make authorities rate-limit logging their complaints about given
servers?
- Is this still necessary?
- All versions of Tor should get cosmetic changes rate-limited.
o All versions of Tor should get cosmetic changes rate-limited.
- Pick directories from networkstatus objects, not from routerlist.
- But! We can't do this easily, since we want to know about platform,
and networkstatus doesn't tell us Tor version. Can we solve this?

18
src/common/aes.c
View File

@ -51,11 +51,14 @@ typedef uint8_t u8;
#define MAXKB (256/8)
#define MAXNR 14
static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits);
static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/],
const u8 cipherKey[], int keyBits);
#ifdef USE_RIJNDAEL_COUNTER_OPTIMIZATION
static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, u32 ctr1, u32 ctr0, u8 ct[16]);
static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr,
u32 ctr1, u32 ctr0, u8 ct[16]);
#else
static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], u8 ct[16]);
static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr,
const u8 pt[16], u8 ct[16]);
#endif
#endif
@ -90,8 +93,10 @@ _aes_fill_buf(aes_cnt_cipher_t *cipher)
* 3) changing the counter position was not trivial, last time I looked.
* None of these issues are insurmountable in principle.
*/
#if !defined(USE_OPENSSL_EVP) && !defined(USE_OPENSSL_AES) && defined(USE_RIJNDAEL_COUNTER_OPTIMIZATION)
rijndaelEncrypt(cipher->rk, cipher->nr, cipher->counter1, cipher->counter0, cipher->buf);
#if (!defined(USE_OPENSSL_EVP) && !defined(USE_OPENSSL_AES) && \
defined(USE_RIJNDAEL_COUNTER_OPTIMIZATION))
rijndaelEncrypt(cipher->rk, cipher->nr,
cipher->counter1, cipher->counter0, cipher->buf);
#else
u32 counter0 = cipher->counter0;
u32 counter1 = cipher->counter1;
@ -176,7 +181,8 @@ aes_free_cipher(aes_cnt_cipher_t *cipher)
* by <b>len</b> bytes as it encrypts.
*/
void
aes_crypt(aes_cnt_cipher_t *cipher, const char *input, size_t len, char *output)
aes_crypt(aes_cnt_cipher_t *cipher, const char *input, size_t len,
char *output)
{
int c = cipher->pos;
if (!len) return;

3
src/common/aes.h
View File

@ -22,7 +22,8 @@ typedef struct aes_cnt_cipher aes_cnt_cipher_t;
aes_cnt_cipher_t* aes_new_cipher(void);
void aes_free_cipher(aes_cnt_cipher_t *cipher);
void aes_set_key(aes_cnt_cipher_t *cipher, const char *key, int key_bits);
void aes_crypt(aes_cnt_cipher_t *cipher, const char *input, size_t len, char *output);
void aes_crypt(aes_cnt_cipher_t *cipher, const char *input, size_t len,
char *output);
uint64_t aes_get_counter(aes_cnt_cipher_t *cipher);
void aes_set_counter(aes_cnt_cipher_t *cipher, uint64_t counter);
void aes_adjust_counter(aes_cnt_cipher_t *cipher, long delta);

33
src/common/compat.c
View File

@ -2,7 +2,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson */
/* See LICENSE for licensing information */
/* $Id$ */
const char compat_c_id[] = "$Id$";
const char compat_c_id[] =
"$Id$";
/**
* \file compat.c
@ -150,13 +151,15 @@ tor_vsnprintf(char *str, size_t size, const char *format, va_list args)
* Requires that nlen be greater than zero.
*/
const void *
tor_memmem(const void *_haystack, size_t hlen, const void *_needle, size_t nlen)
tor_memmem(const void *_haystack, size_t hlen,
const void *_needle, size_t nlen)
{
#if defined(HAVE_MEMMEM) && (!defined(__GNUC__) || __GNUC__ >= 2)
tor_assert(nlen);
return memmem(_haystack, hlen, _needle, nlen);
#else
/* This isn't as fast as the GLIBC implementation, but it doesn't need to be. */
/* This isn't as fast as the GLIBC implementation, but it doesn't need to
* be. */
const char *p, *end;
const char *haystack = (const char*)_haystack;
const char *needle = (const char*)_needle;
@ -463,7 +466,8 @@ set_max_file_descriptors(unsigned long limit, unsigned long cap)
return -1;
}
if (rlim.rlim_max < limit) {
warn(LD_CONFIG,"We need %lu file descriptors available, and we're limited to %lu. Please change your ulimit -n.",
warn(LD_CONFIG,"We need %lu file descriptors available, and we're "
"limited to %lu. Please change your ulimit -n.",
limit, (unsigned long)rlim.rlim_max);
return -1;
}
@ -538,7 +542,8 @@ switch_id(char *user, char *group)
return 0;
#endif
err(LD_CONFIG,"User or group specified, but switching users is not supported.");
err(LD_CONFIG,
"User or group specified, but switching users is not supported.");
return -1;
}
@ -722,9 +727,11 @@ get_uname(void)
{ VER_SUITE_ENTERPRISE, " {enterprise}" },
{ VER_SUITE_EMBEDDEDNT, " {embedded}" },
{ VER_SUITE_PERSONAL, " {personal}" },
{ VER_SUITE_SINGLEUSERTS, " {terminal services, single user}" },
{ VER_SUITE_SINGLEUSERTS,
" {terminal services, single user}" },
{ VER_SUITE_SMALLBUSINESS, " {small business}" },
{ VER_SUITE_SMALLBUSINESS_RESTRICTED, " {small business, restricted}" },
{ VER_SUITE_SMALLBUSINESS_RESTRICTED,
" {small business, restricted}" },
{ VER_SUITE_TERMINAL, " {terminal services}" },
{ 0, NULL },
};
@ -751,14 +758,14 @@ get_uname(void)
if (info.dwMajorVersion > 6 ||
(info.dwMajorVersion==6 && info.dwMinorVersion>0))
tor_snprintf(uname_result, sizeof(uname_result),
"Very recent version of Windows [major=%d,minor=%d] %s",
(int)info.dwMajorVersion,(int)info.dwMinorVersion,
info.szCSDVersion);
"Very recent version of Windows [major=%d,minor=%d] %s",
(int)info.dwMajorVersion,(int)info.dwMinorVersion,
info.szCSDVersion);
else
tor_snprintf(uname_result, sizeof(uname_result),
"Unrecognized version of Windows [major=%d,minor=%d] %s",
(int)info.dwMajorVersion,(int)info.dwMinorVersion,
info.szCSDVersion);
"Unrecognized version of Windows [major=%d,minor=%d] %s",
(int)info.dwMajorVersion,(int)info.dwMinorVersion,
info.szCSDVersion);
}
if (info.wProductType == VER_NT_DOMAIN_CONTROLLER) {
strlcat(uname_result, " [domain controller]", sizeof(uname_result));

6
src/common/compat.h
View File

@ -180,7 +180,8 @@ int network_init(void);
#define ERRNO_IS_EINPROGRESS(e) ((e) == WSAEINPROGRESS)
/** Return true if e is EINPROGRESS or the local equivalent as returned by
* a call to connect(). */
#define ERRNO_IS_CONN_EINPROGRESS(e) ((e) == WSAEINPROGRESS || (e)== WSAEINVAL || (e) == WSAEWOULDBLOCK)
#define ERRNO_IS_CONN_EINPROGRESS(e) \
((e) == WSAEINPROGRESS || (e)== WSAEINVAL || (e) == WSAEWOULDBLOCK)
/** Return true if e is EAGAIN or another error indicating that a call to
* accept() has no pending connections to return. */
#define ERRNO_IS_ACCEPT_EAGAIN(e) ERRNO_IS_EAGAIN(e)
@ -232,7 +233,8 @@ void spawn_exit(void);
#if defined(ENABLE_THREADS) && defined(MS_WINDOWS)
#define USE_WIN32_THREADS
#define TOR_IS_MULTITHREADED 1
#elif defined(ENABLE_THREADS) && defined(HAVE_PTHREAD_H) && defined(HAVE_PTHREAD_CREATE)
#elif (defined(ENABLE_THREADS) && defined(HAVE_PTHREAD_H) && \
defined(HAVE_PTHREAD_CREATE))
#define USE_PTHREADS
#define TOR_IS_MULTITHREADED 1
#else

8
src/common/container.c
View File

@ -2,7 +2,8 @@
Copyright 2004-2005 Roger Dingledine, Nick Mathewson */
/* See LICENSE for licensing information */
/* $Id$ */
const char container_c_id[] = "$Id$";
const char container_c_id[] =
"$Id$";
/**
* \file container.c
@ -807,8 +808,9 @@ digestmap_iter_done(digestmap_iter_t *iter)
return iter == NULL;
}
/** Remove all entries from <b>map</b>, and deallocate storage for those entries.
* If free_val is provided, it is invoked on every value in <b>map</b>.
/** Remove all entries from <b>map</b>, and deallocate storage for those
* entries. If free_val is provided, it is invoked on every value in
* <b>map</b>.
*/
void
strmap_free(strmap_t *map, void (*free_val)(void*))

3
src/common/container.h
View File

@ -5,7 +5,8 @@
#ifndef __CONTAINER_H
#define __CONTAINER_H
#define CONTAINER_H_ID "$Id$"
#define CONTAINER_H_ID \
"$Id$"
#include "compat.h"
#include "util.h"

45
src/common/crypto.c
View File

@ -2,7 +2,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson */
/* See LICENSE for licensing information */
/* $Id$ */
const char crypto_c_id[] = "$Id$";
const char crypto_c_id[] =
"$Id$";
/**
* \file crypto.c
@ -167,7 +168,8 @@ crypto_log_errors(int severity, const char *doing)
func = (const char*)ERR_func_error_string(err);
if (!msg) msg = "(null)";
if (doing) {
log(severity, LD_CRYPTO, "crypto error while %s: %s (in %s:%s)", doing, msg, lib, func);
log(severity, LD_CRYPTO, "crypto error while %s: %s (in %s:%s)",
doing, msg, lib, func);
} else {
log(severity, LD_CRYPTO, "crypto error: %s (in %s:%s)", msg, lib, func);
}
@ -456,7 +458,8 @@ crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,
* <b>keyfile</b> into <b>env</b>. Return 0 on success, -1 on failure.
*/
int
crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *keyfile)
crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env,
const char *keyfile)
{
char *contents;
int r;
@ -487,7 +490,8 @@ crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *keyfi
* failure, return -1.
*/
int
crypto_pk_write_public_key_to_string(crypto_pk_env_t *env, char **dest, size_t *len)
crypto_pk_write_public_key_to_string(crypto_pk_env_t *env, char **dest,
size_t *len)
{
BUF_MEM *buf;
BIO *b;
@ -525,7 +529,8 @@ crypto_pk_write_public_key_to_string(crypto_pk_env_t *env, char **dest, size_t *
* failure.
*/
int
crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src, size_t len)
crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src,
size_t len)
{
BIO *b;
@ -770,7 +775,8 @@ crypto_pk_public_checksig(crypto_pk_env_t *env, char *to,
tor_assert(env);
tor_assert(from);
tor_assert(to);
r = RSA_public_decrypt(fromlen, (unsigned char*)from, (unsigned char*)to, env->key, RSA_PKCS1_PADDING);
r = RSA_public_decrypt(fromlen, (unsigned char*)from, (unsigned char*)to,
env->key, RSA_PKCS1_PADDING);
if (r<0) {
crypto_log_errors(LOG_WARN, "checking RSA signature");
@ -830,7 +836,8 @@ crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
/* Not a private key */
return -1;
r = RSA_private_encrypt(fromlen, (unsigned char*)from, (unsigned char*)to, env->key, RSA_PKCS1_PADDING);
r = RSA_private_encrypt(fromlen, (unsigned char*)from, (unsigned char*)to,
env->key, RSA_PKCS1_PADDING);
if (r<0) {
crypto_log_errors(LOG_WARN, "generating RSA signature");
return -1;
@ -950,9 +957,11 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
pkeylen = crypto_pk_keysize(env);
if (fromlen <= pkeylen) {
return crypto_pk_private_decrypt(env,to,from,fromlen,padding,warnOnFailure);
return crypto_pk_private_decrypt(env,to,from,fromlen,padding,
warnOnFailure);
}
outlen = crypto_pk_private_decrypt(env,buf,from,pkeylen,padding,warnOnFailure);
outlen = crypto_pk_private_decrypt(env,buf,from,pkeylen,padding,
warnOnFailure);
if (outlen<0) {
log_fn(warnOnFailure?LOG_WARN:LOG_DEBUG, LD_CRYPTO,
"Error decrypting public-key data");
@ -1397,7 +1406,8 @@ crypto_dh_generate_public(crypto_dh_env_t *dh)
return -1;
}
if (tor_check_dh_key(dh->dh->pub_key)<0) {
warn(LD_CRYPTO, "Weird! Our own DH key was invalid. I guess once-in-the-universe chances really do happen. Trying again.");
warn(LD_CRYPTO, "Weird! Our own DH key was invalid. I guess once-in-"
"the-universe chances really do happen. Trying again.");
/* Free and clear the keys, so openssl will actually try again. */
BN_free(dh->dh->pub_key);
BN_free(dh->dh->priv_key);
@ -1425,7 +1435,8 @@ crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey, size_t pubkey_len)
bytes = BN_num_bytes(dh->dh->pub_key);
tor_assert(bytes >= 0);
if (pubkey_len < (size_t)bytes) {
warn(LD_CRYPTO, "Weird! pubkey_len (%d) was smaller than DH_BYTES (%d)", (int) pubkey_len, bytes);
warn(LD_CRYPTO, "Weird! pubkey_len (%d) was smaller than DH_BYTES (%d)",
(int) pubkey_len, bytes);
return -1;
}
@ -1627,7 +1638,8 @@ crypto_seed_rng(void)
#ifdef MS_WINDOWS
if (!provider_set) {
if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT)) {
if (GetLastError() != NTE_BAD_KEYSET) {
warn(LD_CRYPTO, "Can't get CryptoAPI provider [1]");
return rand_poll_status ? 0 : -1;
@ -1649,7 +1661,8 @@ crypto_seed_rng(void)
n = read_all(fd, buf, sizeof(buf), 0);
close(fd);
if (n != sizeof(buf)) {
warn(LD_CRYPTO, "Error reading from entropy source (read only %d bytes).", n);
warn(LD_CRYPTO,
"Error reading from entropy source (read only %d bytes).", n);
return -1;
}
RAND_seed(buf, sizeof(buf));
@ -1729,7 +1742,8 @@ base64_encode(char *dest, size_t destlen, const char *src, size_t srclen)
return -1;
EVP_EncodeInit(&ctx);
EVP_EncodeUpdate(&ctx, (unsigned char*)dest, &len, (unsigned char*)src, srclen);
EVP_EncodeUpdate(&ctx, (unsigned char*)dest, &len,
(unsigned char*)src, srclen);
EVP_EncodeFinal(&ctx, (unsigned char*)(dest+len), &ret);
ret += len;
return ret;
@ -1758,7 +1772,8 @@ base64_decode(char *dest, size_t destlen, const char *src, size_t srclen)
return -1;
EVP_DecodeInit(&ctx);
EVP_DecodeUpdate(&ctx, (unsigned char*)dest, &len, (unsigned char*)src, srclen);
EVP_DecodeUpdate(&ctx, (unsigned char*)dest, &len,
(unsigned char*)src, srclen);
EVP_DecodeFinal(&ctx, (unsigned char*)dest, &ret);
ret += len;
return ret;

15
src/common/crypto.h
View File

@ -61,7 +61,8 @@ crypto_pk_env_t *crypto_new_pk_env(void);
void crypto_free_pk_env(crypto_pk_env_t *env);
/* convenience function: wraps crypto_create_crypto_env, set_key, and init. */
crypto_cipher_env_t *crypto_create_init_cipher(const char *key, int encrypt_mode);
crypto_cipher_env_t *crypto_create_init_cipher(const char *key,
int encrypt_mode);
crypto_cipher_env_t *crypto_new_cipher_env(void);
void crypto_free_cipher_env(crypto_cipher_env_t *env);
@ -69,10 +70,14 @@ void crypto_free_cipher_env(crypto_cipher_env_t *env);
/* public key crypto */
int crypto_pk_generate_key(crypto_pk_env_t *env);
int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *keyfile);
int crypto_pk_write_public_key_to_string(crypto_pk_env_t *env, char **dest, size_t *len);
int crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src, size_t len);
int crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env, const char *fname);
int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env,
const char *keyfile);
int crypto_pk_write_public_key_to_string(crypto_pk_env_t *env,
char **dest, size_t *len);
int crypto_pk_read_public_key_from_string(crypto_pk_env_t *env,
const char *src, size_t len);
int crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
const char *fname);
int crypto_pk_DER64_encode_public_key(crypto_pk_env_t *env, char **dest);
crypto_pk_env_t *crypto_pk_DER64_decode_public_key(const char *in);

3
src/common/ht.h
View File

@ -333,7 +333,8 @@ ht_string_hash(const char *s)
}
#endif
#define HT_GENERATE(name, type, field, hashfn, eqfn, load, mallocfn, reallocfn, freefn) \
#define HT_GENERATE(name, type, field, hashfn, eqfn, load, mallocfn, \
reallocfn, freefn) \
static unsigned name##_PRIMES[] = { \
53, 97, 193, 389, \
769, 1543, 3079, 6151, \

3
src/common/log.c
View File

@ -364,7 +364,8 @@ close_log(logfile_t *victim)
/** Add a log handler to send all messages of severity <b>loglevel</b>
* or higher to <b>stream</b>. */
void
add_stream_log(int loglevelMin, int loglevelMax, const char *name, FILE *stream)
add_stream_log(int loglevelMin, int loglevelMax,
const char *name, FILE *stream)
{
logfile_t *lf;
lf = tor_malloc_zero(sizeof(logfile_t));

9
src/common/log.h
View File

@ -18,7 +18,8 @@
#include <syslog.h>
#define LOG_WARN LOG_WARNING
#if LOG_DEBUG < LOG_ERR
#error "Your syslog.h thinks high numbers are more important. We aren't prepared to deal with that."
#error "Your syslog.h thinks high numbers are more important. " \
"We aren't prepared to deal with that."
#endif
#else
/* XXXX Note: The code was originally written to refer to severities,
@ -94,7 +95,8 @@ typedef void (*log_callback)(int severity, uint32_t domain, const char *msg);
int parse_log_level(const char *level);
const char *log_level_to_string(int level);
void add_stream_log(int severityMin, int severityMax, const char *name, FILE *stream);
void add_stream_log(int severityMin, int severityMax, const char *name,
FILE *stream);
int add_file_log(int severityMin, int severityMax, const char *filename);
#ifdef HAVE_SYSLOG_H
int add_syslog_log(int loglevelMin, int loglevelMax);
@ -112,7 +114,8 @@ void change_callback_log_severity(int loglevelMin, int loglevelMax,
log_callback cb);
/* Outputs a message to stdout */
void _log(int severity, uint32_t domain, const char *format, ...) CHECK_PRINTF(3,4);
void _log(int severity, uint32_t domain, const char *format, ...)
CHECK_PRINTF(3,4);
#define log _log /* hack it so we don't conflict with log() as much */
#ifdef __GNUC__

3
src/common/torgzip.c
View File

@ -2,7 +2,8 @@
/* Copyright 2004-2005 Roger Dingledine, Nick Mathewson */
/* See LICENSE for licensing information */
/* $Id$ */
const char torgzip_c_id[] = "$Id$";
const char torgzip_c_id[] =
"$Id$";
/**
* \file torgzip.c

47
src/common/tortls.c
View File

@ -2,7 +2,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson */
/* See LICENSE for licensing information */
/* $Id$ */
const char tortls_c_id[] = "$Id$";
const char tortls_c_id[] =
"$Id$";
/**
* \file tortls.c
@ -23,7 +24,8 @@ const char tortls_c_id[] = "$Id$";
#include <string.h>
/* Copied from or.h */
#define LEGAL_NICKNAME_CHARACTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
#define LEGAL_NICKNAME_CHARACTERS \
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
#include <assert.h>
#include <openssl/ssl.h>
@ -53,7 +55,8 @@ struct tor_tls_t {
} state; /**< The current SSL state, depending on which operations have
* completed successfully. */
int isServer;
size_t wantwrite_n; /**< 0 normally, >0 if we returned wantwrite last time. */
size_t wantwrite_n; /**< 0 normally, >0 if we returned wantwrite last
* time. */
};
static X509* tor_tls_create_certificate(crypto_pk_env_t *rsa,
@ -91,7 +94,8 @@ tls_log_errors(int severity, const char *doing)
func = (const char*)ERR_func_error_string(err);
if (!msg) msg = "(null)";
if (doing) {
log(severity, LD_NET, "TLS error while %s: %s (in %s:%s)", doing, msg, lib,func);
log(severity, LD_NET, "TLS error while %s: %s (in %s:%s)",
doing, msg, lib,func);
} else {
log(severity, LD_NET, "TLS error: %s (in %s:%s)", msg, lib, func);
}
@ -130,7 +134,8 @@ tor_tls_get_error(tor_tls_t *tls, int r, int extra,
log(severity, LD_NET, "TLS error: unexpected close while %s", doing);
else {
int e = tor_socket_errno(tls->socket);
log(severity, LD_NET, "TLS error: <syscall error while %s> (errno=%d: %s)",
log(severity, LD_NET,
"TLS error: <syscall error while %s> (errno=%d: %s)",
doing, e, tor_socket_strerror(e));
}
tls_log_errors(severity, doing);
@ -226,23 +231,29 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa,
if (!(name = X509_NAME_new()))
goto error;
if ((nid = OBJ_txt2nid("organizationName")) == NID_undef) goto error;
if ((nid = OBJ_txt2nid("organizationName")) == NID_undef)
goto error;
if (!(X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC,
(unsigned char*)"TOR", -1, -1, 0))) goto error;
(unsigned char*)"TOR", -1, -1, 0)))
goto error;
if ((nid = OBJ_txt2nid("commonName")) == NID_undef) goto error;
if (!(X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC,
(unsigned char*)cname, -1, -1, 0))) goto error;
(unsigned char*)cname, -1, -1, 0)))
goto error;
if (!(X509_set_subject_name(x509, name)))
goto error;
if (!(name_issuer = X509_NAME_new()))
goto error;
if ((nid = OBJ_txt2nid("organizationName")) == NID_undef) goto error;
if ((nid = OBJ_txt2nid("organizationName")) == NID_undef)
goto error;
if (!(X509_NAME_add_entry_by_NID(name_issuer, nid, MBSTRING_ASC,
(unsigned char*)"TOR", -1, -1, 0))) goto error;
(unsigned char*)"TOR", -1, -1, 0)))
goto error;
if ((nid = OBJ_txt2nid("commonName")) == NID_undef) goto error;
if (!(X509_NAME_add_entry_by_NID(name_issuer, nid, MBSTRING_ASC,
(unsigned char*)cname_sign, -1, -1, 0))) goto error;
(unsigned char*)cname_sign, -1, -1, 0)))
goto error;
if (!(X509_set_issuer_name(x509, name_issuer)))
goto error;
@ -658,10 +669,11 @@ tor_tls_get_peer_cert_nickname(tor_tls_t *tls, char *buf, size_t buflen)
if (lenout == -1)
goto error;
if (((int)strspn(buf, LEGAL_NICKNAME_CHARACTERS)) < lenout) {
warn(LD_PROTOCOL, "Peer certificate nickname \"%s\" has illegal characters.",
buf);
warn(LD_PROTOCOL,
"Peer certificate nickname \"%s\" has illegal characters.", buf);
if (strchr(buf, '.'))
warn(LD_PROTOCOL, " (Maybe it is not really running Tor at its advertised OR port.)");
warn(LD_PROTOCOL, " (Maybe it is not really running Tor at its "
"advertised OR port.)");
goto error;
}
@ -709,7 +721,9 @@ log_cert_lifetime(X509 *cert, const char *problem)
strftime(mytime, 32, "%b %d %H:%M:%S %Y GMT", tor_gmtime_r(&now, &tm));
warn(LD_GENERAL, "(certificate lifetime runs from %s through %s. Your time is %s.)",s1,s2,mytime);
warn(LD_GENERAL,
"(certificate lifetime runs from %s through %s. Your time is %s.)",
s1,s2,mytime);
end:
/* Not expected to get invoked */
@ -749,7 +763,8 @@ tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_env_t **identity_key)
* cert and the id_cert.
*/
if (num_in_chain < 1) {
log_fn(severity,LD_PROTOCOL,"Unexpected number of certificates in chain (%d)",
log_fn(severity,LD_PROTOCOL,
"Unexpected number of certificates in chain (%d)",
num_in_chain);
goto done;
}

36
src/common/util.c
View File

@ -101,10 +101,12 @@ const char util_c_id[] = "$Id$";
#else
#define dmalloc_strdup(file, line, string, xalloc_b) strdup(string)
#define dmalloc_malloc(file, line, size, func_id, alignment, xalloc_b) malloc(size)
#define dmalloc_malloc(file, line, size, func_id, alignment, xalloc_b) \
malloc(size)
#define DMALLOC_FUNC_MALLOC 0
#define dmalloc_realloc(file, line, old_pnt, new_size, func_id, xalloc_b) realloc((old_pnt), (new_size))
#define dmalloc_realloc(file, line, old_pnt, new_size, func_id, xalloc_b) \
realloc((old_pnt), (new_size))
#define DMALLOC_FUNC_REALLOC 0
#define DMALLOC_FN_ARGS
#endif
@ -921,7 +923,8 @@ check_private_dir(const char *dirname, cpd_check_t check)
pw = getpwuid(st.st_uid);
log(LOG_WARN, LD_FS, "%s is not owned by this user (%s, %d) but by %s (%d). Perhaps you are running Tor as the wrong user?",
log(LOG_WARN, LD_FS, "%s is not owned by this user (%s, %d) but by "
"%s (%d). Perhaps you are running Tor as the wrong user?",
dirname, process_ownername, (int)getuid(),
pw ? pw->pw_name : "<unknown>", (int)st.st_uid);
@ -942,8 +945,8 @@ check_private_dir(const char *dirname, cpd_check_t check)
return 0;
}
/** Create a file named <b>fname</b> with the contents <b>str</b>. Overwrite the
* previous <b>fname</b> if possible. Return 0 on success, -1 on failure.
/** Create a file named <b>fname</b> with the contents <b>str</b>. Overwrite
* the previous <b>fname</b> if possible. Return 0 on success, -1 on failure.
*
* This function replaces the old file atomically, if possible.
*/
@ -989,18 +992,21 @@ write_chunks_to_file_impl(const char *fname, const smartlist_t *chunks,
{
result = write_all(fd, chunk->bytes, chunk->len, 0);
if (result < 0 || (size_t)result != chunk->len) {
log(LOG_WARN, LD_FS, "Error writing to \"%s\": %s", tempname, strerror(errno));
log(LOG_WARN, LD_FS, "Error writing to \"%s\": %s", tempname,
strerror(errno));
close(fd);
goto err;
}
});
if (close(fd)) {
log(LOG_WARN, LD_FS, "Error flushing to \"%s\": %s", tempname, strerror(errno));
log(LOG_WARN, LD_FS, "Error flushing to \"%s\": %s", tempname,
strerror(errno));
goto err;
}
if (!(open_flags & O_APPEND)) {
if (replace_file(tempname, fname)) {
log(LOG_WARN, LD_FS, "Error replacing \"%s\": %s", fname, strerror(errno));
log(LOG_WARN, LD_FS, "Error replacing \"%s\": %s", fname,
strerror(errno));
goto err;
}
}
@ -1108,8 +1114,9 @@ read_file_to_str(const char *filename, int bin)
}
#ifdef MS_WINDOWS
if (!bin && strchr(string, '\r')) {
debug(LD_FS, "We didn't convert CRLF to LF as well as we hoped when reading %s. Coping.",
filename);
debug(LD_FS, "We didn't convert CRLF to LF as well as we hoped "
"when reading %s. Coping.",
filename);
tor_strstrip(string, "\r");
}
#endif
@ -1203,7 +1210,8 @@ expand_filename(const char *filename)
if (filename[1] == '/' || filename[1] == '\0') {
home = getenv("HOME");
if (!home) {
warn(LD_CONFIG, "Couldn't find $HOME environment variable while expanding %s", filename);
warn(LD_CONFIG, "Couldn't find $HOME environment variable while "
"expanding %s", filename);
return NULL;
}
home = tor_strdup(home);
@ -1430,7 +1438,8 @@ parse_addr_and_port_range(const char *s, uint32_t *addr_out,
} else if (tor_inet_aton(address, &in) != 0) {
*addr_out = ntohl(in.s_addr);
} else {
warn(LD_GENERAL, "Malformed IP \"%s\" in address pattern; rejecting.",address);
warn(LD_GENERAL, "Malformed IP \"%s\" in address pattern; rejecting.",
address);
goto err;
}
@ -1445,7 +1454,8 @@ parse_addr_and_port_range(const char *s, uint32_t *addr_out,
if (!*endptr) {
/* strtol handled the whole mask. */
if (bits < 0 || bits > 32) {
warn(LD_GENERAL, "Bad number of mask bits on address range; rejecting.");
warn(LD_GENERAL,
"Bad number of mask bits on address range; rejecting.");
goto err;
}
*mask_out = ~((1<<(32-bits))-1);

59
src/or/buffers.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char buffers_c_id[] = "$Id$";
const char buffers_c_id[] =
"$Id$";
/**
* \file buffers.c
@ -51,7 +52,8 @@ const char buffers_c_id[] = "$Id$";
#define BUFFER_MAGIC 0xB0FFF312u
/** A resizeable buffer, optimized for reading and writing. */
struct buf_t {
uint32_t magic; /**< Magic cookie for debugging: Must be set to BUFFER_MAGIC */
uint32_t magic; /**< Magic cookie for debugging: Must be set to
* BUFFER_MAGIC */
char *mem; /**< Storage for data in the buffer */
char *cur; /**< The first byte used for storing data in the buffer. */
size_t highwater; /**< Largest observed datalen since last buf_shrink */
@ -145,7 +147,8 @@ _split_range(buf_t *buf, char *at, size_t *len,
}
}
/** Change a buffer's capacity. <b>new_capacity</b> must be \>= buf->datalen. */
/** Change a buffer's capacity. <b>new_capacity</b> must be \>=
* buf->datalen. */
static void
buf_resize(buf_t *buf, size_t new_capacity)
{
@ -746,7 +749,8 @@ peek_from_buf(char *string, size_t string_len, buf_t *buf)
* Return the number of bytes still on the buffer. */
tor_assert(string);
tor_assert(string_len <= buf->datalen); /* make sure we don't ask for too much */
/* make sure we don't ask for too much */
tor_assert(string_len <= buf->datalen);
/* assert_buf_ok(buf); */
_split_range(buf, buf->cur, &string_len, &len2);
@ -757,9 +761,9 @@ peek_from_buf(char *string, size_t string_len, buf_t *buf)
}
}
/** Remove <b>string_len</b> bytes from the front of <b>buf</b>, and store them
* into <b>string</b>. Return the new buffer size. <b>string_len</b> must be \<=
* the number of bytes on the buffer.
/** Remove <b>string_len</b> bytes from the front of <b>buf</b>, and store
* them into <b>string</b>. Return the new buffer size. <b>string_len</b>
* must be \<= the number of bytes on the buffer.
*/
int
fetch_from_buf(char *string, size_t string_len, buf_t *buf)
@ -839,7 +843,8 @@ fetch_from_buf_http(buf_t *buf,
int i;
i = atoi(p+strlen(CONTENT_LENGTH));
if (i < 0) {
warn(LD_PROTOCOL, "Content-Length is less than zero; it looks like someone is trying to crash us.");
warn(LD_PROTOCOL, "Content-Length is less than zero; it looks like "
"someone is trying to crash us.");
return -1;
}
contentlen = i;
@ -893,7 +898,8 @@ fetch_from_buf_http(buf_t *buf,
* If <b>log_sockstype</b> is non-zero, then do a notice-level log of whether
* the connection is possibly leaking DNS requests locally or not.
*
* If returning 0 or -1, <b>req->address</b> and <b>req->port</b> are undefined.
* If returning 0 or -1, <b>req->address</b> and <b>req->port</b> are
* undefined.
*/
int
fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
@ -923,7 +929,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
if (buf->datalen < 2u+nummethods)
return 0;
if (!nummethods || !memchr(buf->cur+2, 0, nummethods)) {
warn(LD_APP,"socks5: offered methods don't include 'no auth'. Rejecting.");
warn(LD_APP,
"socks5: offered methods don't include 'no auth'. Rejecting.");
req->replylen = 2; /* 2 bytes of response */
req->reply[0] = 5;
req->reply[1] = '\xFF'; /* reject all methods */
@ -934,7 +941,7 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
req->replylen = 2; /* 2 bytes of response */
req->reply[0] = 5; /* socks5 reply */
req->reply[1] = SOCKS5_SUCCEEDED;
req->socks_version = 5; /* remember that we've already negotiated auth */
req->socks_version = 5; /* remember we've already negotiated auth */
debug(LD_APP,"socks5: accepted method 0");
return 0;
}
@ -960,8 +967,9 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
in.s_addr = htonl(destip);
tor_inet_ntoa(&in,tmpbuf,sizeof(tmpbuf));
if (strlen(tmpbuf)+1 > MAX_SOCKS_ADDR_LEN) {
warn(LD_APP,"socks5 IP takes %d bytes, which doesn't fit in %d. Rejecting.",
(int)strlen(tmpbuf)+1,(int)MAX_SOCKS_ADDR_LEN);
warn(LD_APP,
"socks5 IP takes %d bytes, which doesn't fit in %d. Rejecting.",
(int)strlen(tmpbuf)+1,(int)MAX_SOCKS_ADDR_LEN);
return -1;
}
strlcpy(req->address,tmpbuf,sizeof(req->address));
@ -984,8 +992,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
if (buf->datalen < 7u+len) /* addr/port there? */
return 0; /* not yet */
if (len+1 > MAX_SOCKS_ADDR_LEN) {
warn(LD_APP,"socks5 hostname is %d bytes, which doesn't fit in %d. Rejecting.",
len+1,MAX_SOCKS_ADDR_LEN);
warn(LD_APP, "socks5 hostname is %d bytes, which doesn't fit in "
"%d. Rejecting.", len+1,MAX_SOCKS_ADDR_LEN);
return -1;
}
memcpy(req->address,buf->cur+5,len);
@ -998,7 +1006,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
"for you. This is good.", req->port);
return 1;
default: /* unsupported */
warn(LD_APP,"socks5: unsupported address type %d. Rejecting.",*(buf->cur+3));
warn(LD_APP,"socks5: unsupported address type %d. Rejecting.",
*(buf->cur+3));
return -1;
}
tor_assert(0);
@ -1034,7 +1043,7 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
(int)strlen(tmpbuf));
return -1;
}
debug(LD_APP,"socks4: successfully read destip (%s)", safe_str(tmpbuf));
debug(LD_APP,"socks4: successfully read destip (%s)",safe_str(tmpbuf));
socks4_prot = socks4;
}
@ -1080,7 +1089,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
debug(LD_APP,"socks4: Everything is here. Success.");
strlcpy(req->address, startaddr ? startaddr : tmpbuf,
sizeof(req->address));
buf_remove_from_front(buf, next-buf->cur+1); /* next points to the final \0 on inbuf */
/* next points to the final \0 on inbuf */
buf_remove_from_front(buf, next-buf->cur+1);
return 1;
case 'G': /* get */
@ -1097,12 +1107,14 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
"<body>\n"
"<h1>Tor is not an HTTP Proxy</h1>\n"
"<p>\n"
"It appears you have configured your web browser to use Tor as an HTTP Proxy.\n"
"This is not correct: Tor provides a SOCKS proxy. Please configure your\n"
"client accordingly.\n"
"It appears you have configured your web browser to use Tor as an HTTP proxy."
"\n"
"This is not correct: Tor is a SOCKS proxy, not an HTTP proxy.\n"
"Please configure your client accordingly.\n"
"</p>\n"
"<p>\n"
"See <a href=\"http://tor.eff.org/documentation.html\">http://tor.eff.org/documentation.html</a> for more information.\n"
"See <a href=\"http://tor.eff.org/documentation.html\">"
"http://tor.eff.org/documentation.html</a> for more information.\n"
"<!-- Plus this comment, to make the body response more than 512 bytes, so "
" IE will be willing to display it. Comment comment comment comment "
" comment comment comment comment comment comment comment comment.-->\n"
@ -1113,7 +1125,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
req->replylen = strlen(req->reply)+1;
/* fall through */
default: /* version is not socks4 or socks5 */
warn(LD_APP,"Socks version %d not recognized. (Tor is not an http proxy.)",
warn(LD_APP,
"Socks version %d not recognized. (Tor is not an http proxy.)",
*(buf->cur));
return -1;
}

105
src/or/circuitbuild.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char circuitbuild_c_id[] = "$Id$";
const char circuitbuild_c_id[] =
"$Id$";
/**
* \file circuitbuild.c
@ -23,10 +24,10 @@ extern circuit_t *global_circuitlist;
typedef struct {
char nickname[MAX_NICKNAME_LEN+1];
char identity[DIGEST_LEN];
time_t down_since; /**< 0 if this router is currently up, or the time at which
* it was observed to go down. */
time_t unlisted_since; /**< 0 if this router is currently listed, or the time
* at which it became unlisted */
time_t down_since; /**< 0 if this router is currently up, or the time at
* which it was observed to go down. */
time_t unlisted_since; /**< 0 if this router is currently listed, or the
* time at which it became unlisted */
} helper_node_t;
/** A list of our chosen helper nodes. */
@ -186,9 +187,11 @@ circuit_rep_hist_note_result(circuit_t *circ)
if (router) {
if (prev_digest) {
if (hop->state == CPATH_STATE_OPEN)
rep_hist_note_extend_succeeded(prev_digest, router->cache_info.identity_digest);
rep_hist_note_extend_succeeded(prev_digest,
router->cache_info.identity_digest);
else {
rep_hist_note_extend_failed(prev_digest, router->cache_info.identity_digest);
rep_hist_note_extend_failed(prev_digest,
router->cache_info.identity_digest);
break;
}
}
@ -207,7 +210,8 @@ static void
circuit_dump_details(int severity, circuit_t *circ, int poll_index,
const char *type, int this_circid, int other_circid)
{
log(severity, LD_CIRC, "Conn %d has %s circuit: circID %d (other side %d), state %d (%s), born %d:",
log(severity, LD_CIRC, "Conn %d has %s circuit: circID %d (other side %d), "
"state %d (%s), born %d:",
poll_index, type, this_circid, other_circid, circ->state,
circuit_state_to_string(circ->state), (int)circ->timestamp_created);
if (CIRCUIT_IS_ORIGIN(circ)) { /* circ starts at this node */
@ -278,7 +282,8 @@ again:
circuit_t *
circuit_init(uint8_t purpose, int need_uptime, int need_capacity, int internal)
{
circuit_t *circ = circuit_new(0, NULL); /* sets circ->p_circ_id and circ->p_conn */
/* sets circ->p_circ_id and circ->p_conn */
circuit_t *circ = circuit_new(0, NULL);
circuit_set_state(circ, CIRCUIT_STATE_OR_WAIT);
circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t));
circ->build_state->need_uptime = need_uptime;
@ -366,8 +371,9 @@ circuit_handle_first_hop(circuit_t *circ)
}
debug(LD_CIRC,"connecting in progress (or finished). Good.");
/* return success. The onion/circuit/etc will be taken care of automatically
* (may already have been) whenever n_conn reaches OR_CONN_STATE_OPEN.
/* return success. The onion/circuit/etc will be taken care of
* automatically (may already have been) whenever n_conn reaches
* OR_CONN_STATE_OPEN.
*/
return 0;
} else { /* it's already open. use it. */
@ -407,7 +413,8 @@ circuit_n_conn_done(connection_t *or_conn, int status)
if (!circ->n_conn &&
circ->n_addr == or_conn->addr &&
circ->n_port == or_conn->port &&
!memcmp(or_conn->identity_digest, circ->n_conn_id_digest, DIGEST_LEN)) {
!memcmp(or_conn->identity_digest, circ->n_conn_id_digest,
DIGEST_LEN)) {
if (!status) { /* or_conn failed; close circ */
info(LD_CIRC,"or_conn failed. Closing circ.");
circuit_mark_for_close(circ);
@ -420,15 +427,17 @@ circuit_n_conn_done(connection_t *or_conn, int status)
circ->n_conn = or_conn;
if (CIRCUIT_IS_ORIGIN(circ)) {
if (circuit_send_next_onion_skin(circ) < 0) {
info(LD_CIRC,"send_next_onion_skin failed; circuit marked for closing.");
info(LD_CIRC,
"send_next_onion_skin failed; circuit marked for closing.");
circuit_mark_for_close(circ);
continue;
/* XXX could this be bad, eg if next_onion_skin failed because conn died? */
/* XXX could this be bad, eg if next_onion_skin failed because conn
* died? */
}
} else {
/* pull the create cell out of circ->onionskin, and send it */
tor_assert(circ->onionskin);
if (circuit_deliver_create_cell(circ,CELL_CREATE,circ->onionskin) < 0) {
if (circuit_deliver_create_cell(circ,CELL_CREATE,circ->onionskin)<0) {
circuit_mark_for_close(circ);
continue;
}
@ -605,7 +614,8 @@ circuit_send_next_onion_skin(circuit_t *circ)
*(uint16_t*)(payload+4) = htons(hop->extend_info->port);
onionskin = payload+2+4;
memcpy(payload+2+4+ONIONSKIN_CHALLENGE_LEN, hop->extend_info->identity_digest, DIGEST_LEN);
memcpy(payload+2+4+ONIONSKIN_CHALLENGE_LEN,
hop->extend_info->identity_digest, DIGEST_LEN);
payload_len = 2+4+ONIONSKIN_CHALLENGE_LEN+DIGEST_LEN;
if (onion_skin_create(hop->extend_info->onion_key,
@ -632,7 +642,8 @@ circuit_send_next_onion_skin(circuit_t *circ)
void
circuit_note_clock_jumped(int seconds_elapsed)
{
log(LOG_NOTICE, LD_GENERAL,"Your clock just jumped %d seconds forward; assuming established circuits no longer work.", seconds_elapsed);
log(LOG_NOTICE, LD_GENERAL,"Your clock just jumped %d seconds forward; "
"assuming established circuits no longer work.", seconds_elapsed);
has_completed_circuit=0; /* so it'll log when it works again */
circuit_mark_all_unused_circs();
}
@ -708,8 +719,9 @@ circuit_extend(cell_t *cell, circuit_t *circ)
}
debug(LD_CIRC,"connecting in progress (or finished). Good.");
}
/* return success. The onion/circuit/etc will be taken care of automatically
* (may already have been) whenever n_conn reaches OR_CONN_STATE_OPEN.
/* return success. The onion/circuit/etc will be taken care of
* automatically (may already have been) whenever n_conn reaches
* OR_CONN_STATE_OPEN.
*/
return 0;
}
@ -748,15 +760,11 @@ circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data, int reverse)
tor_assert(!(cpath->f_crypto || cpath->b_crypto ||
cpath->f_digest || cpath->b_digest));
// log_fn(LOG_DEBUG,"hop init digest forward 0x%.8x, backward 0x%.8x.",
// (unsigned int)*(uint32_t*)key_data, (unsigned int)*(uint32_t*)(key_data+20));
cpath->f_digest = crypto_new_digest_env();
crypto_digest_add_bytes(cpath->f_digest, key_data, DIGEST_LEN);
cpath->b_digest = crypto_new_digest_env();
crypto_digest_add_bytes(cpath->b_digest, key_data+DIGEST_LEN, DIGEST_LEN);
// log_fn(LOG_DEBUG,"hop init cipher forward 0x%.8x, backward 0x%.8x.",
// (unsigned int)*(uint32_t*)(key_data+40), (unsigned int)*(uint32_t*)(key_data+40+16));
if (!(cpath->f_crypto =
crypto_create_init_cipher(key_data+(2*DIGEST_LEN),1))) {
warn(LD_BUG,"Bug: forward cipher initialization failed.");
@ -982,7 +990,8 @@ new_route_len(double cw, uint8_t purpose, extend_info_t *exit,
num_acceptable_routers = count_acceptable_routers(routers);
if (num_acceptable_routers < 2) {
info(LD_CIRC,"Not enough acceptable routers (%d). Discarding this circuit.",
info(LD_CIRC,
"Not enough acceptable routers (%d). Discarding this circuit.",
num_acceptable_routers);
return -1;
}
@ -1125,7 +1134,7 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
* don't know the IP address of the pending connection.)
*/
n_supported = tor_malloc(sizeof(int)*smartlist_len(dir->routers));
for (i = 0; i < smartlist_len(dir->routers); ++i) { /* iterate over routers */
for (i = 0; i < smartlist_len(dir->routers); ++i) {/* iterate over routers */
router = smartlist_get(dir->routers, i);
if (router_is_me(router)) {
n_supported[i] = -1;
@ -1137,8 +1146,9 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
}
if (!router->is_running) {
n_supported[i] = -1;
// log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- directory says it's not running.",
// router->nickname, i);
// log_fn(LOG_DEBUG,
// "Skipping node %s (index %d) -- directory says it's not running.",
// router->nickname, i);
continue; /* skip routers that are known to be down */
}
if (router_is_unreliable(router, need_uptime, need_capacity)) {
@ -1163,7 +1173,8 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
if (smartlist_len(preferredentries)==1 &&
router == (routerinfo_t*)smartlist_get(preferredentries, 0)) {
n_supported[i] = -1;
// log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- it's our only preferred entry node.", router->nickname, i);
// log_fn(LOG_DEBUG, "Skipping node %s (index %d) -- it's our only "
// "preferred entry node.", router->nickname, i);
continue;
}
n_supported[i] = 0;
@ -1191,7 +1202,8 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
++n_best_support;
}
}
info(LD_CIRC, "Found %d servers that might support %d/%d pending connections.",
info(LD_CIRC,
"Found %d servers that might support %d/%d pending connections.",
n_best_support, best_support, n_pending_connections);
preferredexits = smartlist_create();
@ -1223,12 +1235,14 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
if (best_support == -1) {
if (need_uptime || need_capacity) {
info(LD_CIRC, "We couldn't find any live%s%s routers; falling back to list of all routers.",
info(LD_CIRC, "We couldn't find any live%s%s routers; falling back "
"to list of all routers.",
need_capacity?", fast":"",
need_uptime?", stable":"");
return choose_good_exit_server_general(dir, 0, 0);
}
notice(LD_CIRC, "All routers are down or middleman -- choosing a doomed exit at random.");
notice(LD_CIRC, "All routers are down or middleman -- choosing a "
"doomed exit at random.");
}
for (try = 0; try < 2; try++) {
/* try once to pick only from routers that satisfy a needed port,
@ -1237,7 +1251,8 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
router = smartlist_get(dir->routers, i);
if (n_supported[i] != -1 &&
(try || router_handles_some_port(router, needed_ports))) {
// log_fn(LOG_DEBUG,"Try %d: '%s' is a possibility.", try, router->nickname);
// log_fn(LOG_DEBUG,"Try %d: '%s' is a possibility.",
// try, router->nickname);
smartlist_add(sl, router);
}
}
@ -1292,11 +1307,12 @@ choose_good_exit_server(uint8_t purpose, routerlist_t *dir,
NULL, need_uptime, need_capacity,
get_options()->_AllowUnverified & ALLOW_UNVERIFIED_MIDDLE, 0);
else
return choose_good_exit_server_general(dir, need_uptime, need_capacity);
return choose_good_exit_server_general(dir,need_uptime,need_capacity);
case CIRCUIT_PURPOSE_C_ESTABLISH_REND:
return router_choose_random_node(options->RendNodes, options->RendExcludeNodes,
NULL, need_uptime, need_capacity,
options->_AllowUnverified & ALLOW_UNVERIFIED_RENDEZVOUS, 0);
return router_choose_random_node(
options->RendNodes, options->RendExcludeNodes,
NULL, need_uptime, need_capacity,
options->_AllowUnverified & ALLOW_UNVERIFIED_RENDEZVOUS, 0);
}
warn(LD_BUG,"Bug: unhandled purpose %d", purpose);
tor_fragile_assert();
@ -1386,7 +1402,7 @@ count_acceptable_routers(smartlist_t *routers)
n = smartlist_len(routers);
for (i=0;i<n;i++) {
r = smartlist_get(routers, i);
// log_fn(LOG_DEBUG,"Contemplating whether router %d (%s) is a new option...",
// log_fn(LOG_DEBUG,"Contemplating whether router %d (%s) is a new option.",
// i, r->nickname);
if (r->is_running == 0) {
// log_fn(LOG_DEBUG,"Nope, the directory says %d is not running.",i);
@ -1454,7 +1470,8 @@ choose_good_middle_server(uint8_t purpose,
routerlist_add_family(excluded, r);
}
}
choice = router_choose_random_node(NULL, get_options()->ExcludeNodes, excluded,
choice = router_choose_random_node(
NULL, get_options()->ExcludeNodes, excluded,
state->need_uptime, state->need_capacity,
get_options()->_AllowUnverified & ALLOW_UNVERIFIED_MIDDLE, 0);
smartlist_free(excluded);
@ -1502,7 +1519,8 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state)
}
// XXX we should exclude busy exit nodes here, too,
// but only if there are enough other nodes available.
choice = router_choose_random_node(options->EntryNodes, options->ExcludeNodes,
choice = router_choose_random_node(
options->EntryNodes, options->ExcludeNodes,
excluded, state ? state->need_uptime : 1,
state ? state->need_capacity : 1,
options->_AllowUnverified & ALLOW_UNVERIFIED_ENTRY,
@ -1570,7 +1588,8 @@ onion_extend_cpath(uint8_t purpose, crypt_path_t **head_ptr,
}
if (!info) {
warn(LD_CIRC,"Failed to find node for hop %d of our path. Discarding this circuit.", cur_len);
warn(LD_CIRC,"Failed to find node for hop %d of our path. Discarding "
"this circuit.", cur_len);
return -1;
}
@ -1724,7 +1743,8 @@ clear_helper_nodes(void)
void
helper_nodes_free_all(void)
{
/* Don't call clear_helper_nodes(); that will flush our state change to disk */
/* Don't call clear_helper_nodes(); that will flush our state change to
* disk. */
if (helper_nodes) {
SMARTLIST_FOREACH(helper_nodes, helper_node_t *, h, tor_free(h));
smartlist_free(helper_nodes);
@ -1877,7 +1897,8 @@ helper_node_set_status(const char *digest, int succeeded)
helper->down_since = time(NULL);
warn(LD_CIRC,
"Connection to helper node '%s' failed. %d/%d helpers usable.",
helper->nickname, num_live_helpers(), smartlist_len(helper_nodes));
helper->nickname, num_live_helpers(),
smartlist_len(helper_nodes));
helper_nodes_changed();
}
}

28
src/or/circuitlist.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char circuitlist_c_id[] = "$Id$";
const char circuitlist_c_id[] =
"$Id$";
/**
* \file circuitlist.c
@ -37,8 +38,8 @@ typedef struct orconn_circid_circuit_map_t {
circuit_t *circuit;
} orconn_circid_circuit_map_t;
/** Helper for hash tables: compare the OR connection and circuit ID for a and b,
* and return less than, equal to, or greater than zero appropriately.
/** Helper for hash tables: compare the OR connection and circuit ID for a and
* b, and return less than, equal to, or greater than zero appropriately.
*/
static INLINE int
_orconn_circid_entries_eq(orconn_circid_circuit_map_t *a,
@ -53,7 +54,8 @@ _orconn_circid_entry_hash(orconn_circid_circuit_map_t *a)
return (((unsigned)a->circ_id)<<16) ^ (unsigned)(uintptr_t)(a->or_conn);
}
static HT_HEAD(orconn_circid_map, orconn_circid_circuit_map_t) orconn_circid_circuit_map = HT_INITIALIZER();
static HT_HEAD(orconn_circid_map, orconn_circid_circuit_map_t)
orconn_circid_circuit_map = HT_INITIALIZER();
HT_PROTOTYPE(orconn_circid_map, orconn_circid_circuit_map_t, node,
_orconn_circid_entry_hash, _orconn_circid_entries_eq);
HT_GENERATE(orconn_circid_map, orconn_circid_circuit_map_t, node,
@ -242,7 +244,8 @@ circuit_new(uint16_t p_circ_id, connection_t *p_conn)
if (p_conn) {
circuit_set_circid_orconn(circ, p_circ_id, p_conn, P_CONN_CHANGED);
}
/* circ->n_circ_id remains 0 because we haven't identified the next hop yet */
/* circ->n_circ_id remains 0 because we haven't identified the next hop
* yet */
circ->package_window = CIRCWINDOW_START;
circ->deliver_window = CIRCWINDOW_START;
@ -562,8 +565,9 @@ circuit_find_to_cannibalize(uint8_t purpose, extend_info_t *info,
circuit_t *circ;
circuit_t *best=NULL;
debug(LD_CIRC,"Hunting for a circ to cannibalize: purpose %d, uptime %d, capacity %d, internal %d",
purpose, need_uptime, need_capacity, internal);
debug(LD_CIRC,"Hunting for a circ to cannibalize: purpose %d, uptime %d, "
"capacity %d, internal %d",
purpose, need_uptime, need_capacity, internal);
for (circ=global_circuitlist; circ; circ = circ->next) {
if (CIRCUIT_IS_ORIGIN(circ) &&
@ -685,7 +689,8 @@ _circuit_mark_for_close(circuit_t *circ, int line, const char *file)
tor_assert(circ->state == CIRCUIT_STATE_OPEN);
tor_assert(circ->build_state->chosen_exit);
/* treat this like getting a nack from it */
info(LD_REND,"Failed intro circ %s to %s (awaiting ack). Removing from descriptor.",
info(LD_REND, "Failed intro circ %s to %s (awaiting ack). "
"Removing from descriptor.",
safe_str(circ->rend_query),
safe_str(build_state_get_exit_nickname(circ->build_state)));
rend_client_remove_intro_point(circ->build_state->chosen_exit,
@ -702,8 +707,8 @@ _circuit_mark_for_close(circuit_t *circ, int line, const char *file)
if (!conn->marked_for_close) {
/* The other side will see a DESTROY, and infer that the connections
* are closing because the circuit is getting torn down. No need
* to send an end cell*/
conn->has_sent_end = 1; /* we're closing the circuit, nothing to send to */
* to send an end cell. */
conn->has_sent_end = 1;
connection_mark_for_close(conn);
}
conn->on_circuit = NULL;
@ -793,7 +798,8 @@ assert_circuit_ok(const circuit_t *c)
if (c->n_conn) {
tor_assert(c->n_conn->type == CONN_TYPE_OR);
tor_assert(!memcmp(c->n_conn->identity_digest, c->n_conn_id_digest, DIGEST_LEN));
tor_assert(!memcmp(c->n_conn->identity_digest, c->n_conn_id_digest,
DIGEST_LEN));
if (c->n_circ_id)
tor_assert(c == circuit_get_by_circid_orconn(c->n_circ_id, c->n_conn));
}

103
src/or/circuituse.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char circuituse_c_id[] = "$Id$";
const char circuituse_c_id[] =
"$Id$";
/**
* \file circuituse.c
@ -53,7 +54,8 @@ circuit_is_acceptable(circuit_t *circ, connection_t *conn,
circ->purpose != CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED &&
circ->purpose != CIRCUIT_PURPOSE_C_REND_JOINED)
return 0;
} else if (purpose == CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT && !must_be_open) {
} else if (purpose == CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT &&
!must_be_open) {
if (circ->purpose != CIRCUIT_PURPOSE_C_INTRODUCING &&
circ->purpose != CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT)
return 0;
@ -206,12 +208,14 @@ circuit_expire_building(time_t now)
if (victim->purpose >= CIRCUIT_PURPOSE_C_INTRODUCING &&
victim->purpose <= CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED) {
if (!victim->timestamp_dirty)
log_fn(LOG_DEBUG,"Considering %sopen purp %d to %s (circid %d). (clean).",
log_fn(LOG_DEBUG,"Considering %sopen purp %d to %s (circid %d)."
"(clean).",
victim->state == CIRCUIT_STATE_OPEN ? "" : "non",
victim->purpose, victim->build_state->chosen_exit_name,
victim->n_circ_id);
else
log_fn(LOG_DEBUG,"Considering %sopen purp %d to %s (circid %d). %d secs since dirty.",
log_fn(LOG_DEBUG,"Considering %sopen purp %d to %s (circid %d). "
"%d secs since dirty.",
victim->state == CIRCUIT_STATE_OPEN ? "" : "non",
victim->purpose, victim->build_state->chosen_exit_name,
victim->n_circ_id,
@ -253,7 +257,8 @@ circuit_expire_building(time_t now)
if (victim->n_conn)
info(LD_CIRC,"Abandoning circ %s:%d:%d (state %d:%s, purpose %d)",
victim->n_conn->address, victim->n_port, victim->n_circ_id,
victim->state, circuit_state_to_string(victim->state), victim->purpose);
victim->state, circuit_state_to_string(victim->state),
victim->purpose);
else
info(LD_CIRC,"Abandoning circ %d (state %d:%s, purpose %d)",
victim->n_circ_id, victim->state,
@ -315,8 +320,8 @@ circuit_stream_is_being_handled(connection_t *conn, uint16_t port, int min)
if (conn) {
ok = connection_ap_can_use_exit(conn, exitrouter);
} else {
addr_policy_result_t r =
router_compare_addr_to_addr_policy(0, port, exitrouter->exit_policy);
addr_policy_result_t r = router_compare_addr_to_addr_policy(
0, port, exitrouter->exit_policy);
ok = r != ADDR_POLICY_REJECTED && r != ADDR_POLICY_PROBABLY_REJECTED;
}
if (ok) {
@ -380,7 +385,8 @@ circuit_predict_and_launch_new(void)
/* Third, see if we need any more hidden service (server) circuits. */
if (num_rend_services() && num_uptime_internal < 3) {
info(LD_CIRC,"Have %d clean circs (%d internal), need another internal circ for my hidden service.",
info(LD_CIRC,"Have %d clean circs (%d internal), need another internal "
"circ for my hidden service.",
num, num_internal);
circuit_launch_by_router(CIRCUIT_PURPOSE_C_GENERAL, NULL,
1, 1, 1);
@ -392,8 +398,8 @@ circuit_predict_and_launch_new(void)
&hidserv_needs_capacity) &&
((num_uptime_internal<2 && hidserv_needs_uptime) ||
num_internal<2)) {
info(LD_CIRC,"Have %d clean circs (%d uptime-internal, %d internal),"
" need another hidserv circ.", num, num_uptime_internal, num_internal);
info(LD_CIRC,"Have %d clean circs (%d uptime-internal, %d internal), need "
" another hidserv circ.", num, num_uptime_internal, num_internal);
circuit_launch_by_router(CIRCUIT_PURPOSE_C_GENERAL, NULL,
hidserv_needs_uptime, hidserv_needs_capacity, 1);
return;
@ -557,8 +563,9 @@ circuit_expire_old_circuits(void)
circ->timestamp_dirty + get_options()->MaxCircuitDirtiness < now &&
CIRCUIT_IS_ORIGIN(circ) &&
!circ->p_streams /* nothing attached */ ) {
debug(LD_CIRC,"Closing n_circ_id %d (dirty %d secs ago, purp %d)",
circ->n_circ_id, (int)(now - circ->timestamp_dirty), circ->purpose);
debug(LD_CIRC, "Closing n_circ_id %d (dirty %d secs ago, purp %d)",
circ->n_circ_id, (int)(now - circ->timestamp_dirty),
circ->purpose);
/* (only general and purpose_c circs can get dirty) */
tor_assert(!circ->n_streams);
tor_assert(circ->purpose <= CIRCUIT_PURPOSE_C_REND_JOINED);
@ -597,7 +604,8 @@ circuit_testing_failed(circuit_t *circ, int at_last_hop)
circuit_launch_by_router(CIRCUIT_PURPOSE_TESTING, me, 0, 1, 1);
else
#endif
info(LD_GENERAL,"Our testing circuit (to see if your ORPort is reachable) has failed. I'll try again later.");
info(LD_GENERAL,"Our testing circuit (to see if your ORPort is reachable) "
"has failed. I'll try again later.");
}
/** The circuit <b>circ</b> has just become open. Take the next
@ -662,7 +670,8 @@ circuit_build_failed(circuit_t *circ)
/* We failed at the first hop. If there's an OR connection
to blame, blame it. */
if (circ->n_conn) {
info(LD_OR, "Our circuit failed to get a response from the first hop (%s:%d). I'm going to try to rotate to a better connection.",
info(LD_OR, "Our circuit failed to get a response from the first hop "
"(%s:%d). I'm going to try to rotate to a better connection.",
circ->n_conn->address, circ->n_conn->port);
circ->n_conn->is_obsolete = 1;
helper_node_set_status(circ->n_conn->identity_digest, 0);
@ -741,8 +750,8 @@ circuit_launch_by_router(uint8_t purpose, routerinfo_t *exit,
extend_info_t *info = NULL;
if (exit)
info = extend_info_from_router(exit);
circ = circuit_launch_by_extend_info(purpose, info, need_uptime, need_capacity,
internal);
circ = circuit_launch_by_extend_info(
purpose, info, need_uptime, need_capacity, internal);
if (info)
extend_info_free(info);
return circ;
@ -792,7 +801,8 @@ circuit_launch_by_extend_info(uint8_t purpose, extend_info_t *extend_info,
return NULL;
break;
default:
warn(LD_BUG, "Bug: unexpected purpose %d when cannibalizing a circ.", purpose);
warn(LD_BUG, "Bug: unexpected purpose %d when cannibalizing a circ.",
purpose);
tor_fragile_assert();
return NULL;
}
@ -807,7 +817,8 @@ circuit_launch_by_extend_info(uint8_t purpose, extend_info_t *extend_info,
return NULL;
}
/* try a circ. if it fails, circuit_mark_for_close will increment n_circuit_failures */
/* try a circ. if it fails, circuit_mark_for_close will increment
* n_circuit_failures */
return circuit_establish_circuit(purpose, extend_info,
need_uptime, need_capacity, internal);
}
@ -890,13 +901,14 @@ circuit_get_open_circ_or_launch(connection_t *conn,
if (!has_fetched_directory) {
if (!connection_get_by_type(CONN_TYPE_DIR)) {
notice(LD_APP|LD_DIR,"Application request when we're believed to be offline. Optimistically trying directory fetches again.");
notice(LD_APP|LD_DIR,"Application request when we're believed to be "
"offline. Optimistically trying directory fetches again.");
router_reset_status_download_failures();
router_reset_descriptor_download_failures();
update_networkstatus_downloads(time(NULL));
/* XXXX011 NM This should be a generic "retry all directory fetches". */
directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 1); /*XXXX011NM*/
directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 1);
}
/* the stream will be dealt with when has_fetched_directory becomes
* 1, or when all directory attempts fail and directory_all_unreachable()
@ -913,8 +925,10 @@ circuit_get_open_circ_or_launch(connection_t *conn,
addr = ntohl(in.s_addr);
if (router_exit_policy_all_routers_reject(addr, conn->socks_request->port,
need_uptime)) {
notice(LD_APP,"No Tor server exists that allows exit to %s:%d. Rejecting.",
safe_str(conn->socks_request->address), conn->socks_request->port);
notice(LD_APP,
"No Tor server exists that allows exit to %s:%d. Rejecting.",
safe_str(conn->socks_request->address),
conn->socks_request->port);
return -1;
}
}
@ -930,7 +944,8 @@ circuit_get_open_circ_or_launch(connection_t *conn,
/* need to pick an intro point */
extend_info = rend_client_get_random_intro(conn->rend_query);
if (!extend_info) {
info(LD_REND,"No intro points for '%s': refetching service descriptor.",
info(LD_REND,
"No intro points for '%s': refetching service descriptor.",
safe_str(conn->rend_query));
rend_client_refetch_renddesc(conn->rend_query);
conn->state = AP_CONN_STATE_RENDDESC_WAIT;
@ -996,8 +1011,10 @@ static void
link_apconn_to_circ(connection_t *apconn, circuit_t *circ)
{
/* add it into the linked list of streams on this circuit */
debug(LD_APP|LD_CIRC,"attaching new conn to circ. n_circ_id %d.", circ->n_circ_id);
apconn->timestamp_lastread = time(NULL); /* reset it, so we can measure circ timeouts */
debug(LD_APP|LD_CIRC, "attaching new conn to circ. n_circ_id %d.",
circ->n_circ_id);
/* reset it, so we can measure circ timeouts */
apconn->timestamp_lastread = time(NULL);
apconn->next_stream = circ->p_streams;
apconn->on_circuit = circ;
/* assert_connection_ok(conn, time(NULL)); */
@ -1117,7 +1134,8 @@ connection_ap_handshake_attach_circuit(connection_t *conn)
conn_age = time(NULL) - conn->timestamp_created;
if (conn_age > CONN_AP_MAX_ATTACH_DELAY) {
notice(LD_APP,"Tried for %d seconds to get a connection to %s:%d. Giving up.",
notice(LD_APP,
"Tried for %d seconds to get a connection to %s:%d. Giving up.",
conn_age, safe_str(conn->socks_request->address),
conn->socks_request->port);
return -1;
@ -1134,20 +1152,22 @@ connection_ap_handshake_attach_circuit(connection_t *conn)
return -1;
}
if (!connection_ap_can_use_exit(conn, router)) {
warn(LD_APP, "Requested exit point '%s' would refuse request. Closing.",
warn(LD_APP,"Requested exit point '%s' would refuse request. Closing.",
conn->chosen_exit_name);
return -1;
}
}
/* find the circuit that we should use, if there is one. */
retval = circuit_get_open_circ_or_launch(conn, CIRCUIT_PURPOSE_C_GENERAL, &circ);
retval = circuit_get_open_circ_or_launch(
conn, CIRCUIT_PURPOSE_C_GENERAL, &circ);
if (retval < 1)
return retval;
debug(LD_APP|LD_CIRC,"Attaching apconn to circ %d (stream %d sec old).",
circ->n_circ_id, conn_age);
/* here, print the circ's path. so people can figure out which circs are sucking. */
/* here, print the circ's path. so people can figure out which circs are
* sucking. */
circuit_log_path(LOG_INFO,LD_APP|LD_CIRC,circ);
/* We have found a suitable circuit for our conn. Hurray. */
@ -1160,7 +1180,8 @@ connection_ap_handshake_attach_circuit(connection_t *conn)
/* start by finding a rendezvous circuit for us */
retval = circuit_get_open_circ_or_launch(conn, CIRCUIT_PURPOSE_C_REND_JOINED, &rendcirc);
retval = circuit_get_open_circ_or_launch(
conn, CIRCUIT_PURPOSE_C_REND_JOINED, &rendcirc);
if (retval < 0) return -1; /* failed */
if (retval > 0) {
@ -1181,7 +1202,8 @@ connection_ap_handshake_attach_circuit(connection_t *conn)
return 1;
}
if (rendcirc && rendcirc->purpose == CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED) {
if (rendcirc && (rendcirc->purpose ==
CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED)) {
info(LD_REND,
"pending-join circ %d already here, with intro ack. "
"Stalling. (stream %d sec old)",
@ -1190,27 +1212,31 @@ connection_ap_handshake_attach_circuit(connection_t *conn)
}
/* it's on its way. find an intro circ. */
retval = circuit_get_open_circ_or_launch(conn, CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, &introcirc);
retval = circuit_get_open_circ_or_launch(
conn, CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, &introcirc);
if (retval < 0) return -1; /* failed */
if (retval > 0) {
/* one has already sent the intro. keep waiting. */
tor_assert(introcirc);
info(LD_REND,
"Intro circ %d present and awaiting ack (rend %d). Stalling. (stream %d sec old)",
info(LD_REND, "Intro circ %d present and awaiting ack (rend %d). "
"Stalling. (stream %d sec old)",
introcirc->n_circ_id, rendcirc ? rendcirc->n_circ_id : 0, conn_age);
return 0;
}
/* now rendcirc and introcirc are each either undefined or not finished */
if (rendcirc && introcirc && rendcirc->purpose == CIRCUIT_PURPOSE_C_REND_READY) {
info(LD_REND,"ready rend circ %d already here (no intro-ack yet on intro %d). (stream %d sec old)",
if (rendcirc && introcirc &&
rendcirc->purpose == CIRCUIT_PURPOSE_C_REND_READY) {
info(LD_REND,"ready rend circ %d already here (no intro-ack yet on "
"intro %d). (stream %d sec old)",
rendcirc->n_circ_id, introcirc->n_circ_id, conn_age);
tor_assert(introcirc->purpose == CIRCUIT_PURPOSE_C_INTRODUCING);
if (introcirc->state == CIRCUIT_STATE_OPEN) {
info(LD_REND,"found open intro circ %d (rend %d); sending introduction. (stream %d sec old)",
info(LD_REND,"found open intro circ %d (rend %d); sending "
"introduction. (stream %d sec old)",
introcirc->n_circ_id, rendcirc->n_circ_id, conn_age);
if (rend_client_send_introduction(introcirc, rendcirc) < 0) {
return -1;
@ -1223,7 +1249,8 @@ connection_ap_handshake_attach_circuit(connection_t *conn)
}
}
info(LD_REND, "Intro (%d) and rend (%d) circs are not both ready. Stalling conn. (%d sec old)",
info(LD_REND, "Intro (%d) and rend (%d) circs are not both ready. "
"Stalling conn. (%d sec old)",
introcirc ? introcirc->n_circ_id : 0,
rendcirc ? rendcirc->n_circ_id : 0, conn_age);
return 0;

41
src/or/command.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char command_c_id[] = "$Id$";
const char command_c_id[] =
"$Id$";
/**
* \file command.c
@ -81,7 +82,8 @@ command_process_cell(cell_t *cell, connection_t *conn)
if (now > current_second) { /* the second has rolled over */
/* print stats */
info(LD_OR,"At end of second: %d creates (%d ms), %d createds (%d ms), %d relays (%d ms), %d destroys (%d ms)",
info(LD_OR,"At end of second: %d creates (%d ms), %d createds (%d ms), "
"%d relays (%d ms), %d destroys (%d ms)",
num_create, create_time/1000,
num_created, created_time/1000,
num_relay, relay_time/1000,
@ -150,18 +152,20 @@ command_process_cell(cell_t *cell, connection_t *conn)
}
}
/** Process a 'create' <b>cell</b> that just arrived from <b>conn</b>. Make a new circuit
* with the p_circ_id specified in cell. Put the circuit in state
* onionskin_pending, and pass the onionskin to the cpuworker. Circ will
* get picked up again when the cpuworker finishes decrypting it.
/** Process a 'create' <b>cell</b> that just arrived from <b>conn</b>. Make a
* new circuit with the p_circ_id specified in cell. Put the circuit in state
* onionskin_pending, and pass the onionskin to the cpuworker. Circ will get
* picked up again when the cpuworker finishes decrypting it.
*/
static void
command_process_create_cell(cell_t *cell, connection_t *conn)
{
circuit_t *circ;
int id_is_high;
if (we_are_hibernating()) {
info(LD_OR,"Received create cell but we're shutting down. Sending back destroy.");
info(LD_OR,"Received create cell but we're shutting down. Sending back "
"destroy.");
connection_send_destroy(cell->circ_id, conn);
return;
}
@ -172,12 +176,15 @@ command_process_create_cell(cell_t *cell, connection_t *conn)
* This can happen because Tor 0.0.9pre5 and earlier decide which
* half to use based on nickname, and we now use identity keys.
*/
if ((cell->circ_id & (1<<15)) && conn->circ_id_type == CIRC_ID_TYPE_HIGHER) {
info(LD_OR, "Got a high circuit ID from %s (%d); switching to low circuit IDs.",
id_is_high = cell->circ_id & (1<<15);
if (id_is_high && conn->circ_id_type == CIRC_ID_TYPE_HIGHER) {
info(LD_OR, "Got a high circuit ID from %s (%d); switching to "
"low circuit IDs.",
conn->nickname ? conn->nickname : "client", conn->s);
conn->circ_id_type = CIRC_ID_TYPE_LOWER;
} else if (!(cell->circ_id & (1<<15)) && conn->circ_id_type == CIRC_ID_TYPE_LOWER) {
info(LD_OR, "Got a low circuit ID from %s (%d); switching to high circuit IDs.",
} else if (!id_is_high && conn->circ_id_type == CIRC_ID_TYPE_LOWER) {
info(LD_OR, "Got a low circuit ID from %s (%d); switching to "
"high circuit IDs.",
conn->nickname ? conn->nickname : "client", conn->s);
conn->circ_id_type = CIRC_ID_TYPE_HIGHER;
}
@ -187,7 +194,8 @@ command_process_create_cell(cell_t *cell, connection_t *conn)
if (circ) {
routerinfo_t *router = router_get_by_digest(conn->identity_digest);
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"received CREATE cell (circID %d) for known circ. Dropping (age %d).",
"received CREATE cell (circID %d) for known circ. "
"Dropping (age %d).",
cell->circ_id, (int)(time(NULL) - conn->timestamp_created));
if (router)
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
@ -245,7 +253,8 @@ command_process_created_cell(cell_t *cell, connection_t *conn)
circ = circuit_get_by_circid_orconn(cell->circ_id, conn);
if (!circ) {
info(LD_OR,"(circID %d) unknown circ (probably got a destroy earlier). Dropping.", cell->circ_id);
info(LD_OR,"(circID %d) unknown circ (probably got a destroy earlier). "
"Dropping.", cell->circ_id);
return;
}
@ -301,13 +310,15 @@ command_process_relay_cell(cell_t *cell, connection_t *conn)
if (cell->circ_id == circ->p_circ_id) { /* it's an outgoing cell */
if (circuit_receive_relay_cell(cell, circ, CELL_DIRECTION_OUT) < 0) {
log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,"circuit_receive_relay_cell (forward) failed. Closing.");
log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,"circuit_receive_relay_cell "
"(forward) failed. Closing.");
circuit_mark_for_close(circ);
return;
}
} else { /* it's an ingoing cell */
if (circuit_receive_relay_cell(cell, circ, CELL_DIRECTION_IN) < 0) {
log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,"circuit_receive_relay_cell (backward) failed. Closing.");
log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,"circuit_receive_relay_cell "
"(backward) failed. Closing.");
circuit_mark_for_close(circ);
return;
}

210
src/or/config.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char config_c_id[] = "$Id$";
const char config_c_id[] = \
"$Id$";
/**
* \file config.c
@ -25,8 +26,8 @@ typedef enum config_type_t {
CONFIG_TYPE_DOUBLE, /**< A floating-point value */
CONFIG_TYPE_BOOL, /**< A boolean value, expressed as 0 or 1. */
CONFIG_TYPE_ISOTIME, /**< An ISO-formated time relative to GMT. */
CONFIG_TYPE_CSV, /**< A list of strings, separated by commas and optional
* whitespace. */
CONFIG_TYPE_CSV, /**< A list of strings, separated by commas and
* optional whitespace. */
CONFIG_TYPE_LINELIST, /**< Uninterpreted config lines */
CONFIG_TYPE_LINELIST_S, /**< Uninterpreted, context-sensitive config lines,
* mixed with other keywords. */
@ -77,20 +78,23 @@ static config_abbrev_t _option_abbrevs[] = {
/** A variable allowed in the configuration file or on the command line. */
typedef struct config_var_t {
const char *name; /**< The full keyword (case insensitive). */
config_type_t type; /**< How to interpret the type and turn it into a value. */
config_type_t type; /**< How to interpret the type and turn it into a
* value. */
off_t var_offset; /**< Offset of the corresponding member of or_options_t. */
const char *initvalue; /**< String (or null) describing initial value. */
const char *description;
} config_var_t;
/** Return the offset of <b>member</b> within the type <b>tp</b>, in bytes */
#define STRUCT_OFFSET(tp, member) ((off_t) (((char*)&((tp*)0)->member)-(char*)0))
#define STRUCT_OFFSET(tp, member) \
((off_t) (((char*)&((tp*)0)->member)-(char*)0))
/** An entry for config_vars: "The option <b>name</b> has type
* CONFIG_TYPE_<b>conftype</b>, and corresponds to
* or_options_t.<b>member</b>"
*/
#define VAR(name,conftype,member,initvalue) \
{ name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_options_t, member), initvalue, NULL }
#define VAR(name,conftype,member,initvalue) \
{ name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_options_t, member), \
initvalue, NULL }
/** An entry for config_vars: "The option <b>name</b> is obsolete." */
#define OBSOLETE(name) { name, CONFIG_TYPE_OBSOLETE, 0, NULL, NULL }
@ -103,7 +107,8 @@ static config_var_t _option_vars[] = {
VAR("AccountingMaxKB", UINT, _AccountingMaxKB, "0"),
VAR("AccountingStart", STRING, AccountingStart, NULL),
VAR("Address", STRING, Address, NULL),
VAR("AllowUnverifiedNodes",CSV, AllowUnverifiedNodes, "middle,rendezvous"),
VAR("AllowUnverifiedNodes",CSV, AllowUnverifiedNodes,
"middle,rendezvous"),
VAR("AssumeReachable", BOOL, AssumeReachable, "0"),
VAR("AuthDirInvalid", LINELIST, AuthDirInvalid, NULL),
VAR("AuthDirReject", LINELIST, AuthDirReject, NULL),
@ -150,7 +155,8 @@ static config_var_t _option_vars[] = {
OBSOLETE("LinkPadding"),
VAR("LogFile", LINELIST_S, OldLogOptions, NULL),
VAR("LogLevel", LINELIST_S, OldLogOptions, NULL),
VAR("LongLivedPorts", CSV, LongLivedPorts, "21,22,706,1863,5050,5190,5222,5223,6667,8300,8888"),
VAR("LongLivedPorts", CSV, LongLivedPorts,
"21,22,706,1863,5050,5190,5222,5223,6667,8300,8888"),
VAR("MapAddress", LINELIST, AddressMap, NULL),
VAR("MaxAdvertisedBandwidth",MEMUNIT,MaxAdvertisedBandwidth,"128 TB"),
VAR("MaxCircuitDirtiness", INTERVAL, MaxCircuitDirtiness, "10 minutes"),
@ -205,14 +211,16 @@ static config_var_t _option_vars[] = {
};
#undef VAR
#define VAR(name,conftype,member,initvalue) \
{ name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_state_t, member), initvalue, NULL }
#define VAR(name,conftype,member,initvalue) \
{ name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_state_t, member), \
initvalue, NULL }
static config_var_t _state_vars[] = {
VAR("AccountingBytesReadInterval", MEMUNIT, AccountingBytesReadInInterval,NULL),
VAR("AccountingBytesReadInterval", MEMUNIT, AccountingBytesReadInInterval,
NULL),
VAR("AccountingBytesWrittenInInterval", MEMUNIT,
AccountingBytesWrittenInInterval, NULL),
VAR("AccountingExpectedUsage", MEMUNIT, AccountingExpectedUsage, NULL),
VAR("AccountingIntervalStart", ISOTIME, AccountingIntervalStart, NULL),
VAR("AccountingIntervalStart", ISOTIME, AccountingIntervalStart, NULL),
VAR("AccountingSecondsActive", INTERVAL, AccountingSecondsActive, NULL),
VAR("HelperNode", LINELIST_S, HelperNodes, NULL),
VAR("HelperNodeDownSince", LINELIST_S, HelperNodes, NULL),
@ -264,7 +272,8 @@ typedef struct {
#define CHECK(fmt, cfg) do { \
tor_assert(fmt && cfg); \
tor_assert((fmt)->magic == *(uint32_t*)(((char*)(cfg))+fmt->magic_offset)); \
tor_assert((fmt)->magic == \
*(uint32_t*)(((char*)(cfg))+fmt->magic_offset)); \
} while (0)
/** Largest allowed config line */
@ -278,7 +287,8 @@ static void option_reset(config_format_t *fmt, or_options_t *options,
config_var_t *var, int use_defaults);
static void config_free(config_format_t *fmt, void *options);
static int option_is_same(config_format_t *fmt,
or_options_t *o1, or_options_t *o2, const char *name);
or_options_t *o1, or_options_t *o2,
const char *name);
static or_options_t *options_dup(config_format_t *fmt, or_options_t *old);
static int options_validate(or_options_t *old_options,
or_options_t *options);
@ -438,9 +448,11 @@ static void
add_default_trusted_dirservers(void)
{
const char *dirservers[] = {
"moria1 v1 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441",
"moria2 v1 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF",
"tor26 v1 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D" };
"moria1 v1 18.244.0.188:9031 "
"FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441",
"moria2 v1 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF",
"tor26 v1 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D"
};
parse_dir_server_line(dirservers[0], 0);
parse_dir_server_line(dirservers[1], 0);
parse_dir_server_line(dirservers[2], 0);
@ -677,7 +689,8 @@ options_act(or_options_t *old_options)
/* Since our options changed, we might need to regenerate and upload our
* server descriptor.
*/
if (!old_options || options_transition_affects_descriptor(old_options, options))
if (!old_options ||
options_transition_affects_descriptor(old_options, options))
mark_my_descriptor_dirty();
return 0;
@ -906,7 +919,8 @@ config_assign_value(config_format_t *fmt, or_options_t *options,
i = tor_parse_long(c->value, 10, 0, INT_MAX, &ok, NULL);
if (!ok) {
log(LOG_WARN, LD_CONFIG,
"Int keyword '%s %s' is malformed or out of bounds.", c->key, c->value);
"Int keyword '%s %s' is malformed or out of bounds.",
c->key, c->value);
return -1;
}
*(int *)lvalue = i;
@ -987,8 +1001,8 @@ config_assign_value(config_format_t *fmt, or_options_t *options,
}
/** If <b>c</b> is a syntactically valid configuration line, update
* <b>options</b> with its value and return 0. Otherwise return -1 for bad key,
* -2 for bad value.
* <b>options</b> with its value and return 0. Otherwise return -1 for bad
* key, -2 for bad value.
*
* If <b>clear_first</b> is set, clear the value first. Then if
* <b>use_defaults</b> is set, set the value to the default.
@ -1083,7 +1097,8 @@ config_lines_dup(const config_line_t *inp)
}
static config_line_t *
get_assigned_option(config_format_t *fmt, or_options_t *options, const char *key)
get_assigned_option(config_format_t *fmt, or_options_t *options,
const char *key)
{
config_var_t *var;
const void *value;
@ -1153,13 +1168,15 @@ get_assigned_option(config_format_t *fmt, or_options_t *options, const char *key
break;
case CONFIG_TYPE_CSV:
if (*(smartlist_t**)value)
result->value = smartlist_join_strings(*(smartlist_t**)value,",",0,NULL);
result->value =
smartlist_join_strings(*(smartlist_t**)value, ",", 0, NULL);
else
result->value = tor_strdup("");
break;
case CONFIG_TYPE_OBSOLETE:
warn(LD_CONFIG,
"You asked me for the value of an obsolete config option '%s'.", key);
"You asked me for the value of an obsolete config option '%s'.",
key);
tor_free(result->key);
tor_free(result);
return NULL;
@ -1375,13 +1392,14 @@ print_usage(void)
/**
* Based on <b>options-\>Address</b>, guess our public IP address and put it
* (in host order) into *<b>addr_out</b>. If <b>hostname_out</b> is provided, set
* *<b>hostname_out</b> to a new string holding the hostname we used to get
* the address. Return 0 if all is well, or -1 if we can't find a suitable
* (in host order) into *<b>addr_out</b>. If <b>hostname_out</b> is provided,
* set *<b>hostname_out</b> to a new string holding the hostname we used to
* get the address. Return 0 if all is well, or -1 if we can't find a suitable
* public IP address.
*/
int
resolve_my_address(or_options_t *options, uint32_t *addr_out, char **hostname_out)
resolve_my_address(or_options_t *options, uint32_t *addr_out,
char **hostname_out)
{
struct in_addr in;
struct hostent *rent;
@ -1412,7 +1430,8 @@ resolve_my_address(or_options_t *options, uint32_t *addr_out, char **hostname_ou
explicit_ip = 0;
rent = (struct hostent *)gethostbyname(hostname);
if (!rent) {
warn(LD_CONFIG,"Could not resolve local Address '%s'. Failing.",hostname);
warn(LD_CONFIG,"Could not resolve local Address '%s'. Failing.",
hostname);
return -1;
}
tor_assert(rent->h_length == 4);
@ -1423,17 +1442,19 @@ resolve_my_address(or_options_t *options, uint32_t *addr_out, char **hostname_ou
if (is_internal_IP(htonl(in.s_addr), 0) && !options->NoPublish) {
/* make sure we're ok with publishing an internal IP */
if (!options->DirServers) {
/* if they are using the default dirservers, disallow internal IPs always. */
/* if they are using the default dirservers, disallow internal IPs
* always. */
warn(LD_CONFIG,"Address '%s' resolves to private IP '%s'. "
"Tor servers that use the default DirServers must have public IP addresses.",
"Tor servers that use the default DirServers must have public "
"IP addresses.",
hostname, tmpbuf);
return -1;
}
if (!explicit_ip) {
/* even if they've set their own dirservers, require an explicit IP if
* they're using an internal address. */
warn(LD_CONFIG,"Address '%s' resolves to private IP '%s'. "
"Please set the Address config option to be the IP you want to use.",
warn(LD_CONFIG,"Address '%s' resolves to private IP '%s'. Please "
"set the Address config option to be the IP you want to use.",
hostname, tmpbuf);
return -1;
}
@ -1451,8 +1472,8 @@ resolve_my_address(or_options_t *options, uint32_t *addr_out, char **hostname_ou
return 0;
}
/** Called when we don't have a nickname set. Try to guess a good
* nickname based on the hostname, and return it in a newly allocated string. */
/** Called when we don't have a nickname set. Try to guess a good nickname
* based on the hostname, and return it in a newly allocated string. */
static char *
get_default_nickname(void)
{
@ -1744,7 +1765,8 @@ options_validate(or_options_t *old_options, or_options_t *options)
int result = 0;
config_line_t *cl;
addr_policy_t *addr_policy=NULL;
#define REJECT(arg) do { log(LOG_WARN, LD_CONFIG, arg); result = -1; } while (0)
#define REJECT(arg) \
do { log(LOG_WARN, LD_CONFIG, arg); result = -1; } while (0)
#define COMPLAIN(arg) do { log(LOG_WARN, LD_CONFIG, arg); } while (0)
if (options->ORPort < 0 || options->ORPort > 65535)
@ -1793,7 +1815,9 @@ options_validate(or_options_t *old_options, or_options_t *options)
}
} else {
if (!is_legal_nickname(options->Nickname)) {
log(LOG_WARN, LD_CONFIG, "Nickname '%s' is wrong length or contains illegal characters.", options->Nickname);
log(LOG_WARN, LD_CONFIG,
"Nickname '%s' is wrong length or contains illegal characters.",
options->Nickname);
result = -1;
}
}
@ -1851,7 +1875,7 @@ options_validate(or_options_t *old_options, or_options_t *options)
if (!options->ContactInfo)
REJECT("Authoritative directory servers must set ContactInfo");
if (!options->RecommendedVersions)
REJECT("Authoritative directory servers must configure RecommendedVersions.");
REJECT("Authoritative directory servers must set RecommendedVersions.");
if (!options->RecommendedClientVersions)
options->RecommendedClientVersions =
config_lines_dup(options->RecommendedVersions);
@ -1874,13 +1898,15 @@ options_validate(or_options_t *old_options, or_options_t *options)
REJECT("You cannot set both AuthoritativeDir and NoPublish.");
if (options->ConnLimit <= 0) {
log(LOG_WARN, LD_CONFIG,"ConnLimit must be greater than 0, but was set to %d",
log(LOG_WARN, LD_CONFIG,
"ConnLimit must be greater than 0, but was set to %d",
options->ConnLimit);
result = -1;
}
if (options->_AccountingMaxKB) {
log(LOG_WARN, LD_CONFIG, "AccountingMaxKB is deprecated. Say 'AccountingMax %d KB' instead.", options->_AccountingMaxKB);
log(LOG_WARN, LD_CONFIG, "AccountingMaxKB is deprecated. "
"Say 'AccountingMax %d KB' instead.", options->_AccountingMaxKB);
options->AccountingMax = U64_LITERAL(1024)*options->_AccountingMaxKB;
options->_AccountingMaxKB = 0;
}
@ -1914,7 +1940,9 @@ options_validate(or_options_t *old_options, or_options_t *options)
});
new_line->value = smartlist_join_strings(instead,",",0,NULL);
/* These have been deprecated since 0.1.1.5-alpha-cvs */
log(LOG_NOTICE, LD_CONFIG, "Converting FascistFirewall and FirewallPorts config options to new format: \"ReachableAddresses %s\"", new_line->value);
log(LOG_NOTICE, LD_CONFIG, "Converting FascistFirewall and FirewallPorts "
"config options to new format: \"ReachableAddresses %s\"",
new_line->value);
options->ReachableAddresses = new_line;
SMARTLIST_FOREACH(instead, char *, cp, tor_free(cp));
smartlist_free(instead);
@ -1923,7 +1951,7 @@ options_validate(or_options_t *old_options, or_options_t *options)
if (options->ReachableAddresses) {
/* We need to end with a reject *:*, not an implicit accept *:* */
config_line_t **linep = &options->ReachableAddresses;
for(;;) {
for (;;) {
if (!strcmp((*linep)->value, "reject *:*")) /* already there */
break;
linep = &((*linep)->next);
@ -1971,42 +1999,52 @@ options_validate(or_options_t *old_options, or_options_t *options)
if (options->DirFetchPeriod &&
options->DirFetchPeriod < MIN_DIR_FETCH_PERIOD) {
log(LOG_WARN, LD_CONFIG, "DirFetchPeriod option must be at least %d seconds. Clipping.", MIN_DIR_FETCH_PERIOD);
log(LOG_WARN, LD_CONFIG,
"DirFetchPeriod option must be at least %d seconds. Clipping.",
MIN_DIR_FETCH_PERIOD);
options->DirFetchPeriod = MIN_DIR_FETCH_PERIOD;
}
if (options->StatusFetchPeriod &&
options->StatusFetchPeriod < MIN_STATUS_FETCH_PERIOD) {
log(LOG_WARN, LD_CONFIG, "StatusFetchPeriod option must be at least %d seconds. Clipping.", MIN_STATUS_FETCH_PERIOD);
log(LOG_WARN, LD_CONFIG,
"StatusFetchPeriod option must be at least %d seconds. Clipping.",
MIN_STATUS_FETCH_PERIOD);
options->StatusFetchPeriod = MIN_STATUS_FETCH_PERIOD;
}
if (options->RendPostPeriod < MIN_REND_POST_PERIOD) {
log(LOG_WARN,LD_CONFIG,"RendPostPeriod option must be at least %d seconds. Clipping.",
MIN_REND_POST_PERIOD);
log(LOG_WARN,LD_CONFIG,"RendPostPeriod option must be at least %d seconds."
" Clipping.", MIN_REND_POST_PERIOD);
options->RendPostPeriod = MIN_REND_POST_PERIOD;
}
if (options->DirPort && ! options->AuthoritativeDir) {
if (options->DirFetchPeriod > MAX_CACHE_DIR_FETCH_PERIOD) {
log(LOG_WARN, LD_CONFIG, "Caching directory servers must have DirFetchPeriod less than %d seconds. Clipping.", MAX_CACHE_DIR_FETCH_PERIOD);
log(LOG_WARN, LD_CONFIG, "Caching directory servers must have "
"DirFetchPeriod less than %d seconds. Clipping.",
MAX_CACHE_DIR_FETCH_PERIOD);
options->DirFetchPeriod = MAX_CACHE_DIR_FETCH_PERIOD;
}
if (options->StatusFetchPeriod > MAX_CACHE_STATUS_FETCH_PERIOD) {
log(LOG_WARN, LD_CONFIG, "Caching directory servers must have StatusFetchPeriod less than %d seconds. Clipping.",
log(LOG_WARN, LD_CONFIG, "Caching directory servers must have "
"StatusFetchPeriod less than %d seconds. Clipping.",
MAX_CACHE_STATUS_FETCH_PERIOD);
options->StatusFetchPeriod = MAX_CACHE_STATUS_FETCH_PERIOD;
}
}
if (options->DirFetchPeriod > MAX_DIR_PERIOD) {
log(LOG_WARN, LD_CONFIG, "DirFetchPeriod is too large; clipping to %ds.", MAX_DIR_PERIOD);
log(LOG_WARN, LD_CONFIG, "DirFetchPeriod is too large; clipping to %ds.",
MAX_DIR_PERIOD);
options->DirFetchPeriod = MAX_DIR_PERIOD;
}
if (options->StatusFetchPeriod > MAX_DIR_PERIOD) {
log(LOG_WARN, LD_CONFIG, "StatusFetchPeriod is too large; clipping to %ds.", MAX_DIR_PERIOD);
log(LOG_WARN, LD_CONFIG,"StatusFetchPeriod is too large; clipping to %ds.",
MAX_DIR_PERIOD);
options->StatusFetchPeriod = MAX_DIR_PERIOD;
}
if (options->RendPostPeriod > MAX_DIR_PERIOD) {
log(LOG_WARN, LD_CONFIG, "RendPostPeriod is too large; clipping to %ds.", MAX_DIR_PERIOD);
log(LOG_WARN, LD_CONFIG, "RendPostPeriod is too large; clipping to %ds.",
MAX_DIR_PERIOD);
options->RendPostPeriod = MAX_DIR_PERIOD;
}
@ -2051,7 +2089,7 @@ options_validate(or_options_t *old_options, or_options_t *options)
if (options->HttpsProxy) { /* parse it now */
if (parse_addr_port(options->HttpsProxy, NULL,
&options->HttpsProxyAddr, &options->HttpsProxyPort) < 0)
&options->HttpsProxyAddr, &options->HttpsProxyPort) <0)
REJECT("HttpsProxy failed to parse or resolve. Please fix.");
if (options->HttpsProxyPort == 0) { /* give it a default */
options->HttpsProxyPort = 443;
@ -2068,7 +2106,7 @@ options_validate(or_options_t *old_options, or_options_t *options)
REJECT("Bad HashedControlPassword: wrong length or bad encoding");
}
if (options->HashedControlPassword && options->CookieAuthentication)
REJECT("Cannot enable both HashedControlPassword and CookieAuthentication");
REJECT("Cannot set both HashedControlPassword and CookieAuthentication");
if (options->UseHelperNodes && ! options->NumHelperNodes)
REJECT("Cannot enable UseHelperNodes with NumHelperNodes set to 0");
@ -2169,28 +2207,33 @@ options_transition_allowed(or_options_t *old, or_options_t *new_val)
}
if (old->RunAsDaemon != new_val->RunAsDaemon) {
warn(LD_CONFIG,"While Tor is running, changing RunAsDaemon is not allowed. Failing.");
warn(LD_CONFIG,"While Tor is running, changing RunAsDaemon is not allowed."
" Failing.");
return -1;
}
if (strcmp(old->DataDirectory,new_val->DataDirectory)!=0) {
warn(LD_CONFIG,"While Tor is running, changing DataDirectory (\"%s\"->\"%s\") is not allowed. Failing.",
warn(LD_CONFIG,"While Tor is running, changing DataDirectory "
"(\"%s\"->\"%s\") is not allowed. Failing.",
old->DataDirectory, new_val->DataDirectory);
return -1;
}
if (!opt_streq(old->User, new_val->User)) {
warn(LD_CONFIG,"While Tor is running, changing User is not allowed. Failing.");
warn(LD_CONFIG,"While Tor is running, changing User is not allowed. "
"Failing.");
return -1;
}
if (!opt_streq(old->Group, new_val->Group)) {
warn(LD_CONFIG,"While Tor is running, changing Group is not allowed. Failing.");
warn(LD_CONFIG,"While Tor is running, changing Group is not allowed. "
"Failing.");
return -1;
}
if (old->HardwareAccel != new_val->HardwareAccel) {
warn(LD_CONFIG,"While Tor is running, changing HardwareAccel is not allowed. Failing.");
warn(LD_CONFIG,"While Tor is running, changing HardwareAccel is not "
"allowed. Failing.");
return -1;
}
@ -2264,7 +2307,9 @@ get_windows_conf_root(void)
&idl))) {
GetCurrentDirectory(MAX_PATH, path);
is_set = 1;
warn(LD_CONFIG, "I couldn't find your application data folder: are you running an ancient version of Windows 95? Defaulting to \"%s\"", path);
warn(LD_CONFIG, "I couldn't find your application data folder: are you "
"running an ancient version of Windows 95? Defaulting to \"%s\"",
path);
return path;
}
/* Convert the path from an "ID List" (whatever that is!) to a path. */
@ -2500,7 +2545,8 @@ config_register_addressmaps(or_options_t *options)
}
}
} else {
warn(LD_CONFIG,"MapAddress '%s' has too few arguments. Ignoring.", opt->value);
warn(LD_CONFIG,"MapAddress '%s' has too few arguments. Ignoring.",
opt->value);
}
SMARTLIST_FOREACH(elts, char*, cp, tor_free(cp));
smartlist_clear(elts);
@ -2583,7 +2629,8 @@ convert_log_option(or_options_t *options, config_line_t *level_opt,
}
if (file_opt && !strcasecmp(file_opt->key, "LogFile")) {
if (add_single_log_option(options, levelMin, levelMax, "file", file_opt->value) < 0) {
if (add_single_log_option(options, levelMin, levelMax, "file",
file_opt->value) < 0) {
warn(LD_FS, "Cannot write to LogFile \"%s\": %s.", file_opt->value,
strerror(errno));
return -1;
@ -2617,7 +2664,8 @@ options_init_logs(or_options_t *options, int validate_only)
warn(LD_CONFIG, "Bad syntax on Log option 'Log %s'", opt->value);
ok = 0; goto cleanup;
}
if (parse_log_severity_range(smartlist_get(elts,0), &levelMin, &levelMax)) {
if (parse_log_severity_range(smartlist_get(elts,0), &levelMin,
&levelMax)) {
ok = 0; goto cleanup;
}
if (smartlist_len(elts) < 2) { /* only loglevels were provided */
@ -2688,10 +2736,10 @@ add_single_log_option(or_options_t *options, int minSeverity, int maxSeverity,
buf = tor_malloc(len);
if (tor_snprintf(buf, len, "%s%s%s %s%s%s",
log_level_to_string(minSeverity),
maxSeverity == LOG_ERR ? "" : "-",
maxSeverity == LOG_ERR ? "" : log_level_to_string(maxSeverity),
type, fname?" ":"", fname?fname:"")<0) {
log_level_to_string(minSeverity),
maxSeverity == LOG_ERR ? "" : "-",
maxSeverity == LOG_ERR ? "" : log_level_to_string(maxSeverity),
type, fname?" ":"", fname?fname:"")<0) {
warn(LD_BUG, "Normalized log option too long.");
tor_free(buf);
return -1;
@ -2718,7 +2766,7 @@ normalize_log_options(or_options_t *options)
if (opt && !strcasecmp(opt->key, "LogLevel")) {
if (opt->next && (!strcasecmp(opt->next->key, "LogFile") ||
!strcasecmp(opt->next->key, "SysLog"))) {
if (convert_log_option(options, opt, opt->next, options->RunAsDaemon) < 0)
if (convert_log_option(options, opt, opt->next, options->RunAsDaemon)< 0)
return -1;
opt = opt->next->next;
} else if (!opt->next) {
@ -2732,14 +2780,15 @@ normalize_log_options(or_options_t *options)
while (opt) {
if (!strcasecmp(opt->key, "LogLevel")) {
warn(LD_CONFIG, "Two LogLevel options in a row without intervening LogFile or SysLog");
warn(LD_CONFIG, "Two LogLevel options in a row without "
"intervening LogFile or SysLog");
opt = opt->next;
} else {
tor_assert(!strcasecmp(opt->key, "LogFile") ||
!strcasecmp(opt->key, "SysLog"));
if (opt->next && !strcasecmp(opt->next->key, "LogLevel")) {
/* LogFile/SysLog followed by LogLevel */
if (convert_log_option(options,opt->next,opt, options->RunAsDaemon) < 0)
if (convert_log_option(options,opt->next,opt, options->RunAsDaemon) <0)
return -1;
opt = opt->next->next;
} else {
@ -2877,7 +2926,8 @@ config_parse_addr_policy(config_line_t *cfg,
entries = smartlist_create();
for (; cfg; cfg = cfg->next) {
smartlist_split_string(entries, cfg->value, ",", SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
smartlist_split_string(entries, cfg->value, ",",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
if (config_expand_exit_policy_aliases(entries,assume_action)<0) {
r = -1;
continue;
@ -3131,7 +3181,8 @@ validate_data_directory(or_options_t *options)
return 0;
}
#define GENERATED_FILE_PREFIX "# This file was generated by Tor; if you edit it, comments will not be preserved"
#define GENERATED_FILE_PREFIX "# This file was generated by Tor; " \
"if you edit it, comments will not be preserved"
/** Save a configuration file for the configuration in <b>options</b>
* into the file <b>fname</b>. If the file already exists, and
@ -3345,12 +3396,14 @@ init_libevent(void)
#if defined(HAVE_EVENT_GET_VERSION) && defined(HAVE_EVENT_GET_METHOD)
/* Making this a NOTICE for now so we can link bugs to a libevent versions
* or methods better. */
log(LOG_NOTICE, LD_GENERAL, "Initialized libevent version %s using method %s. Good.",
log(LOG_NOTICE, LD_GENERAL,
"Initialized libevent version %s using method %s. Good.",
event_get_version(), event_get_method());
check_libevent_version(event_get_method(), event_get_version(),
get_options()->ORPort != 0);
#else
log(LOG_NOTICE, LD_GENERAL, "Initialized old libevent (version 1.0b or earlier).");
log(LOG_NOTICE, LD_GENERAL,
"Initialized old libevent (version 1.0b or earlier).");
log(LOG_WARN, LD_GENERAL,
"You have a very old version of libevent. It is likely to be buggy; "
"please consider building Tor with a more recent version.");
@ -3401,7 +3454,8 @@ check_libevent_version(const char *m, const char *v, int server)
} else if (slow && server) {
log(LOG_WARN, LD_GENERAL,
"libevent %s can be very slow with %s. "
"When running a server, please use the latest version of libevent.",v,m);
"When running a server, please use the latest version of libevent.",
v,m);
}
}
@ -3410,9 +3464,9 @@ check_libevent_version(const char *m, const char *v, int server)
/* Versioning issues and state: we want to be able to understand old state
* files, and not choke on new ones.
*
* We could preserve all unrecognized variables across invocations, but we could
* screw up order, if their order is significant with respect to existing
* options.
* We could preserve all unrecognized variables across invocations, but we
* could screw up order, if their order is significant with respect to
* existing options.
*
* We could just dump unrecognized variables if you downgrade.
*

85
src/or/connection.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char connection_c_id[] = "$Id$";
const char connection_c_id[] =
"$Id$";
/**
* \file connection.c
@ -200,9 +201,9 @@ connection_unregister(connection_t *conn)
}
}
/** Deallocate memory used by <b>conn</b>. Deallocate its buffers if necessary,
* close its socket if necessary, and mark the directory as dirty if <b>conn</b>
* is an OR or OP connection.
/** Deallocate memory used by <b>conn</b>. Deallocate its buffers if
* necessary, close its socket if necessary, and mark the directory as dirty
* if <b>conn</b> is an OR or OP connection.
*/
static void
_connection_free(connection_t *conn)
@ -237,7 +238,8 @@ _connection_free(connection_t *conn)
tor_close_socket(conn->s);
}
if (conn->type == CONN_TYPE_OR && !tor_digest_is_zero(conn->identity_digest)) {
if (conn->type == CONN_TYPE_OR &&
!tor_digest_is_zero(conn->identity_digest)) {
warn(LD_BUG, "called on OR conn with non-zeroed idenity_digest");
connection_or_remove_from_identity_map(conn);
}
@ -322,8 +324,8 @@ connection_about_to_close_connection(connection_t *conn)
if (CONN_IS_EDGE(conn)) {
if (!conn->has_sent_end) {
warn(LD_BUG,
"Harmless bug: Edge connection (marked at %s:%d) hasn't sent end yet?",
warn(LD_BUG, "Harmless bug: Edge connection (marked at %s:%d) "
"hasn't sent end yet?",
conn->marked_for_close_file, conn->marked_for_close);
tor_fragile_assert();
}
@ -368,7 +370,8 @@ connection_about_to_close_connection(connection_t *conn)
if (conn->socks_request->has_finished == 0) {
/* since conn gets removed right after this function finishes,
* there's no point trying to send back a reply at this point. */
warn(LD_BUG,"Bug: Closing stream (marked at %s:%d) without sending back a socks reply.",
warn(LD_BUG,"Bug: Closing stream (marked at %s:%d) without sending"
" back a socks reply.",
conn->marked_for_close_file, conn->marked_for_close);
} else {
control_event_stream_status(conn, STREAM_EVENT_CLOSED);
@ -472,12 +475,14 @@ connection_expire_held_open(void)
if (now - conn->timestamp_lastwritten >= 15) {
int severity;
if (conn->type == CONN_TYPE_EXIT ||
(conn->type == CONN_TYPE_DIR && conn->purpose == DIR_PURPOSE_SERVER))
(conn->type == CONN_TYPE_DIR &&
conn->purpose == DIR_PURPOSE_SERVER))
severity = LOG_INFO;
else
severity = LOG_NOTICE;
log_fn(severity, LD_NET,
"Giving up on marked_for_close conn that's been flushing for 15s (fd %d, type %s, state %s).",
"Giving up on marked_for_close conn that's been flushing "
"for 15s (fd %d, type %s, state %s).",
conn->s, conn_type_to_string(conn->type),
conn_state_to_string(conn->type, conn->state));
conn->hold_open_until_flushed = 0;
@ -597,7 +602,8 @@ check_sockaddr_in(struct sockaddr *sa, int len, int level)
ok = 0;
}
if (sin->sin_addr.s_addr == 0 || sin->sin_port == 0) {
log_fn(level, LD_NET, "Address for new connection has address/port equal to zero.");
log_fn(level, LD_NET,
"Address for new connection has address/port equal to zero.");
ok = 0;
}
return ok ? 0 : -1;
@ -644,7 +650,8 @@ connection_handle_listener_read(connection_t *conn, int new_type)
connection_mark_for_close(conn);
return -1;
}
debug(LD_NET,"Connection accepted on socket %d (child of fd %d).",news,conn->s);
debug(LD_NET,"Connection accepted on socket %d (child of fd %d).",
news,conn->s);
set_socket_nonblocking(news);
@ -655,7 +662,8 @@ connection_handle_listener_read(connection_t *conn, int new_type)
if (getsockname(news, (struct sockaddr*)addrbuf, &remotelen)<0) {
warn(LD_NET, "getsockname() failed.");
} else {
if (check_sockaddr_in((struct sockaddr*)addrbuf, remotelen, LOG_WARN)<0) {
if (check_sockaddr_in((struct sockaddr*)addrbuf, remotelen,
LOG_WARN) < 0) {
warn(LD_NET,"Something's wrong with this conn. Closing it.");
tor_close_socket(news);
return 0;
@ -1022,9 +1030,11 @@ connection_bucket_write_limit(connection_t *conn)
static void
connection_read_bucket_decrement(connection_t *conn, int num_read)
{
global_read_bucket -= num_read; //tor_assert(global_read_bucket >= 0);
global_read_bucket -= num_read;
//tor_assert(global_read_bucket >= 0);
if (connection_speaks_cells(conn) && conn->state == OR_CONN_STATE_OPEN) {
conn->receiver_bucket -= num_read; //tor_assert(conn->receiver_bucket >= 0);
conn->receiver_bucket -= num_read;
//tor_assert(conn->receiver_bucket >= 0);
}
}
@ -1041,7 +1051,8 @@ connection_consider_empty_buckets(connection_t *conn)
if (connection_speaks_cells(conn) &&
conn->state == OR_CONN_STATE_OPEN &&
conn->receiver_bucket <= 0) {
LOG_FN_CONN(conn, (LOG_DEBUG,LD_NET,"receiver bucket exhausted. Pausing."));
LOG_FN_CONN(conn,
(LOG_DEBUG,LD_NET,"receiver bucket exhausted. Pausing."));
conn->wants_to_read = 1;
connection_stop_reading(conn);
}
@ -1053,8 +1064,9 @@ void
connection_bucket_init(void)
{
or_options_t *options = get_options();
global_read_bucket = (int)options->BandwidthBurst; /* start it at max traffic */
global_write_bucket = (int)options->BandwidthBurst; /* start it at max traffic */
/* start it at max traffic */
global_read_bucket = (int)options->BandwidthBurst;
global_write_bucket = (int)options->BandwidthBurst;
}
/** A second has rolled over; increment buckets appropriately. */
@ -1083,7 +1095,8 @@ connection_bucket_refill(struct timeval *now)
if (connection_receiver_bucket_should_increase(conn)) {
conn->receiver_bucket = conn->bandwidth;
//log_fn(LOG_DEBUG,"Receiver bucket %d now %d.", i, conn->receiver_bucket);
//log_fn(LOG_DEBUG,"Receiver bucket %d now %d.", i,
// conn->receiver_bucket);
}
if (conn->wants_to_read == 1 /* it's marked to turn reading back on now */
@ -1226,22 +1239,26 @@ connection_read_to_buf(connection_t *conn, int *max_to_read)
more_to_read = 0;
}
if (connection_speaks_cells(conn) && conn->state > OR_CONN_STATE_PROXY_READING) {
if (connection_speaks_cells(conn) &&
conn->state > OR_CONN_STATE_PROXY_READING) {
int pending;
if (conn->state == OR_CONN_STATE_HANDSHAKING) {
/* continue handshaking even if global token bucket is empty */
return connection_tls_continue_handshake(conn);
}
debug(LD_NET,"%d: starting, inbuf_datalen %d (%d pending in tls object). at_most %d.",
conn->s,(int)buf_datalen(conn->inbuf),tor_tls_get_pending_bytes(conn->tls), at_most);
debug(LD_NET,"%d: starting, inbuf_datalen %d (%d pending in tls object)."
" at_most %d.",
conn->s,(int)buf_datalen(conn->inbuf),
tor_tls_get_pending_bytes(conn->tls), at_most);
/* else open, or closing */
result = read_to_buf_tls(conn->tls, at_most, conn->inbuf);
switch (result) {
case TOR_TLS_CLOSE:
info(LD_NET,"TLS connection closed on read. Closing. (Nickname %s, address %s",
info(LD_NET,"TLS connection closed on read. Closing. "
"(Nickname %s, address %s",
conn->nickname ? conn->nickname : "not set", conn->address);
return -1;
case TOR_TLS_ERROR:
@ -1397,11 +1414,13 @@ connection_handle_write(connection_t *conn)
max_to_write = connection_bucket_write_limit(conn);
if (connection_speaks_cells(conn) && conn->state > OR_CONN_STATE_PROXY_READING) {
if (connection_speaks_cells(conn) &&
conn->state > OR_CONN_STATE_PROXY_READING) {
if (conn->state == OR_CONN_STATE_HANDSHAKING) {
connection_stop_writing(conn);
if (connection_tls_continue_handshake(conn) < 0) {
connection_close_immediate(conn); /* Don't flush; connection is dead. */
/* Don't flush; connection is dead. */
connection_close_immediate(conn);
connection_mark_for_close(conn);
return -1;
}
@ -1416,7 +1435,8 @@ connection_handle_write(connection_t *conn)
case TOR_TLS_CLOSE:
info(LD_NET,result==TOR_TLS_ERROR?
"tls error. breaking.":"TLS connection closed on flush");
connection_close_immediate(conn); /* Don't flush; connection is dead. */
/* Don't flush; connection is dead. */
connection_close_immediate(conn);
connection_mark_for_close(conn);
return -1;
case TOR_TLS_WANTWRITE:
@ -1563,7 +1583,8 @@ connection_or_exact_get_by_addr_port(uint32_t addr, uint16_t port)
/** Return a connection with given type, address, port, and purpose;
* or NULL if no such connection exists. */
connection_t *
connection_get_by_type_addr_port_purpose(int type, uint32_t addr, uint16_t port,
connection_get_by_type_addr_port_purpose(int type,
uint32_t addr, uint16_t port,
int purpose)
{
int i, n;
@ -1583,8 +1604,8 @@ connection_get_by_type_addr_port_purpose(int type, uint32_t addr, uint16_t port,
return NULL;
}
/** Return the connection with id <b>id</b> if it is not already
* marked for close.
/** Return the connection with id <b>id</b> if it is not already marked for
* close.
*/
connection_t *
connection_get_by_global_id(uint32_t id)
@ -1606,8 +1627,7 @@ connection_get_by_global_id(uint32_t id)
return NULL;
}
/** Return a connection of type <b>type</b> that is not marked for
* close.
/** Return a connection of type <b>type</b> that is not marked for close.
*/
connection_t *
connection_get_by_type(int type)
@ -1670,7 +1690,8 @@ connection_get_by_type_state_lastwritten(int type, int state)
* is non-zero, conn must be of that state too.
*/
connection_t *
connection_get_by_type_state_rendquery(int type, int state, const char *rendquery)
connection_get_by_type_state_rendquery(int type, int state,
const char *rendquery)
{
int i, n;
connection_t *conn;

110
src/or/connection_edge.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char connection_edge_c_id[] = "$Id$";
const char connection_edge_c_id[] =
"$Id$";
/**
* \file connection_edge.c
@ -46,7 +47,8 @@ _connection_mark_unattached_ap(connection_t *conn, int endreason,
if (conn->socks_request->command == SOCKS_COMMAND_CONNECT)
connection_ap_handshake_socks_reply(conn, NULL, 0, socksreason);
else
connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR,0,NULL,-1);
connection_ap_handshake_socks_resolved(conn, RESOLVED_TYPE_ERROR,
0, NULL, -1);
}
_connection_mark_for_close(conn, line, file);
@ -150,7 +152,7 @@ connection_edge_destroy(uint16_t circ_id, connection_t *conn)
if (conn->type == CONN_TYPE_AP) {
connection_mark_unattached_ap(conn, END_STREAM_REASON_DESTROY);
} else {
conn->has_sent_end = 1; /* we're closing the circuit, nothing to send to */
conn->has_sent_end = 1; /* closing the circuit, nothing to send to */
connection_mark_for_close(conn);
conn->hold_open_until_flushed = 1;
}
@ -176,13 +178,15 @@ connection_edge_end(connection_t *conn, char reason, crypt_path_t *cpath_layer)
circuit_t *circ;
if (conn->has_sent_end) {
warn(LD_BUG,"Harmless bug: Calling connection_edge_end (reason %d) on an already ended stream?", reason);
warn(LD_BUG,"Harmless bug: Calling connection_edge_end (reason %d) "
"on an already ended stream?", reason);
tor_fragile_assert();
return -1;
}
if (conn->marked_for_close) {
warn(LD_BUG,"Bug: called on conn that's already marked for close at %s:%d.",
warn(LD_BUG,
"Bug: called on conn that's already marked for close at %s:%d.",
conn->marked_for_close_file, conn->marked_for_close);
return 0;
}
@ -191,7 +195,8 @@ connection_edge_end(connection_t *conn, char reason, crypt_path_t *cpath_layer)
if (reason == END_STREAM_REASON_EXITPOLICY &&
!connection_edge_is_rendezvous_stream(conn)) {
set_uint32(payload+1, htonl(conn->addr));
set_uint32(payload+5, htonl(MAX_DNS_ENTRY_AGE)); /* XXXXfill with a real TTL*/
/* XXXX fill with a real TTL! */
set_uint32(payload+5, htonl(MAX_DNS_ENTRY_AGE));
payload_len += 8;
}
@ -278,12 +283,14 @@ connection_edge_finished_connecting(connection_t *conn)
conn->state = EXIT_CONN_STATE_OPEN;
connection_watch_events(conn, EV_READ); /* stop writing, continue reading */
if (connection_wants_to_flush(conn)) /* in case there are any queued relay cells */
if (connection_wants_to_flush(conn)) /* in case there are any queued relay
* cells */
connection_start_writing(conn);
/* deliver a 'connected' relay cell back through the circuit. */
if (connection_edge_is_rendezvous_stream(conn)) {
if (connection_edge_send_command(conn, circuit_get_by_edge_conn(conn),
RELAY_COMMAND_CONNECTED, NULL, 0, conn->cpath_layer) < 0)
RELAY_COMMAND_CONNECTED, NULL, 0,
conn->cpath_layer) < 0)
return 0; /* circuit is closed, don't continue */
} else {
char connected_payload[8];
@ -299,9 +306,9 @@ connection_edge_finished_connecting(connection_t *conn)
return connection_edge_process_inbuf(conn, 1);
}
/** Find all general-purpose AP streams waiting for a response that sent
* their begin/resolve cell >=15 seconds ago. Detach from their current circuit,
* and mark their current circuit as unsuitable for new streams. Then call
/** Find all general-purpose AP streams waiting for a response that sent their
* begin/resolve cell >=15 seconds ago. Detach from their current circuit, and
* mark their current circuit as unsuitable for new streams. Then call
* connection_ap_handshake_attach_circuit() to attach to a new circuit (if
* available) or launch a new one.
*
@ -347,17 +354,20 @@ connection_ap_expire_beginning(void)
}
if (circ->purpose == CIRCUIT_PURPOSE_C_REND_JOINED) {
if (now - conn->timestamp_lastread > 45) {
notice(LD_REND,"Rend stream is %d seconds late. Giving up on address '%s.onion'.",
notice(LD_REND, "Rend stream is %d seconds late. Giving up on address"
" '%s.onion'.",
(int)(now - conn->timestamp_lastread),
safe_str(conn->socks_request->address));
connection_edge_end(conn, END_STREAM_REASON_TIMEOUT, conn->cpath_layer);
connection_edge_end(conn, END_STREAM_REASON_TIMEOUT,
conn->cpath_layer);
connection_mark_unattached_ap(conn, END_STREAM_REASON_TIMEOUT);
}
continue;
}
tor_assert(circ->purpose == CIRCUIT_PURPOSE_C_GENERAL);
nickname = build_state_get_exit_nickname(circ->build_state);
notice(LD_APP,"We tried for %d seconds to connect to '%s' using exit '%s'. Retrying on a new circuit.",
notice(LD_APP,"We tried for %d seconds to connect to '%s' using exit '%s'."
" Retrying on a new circuit.",
(int)(now - conn->timestamp_lastread),
safe_str(conn->socks_request->address),
nickname ? nickname : "*unnamed*");
@ -503,7 +513,8 @@ addressmap_virtaddress_ent_free(void *_ent)
static void
addressmap_virtaddress_remove(const char *address, addressmap_entry_t *ent)
{
if (ent && ent->new_address && address_is_in_virtual_range(ent->new_address)) {
if (ent && ent->new_address &&
address_is_in_virtual_range(ent->new_address)) {
virtaddress_entry_t *ve =
strmap_get(virtaddress_reversemap, ent->new_address);
/*log_fn(LOG_NOTICE,"remove reverse mapping for %s",ent->new_address);*/
@ -587,7 +598,8 @@ addressmap_rewrite(char *address, size_t maxlen)
safe_str(address), safe_str(ent->new_address));
strlcpy(address, ent->new_address, maxlen);
}
warn(LD_CONFIG,"Loop detected: we've rewritten '%s' 16 times! Using it as-is.",
warn(LD_CONFIG,
"Loop detected: we've rewritten '%s' 16 times! Using it as-is.",
safe_str(address));
/* it's fine to rewrite a rewrite, but don't loop forever */
}
@ -630,7 +642,8 @@ addressmap_register(const char *address, char *new_address, time_t expires)
strmap_set(addressmap, address, ent);
} else if (ent->new_address) { /* we need to clean up the old mapping. */
if (expires > 1) {
info(LD_APP,"Temporary addressmap ('%s' to '%s') not performed, since it's already mapped to '%s'",
info(LD_APP,"Temporary addressmap ('%s' to '%s') not performed, "
"since it's already mapped to '%s'",
safe_str(address), safe_str(new_address), safe_str(ent->new_address));
tor_free(new_address);
return;
@ -696,7 +709,8 @@ client_dns_clear_failures(const char *address)
* <b>ttl</b>seconds.
*/
void
client_dns_set_addressmap(const char *address, uint32_t val, const char *exitname,
client_dns_set_addressmap(const char *address, uint32_t val,
const char *exitname,
int ttl)
{
struct in_addr in;
@ -724,7 +738,8 @@ client_dns_set_addressmap(const char *address, uint32_t val, const char *exitnam
tor_snprintf(extendedval, sizeof(extendedval),
"%s", valbuf);
}
addressmap_register(extendedaddress, tor_strdup(extendedval), time(NULL) + ttl);
addressmap_register(extendedaddress, tor_strdup(extendedval),
time(NULL) + ttl);
}
/* Currently, we hand out 127.192.0.1 through 127.254.254.254.
@ -826,11 +841,13 @@ addressmap_register_virtual_address(int type, char *new_address)
&vent->ipv4_address : &vent->hostname_address;
if (*addrp) {
addressmap_entry_t *ent = strmap_get(addressmap, *addrp);
if (ent && ent->new_address && !strcasecmp(new_address, ent->new_address)) {
if (ent && ent->new_address &&
!strcasecmp(new_address, ent->new_address)) {
tor_free(new_address);
return tor_strdup(*addrp);
} else
warn(LD_BUG, "Internal confusion: I thought that '%s' was mapped to by '%s', but '%s' really maps to '%s'. This is a harmless bug.",
warn(LD_BUG, "Internal confusion: I thought that '%s' was mapped to "
"by '%s', but '%s' really maps to '%s'. This is a harmless bug.",
safe_str(new_address), safe_str(*addrp), safe_str(*addrp),
ent?safe_str(ent->new_address):"(nothing)");
}
@ -877,7 +894,8 @@ address_is_invalid_destination(const char *address)
* remove the mappings.
*/
void
addressmap_get_mappings(smartlist_t *sl, time_t min_expires, time_t max_expires)
addressmap_get_mappings(smartlist_t *sl, time_t min_expires,
time_t max_expires)
{
strmap_iter_t *iter;
const char *key;
@ -940,7 +958,8 @@ connection_ap_handshake_process_socks(connection_t *conn)
if (sockshere == 0) {
if (socks->replylen) {
connection_write_to_buf(socks->reply, socks->replylen, conn);
socks->replylen = 0; /* zero it out so we can do another round of negotiation */
/* zero it out so we can do another round of negotiation */
socks->replylen = 0;
} else {
debug(LD_APP,"socks handshake not all here yet.");
}
@ -954,7 +973,8 @@ connection_ap_handshake_process_socks(connection_t *conn)
warn(LD_APP,"Fetching socks handshake failed. Closing.");
connection_ap_handshake_socks_reply(conn, NULL, 0, SOCKS5_GENERAL_ERROR);
}
connection_mark_unattached_ap(conn, END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
connection_mark_unattached_ap(conn,
END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
return -1;
} /* else socks handshake is done, continue processing */
@ -1040,15 +1060,18 @@ connection_ap_handshake_process_socks(connection_t *conn)
/* Reply to resolves immediately if we can. */
if (strlen(socks->address) > RELAY_PAYLOAD_SIZE) {
warn(LD_APP,"Address to be resolved is too large. Failing.");
connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR,0,NULL,-1);
connection_mark_unattached_ap(conn, END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR,
0,NULL,-1);
connection_mark_unattached_ap(conn,
END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
return -1;
}
if (tor_inet_aton(socks->address, &in)) { /* see if it's an IP already */
answer = in.s_addr; /* leave it in network order */
connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_IPV4,4,
(char*)&answer,-1);
connection_mark_unattached_ap(conn, END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
connection_mark_unattached_ap(conn,
END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
return 0;
}
rep_hist_note_used_resolve(time(NULL)); /* help predict this next time */
@ -1074,7 +1097,8 @@ connection_ap_handshake_process_socks(connection_t *conn)
}
}
rep_hist_note_used_port(socks->port, time(NULL)); /* help predict this next time */
/* help predict this next time */
rep_hist_note_used_port(socks->port, time(NULL));
control_event_stream_status(conn, STREAM_EVENT_NEW);
}
if (!tor_should_handle_stream) {
@ -1096,8 +1120,10 @@ connection_ap_handshake_process_socks(connection_t *conn)
/* if it's a resolve request, fail it right now, rather than
* building all the circuits and then realizing it won't work. */
warn(LD_APP,"Resolve requests to hidden services not allowed. Failing.");
connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR,0,NULL,-1);
connection_mark_unattached_ap(conn, END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR,
0,NULL,-1);
connection_mark_unattached_ap(conn,
END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
return -1;
}
@ -1195,7 +1221,8 @@ connection_ap_handshake_send_begin(connection_t *ap_conn, circuit_t *circ)
debug(LD_APP,"Sending relay cell to begin stream %d.",ap_conn->stream_id);
if (connection_edge_send_command(ap_conn, circ, RELAY_COMMAND_BEGIN,
payload, payload_len, ap_conn->cpath_layer) < 0)
payload, payload_len,
ap_conn->cpath_layer) < 0)
return -1; /* circuit is closed, don't continue */
ap_conn->package_window = STREAMWINDOW_START;
@ -1392,7 +1419,8 @@ connection_ap_handshake_socks_reply(connection_t *conn, char *reply,
status==SOCKS5_SUCCEEDED ? STREAM_EVENT_SUCCEEDED : STREAM_EVENT_FAILED);
if (conn->socks_request->has_finished) {
warn(LD_BUG, "Harmless bug: duplicate calls to connection_ap_handshake_socks_reply.");
warn(LD_BUG, "Harmless bug: duplicate calls to "
"connection_ap_handshake_socks_reply.");
return;
}
if (replylen) { /* we already have a reply in mind */
@ -1458,7 +1486,8 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
return 0;
}
if (parse_addr_port(cell->payload+RELAY_HEADER_SIZE,&address,NULL,&port)<0) {
warn(LD_PROTOCOL,"Unable to parse addr:port in relay begin cell. Dropping.");
warn(LD_PROTOCOL,"Unable to parse addr:port in relay begin cell. "
"Dropping.");
return 0;
}
if (port==0) {
@ -1487,9 +1516,11 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
assert_circuit_ok(circ);
if (rend_service_set_connection_addr_port(n_stream, circ) < 0) {
info(LD_REND,"Didn't find rendezvous service (port %d)",n_stream->port);
connection_edge_end(n_stream, END_STREAM_REASON_EXITPOLICY, n_stream->cpath_layer);
connection_edge_end(n_stream, END_STREAM_REASON_EXITPOLICY,
n_stream->cpath_layer);
connection_free(n_stream);
circuit_mark_for_close(circ); /* knock the whole thing down, somebody screwed up */
circuit_mark_for_close(circ); /* knock the whole thing down, somebody
* screwed up */
tor_free(address);
return 0;
}
@ -1513,7 +1544,8 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
/* default to failed, change in dns_resolve if it turns out not to fail */
if (we_are_hibernating()) {
connection_edge_end(n_stream, END_STREAM_REASON_HIBERNATING, n_stream->cpath_layer);
connection_edge_end(n_stream, END_STREAM_REASON_HIBERNATING,
n_stream->cpath_layer);
connection_free(n_stream);
return 0;
}
@ -1654,7 +1686,8 @@ connection_exit_connect(connection_t *conn)
}
conn->state = EXIT_CONN_STATE_OPEN;
if (connection_wants_to_flush(conn)) { /* in case there are any queued data cells */
if (connection_wants_to_flush(conn)) {
/* in case there are any queued data cells */
warn(LD_BUG,"Bug: newly connected conn had data waiting!");
// connection_start_writing(conn);
}
@ -1823,7 +1856,8 @@ parse_extended_hostname(char *address)
/* so it is .onion */
*s = 0; /* null-terminate it */
if (strlcpy(query, address, REND_SERVICE_ID_LEN+1) >= REND_SERVICE_ID_LEN+1)
if (strlcpy(query, address, REND_SERVICE_ID_LEN+1) >=
REND_SERVICE_ID_LEN+1)
goto failed;
if (rend_valid_service_id(query)) {
return ONION_HOSTNAME; /* success */

38
src/or/connection_or.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char connection_or_c_id[] = "$Id$";
const char connection_or_c_id[] =
"$Id$";
/**
* \file connection_or.c
@ -159,7 +160,8 @@ connection_or_read_proxy_response(connection_t *conn)
&headers, MAX_HEADERS_SIZE,
NULL, NULL, 10000, 0)) {
case -1: /* overflow */
warn(LD_PROTOCOL,"Your https proxy sent back an oversized response. Closing.");
warn(LD_PROTOCOL,"Your https proxy sent back an oversized response. "
"Closing.");
return -1;
case 0:
info(LD_OR,"https proxy response not all here yet. Waiting.");
@ -191,7 +193,8 @@ connection_or_read_proxy_response(connection_t *conn)
}
/* else, bad news on the status code */
warn(LD_OR,
"The https proxy sent back an unexpected status code %d (\"%s\"). Closing.",
"The https proxy sent back an unexpected status code %d (\"%s\"). "
"Closing.",
status_code, reason);
tor_free(reason);
connection_mark_for_close(conn);
@ -571,7 +574,8 @@ connection_or_check_valid_handshake(connection_t *conn, char *digest_rcvd)
}
check_no_tls_errors();
if (tor_tls_get_peer_cert_nickname(conn->tls, nickname, sizeof(nickname))) {
log_fn(severity,LD_PROTOCOL,"Other side (%s:%d) has a cert without a valid nickname. Closing.",
log_fn(severity,LD_PROTOCOL,"Other side (%s:%d) has a cert without a "
"valid nickname. Closing.",
conn->address, conn->port);
return -1;
}
@ -580,7 +584,8 @@ connection_or_check_valid_handshake(connection_t *conn, char *digest_rcvd)
conn->address, conn->port, nickname);
if (tor_tls_verify(severity, conn->tls, &identity_rcvd) < 0) {
log_fn(severity,LD_OR,"Other side, which claims to be router '%s' (%s:%d), has a cert but it's invalid. Closing.",
log_fn(severity,LD_OR,"Other side, which claims to be router '%s' (%s:%d),"
" has a cert but it's invalid. Closing.",
nickname, conn->address, conn->port);
return -1;
}
@ -600,7 +605,8 @@ connection_or_check_valid_handshake(connection_t *conn, char *digest_rcvd)
router->is_named && /* make sure it's the right guy */
memcmp(digest_rcvd, router->cache_info.identity_digest,DIGEST_LEN) !=0) {
log_fn(severity, LD_OR,
"Identity key not as expected for router claiming to be '%s' (%s:%d)",
"Identity key not as expected for router claiming to be "
"'%s' (%s:%d)",
nickname, conn->address, conn->port);
return -1;
}
@ -612,9 +618,11 @@ connection_or_check_valid_handshake(connection_t *conn, char *digest_rcvd)
char seen[HEX_DIGEST_LEN+1];
char expected[HEX_DIGEST_LEN+1];
base16_encode(seen, sizeof(seen), digest_rcvd, DIGEST_LEN);
base16_encode(expected, sizeof(expected), conn->identity_digest, DIGEST_LEN);
base16_encode(expected, sizeof(expected), conn->identity_digest,
DIGEST_LEN);
log_fn(severity, LD_OR,
"Identity key not as expected for router at %s:%d: wanted %s but got %s",
"Identity key not as expected for router at %s:%d: wanted %s "
"but got %s",
conn->address, conn->port, expected, seen);
helper_node_set_status(conn->identity_digest, 0);
control_event_or_conn_status(conn, OR_CONN_EVENT_FAILED);
@ -664,7 +672,8 @@ connection_tls_finish_handshake(connection_t *conn)
return -1;
}
#endif
connection_or_init_conn_from_address(conn,conn->addr,conn->port,digest_rcvd);
connection_or_init_conn_from_address(conn,conn->addr,conn->port,
digest_rcvd);
}
if (!server_mode(get_options())) { /* If I'm an OP... */
@ -714,10 +723,11 @@ connection_or_write_cell_to_buf(const cell_t *cell, connection_t *conn)
if (connection_handle_write(conn) < 0) {
if (!conn->marked_for_close) {
/* this connection is broken. remove it. */
warn(LD_BUG,"Bug: unhandled error on write for OR conn (fd %d); removing",
warn(LD_BUG,
"Bug: unhandled error on write for OR conn (fd %d); removing",
conn->s);
tor_fragile_assert();
conn->has_sent_end = 1; /* otherwise we cry wolf about duplicate close */
conn->has_sent_end = 1; /* don't cry wolf about duplicate close */
/* XXX do we need a close-immediate here, so we don't try to flush? */
connection_mark_for_close(conn);
}
@ -745,8 +755,10 @@ connection_or_process_cells_from_inbuf(connection_t *conn)
loop:
debug(LD_OR,"%d: starting, inbuf_datalen %d (%d pending in tls object).",
conn->s,(int)buf_datalen(conn->inbuf),tor_tls_get_pending_bytes(conn->tls));
if (buf_datalen(conn->inbuf) < CELL_NETWORK_SIZE) /* entire response available? */
conn->s,(int)buf_datalen(conn->inbuf),
tor_tls_get_pending_bytes(conn->tls));
if (buf_datalen(conn->inbuf) < CELL_NETWORK_SIZE) /* whole response
available? */
return 0; /* not yet */
connection_fetch_from_buf(buf, CELL_NETWORK_SIZE, conn);

100
src/or/control.c
View File

@ -1,7 +1,8 @@
/* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char control_c_id[] = "$Id$";
const char control_c_id[] =
"$Id$";
/**
* \file control.c
@ -10,13 +11,15 @@ const char control_c_id[] = "$Id$";
#include "or.h"
#define STATE_IS_OPEN(s) ((s) == CONTROL_CONN_STATE_OPEN_V0 || \
#define STATE_IS_OPEN(s) ((s) == CONTROL_CONN_STATE_OPEN_V0 || \
(s) == CONTROL_CONN_STATE_OPEN_V1)
#define STATE_IS_V0(s) ((s) == CONTROL_CONN_STATE_NEEDAUTH_V0 || \
#define STATE_IS_V0(s) ((s) == CONTROL_CONN_STATE_NEEDAUTH_V0 || \
(s) == CONTROL_CONN_STATE_OPEN_V0)
/*
* See control-spec.txt and control-spec-v0.txt for full details on protocol(s).
* See control-spec.txt and control-spec-v0.txt for full details on
* protocol(s).
*
*/
/* Recognized message type codes. */
@ -128,7 +131,8 @@ static int disable_log_messages = 0;
static int authentication_cookie_is_set = 0;
static char authentication_cookie[AUTHENTICATION_COOKIE_LEN];
static void connection_printf_to_buf(connection_t *conn, const char *format, ...)
static void connection_printf_to_buf(connection_t *conn,
const char *format, ...)
CHECK_PRINTF(2,3);
/*static*/ size_t write_escaped_data(const char *data, size_t len,
int translate_newlines, char **out);
@ -137,10 +141,12 @@ static void connection_printf_to_buf(connection_t *conn, const char *format, ...
static void send_control0_message(connection_t *conn, uint16_t type,
uint32_t len, const char *body);
static void send_control_done(connection_t *conn);
static void send_control_done2(connection_t *conn, const char *msg, size_t len);
static void send_control_done2(connection_t *conn, const char *msg,
size_t len);
static void send_control0_error(connection_t *conn, uint16_t error,
const char *message);
static void send_control0_event(uint16_t event, uint32_t len, const char *body);
static void send_control0_event(uint16_t event, uint32_t len,
const char *body);
static void send_control1_event(uint16_t event, const char *format, ...)
CHECK_PRINTF(2,3);
static int handle_control_setconf(connection_t *conn, uint32_t len,
@ -173,14 +179,16 @@ static int handle_control_closestream(connection_t *conn, uint32_t len,
const char *body);
static int handle_control_closecircuit(connection_t *conn, uint32_t len,
const char *body);
static int write_stream_target_to_buf(connection_t *conn, char *buf, size_t len);
static int write_stream_target_to_buf(connection_t *conn, char *buf,
size_t len);
/** Given a possibly invalid message type code <b>cmd</b>, return a
* human-readable string equivalent. */
static INLINE const char *
control_cmd_to_string(uint16_t cmd)
{
return (cmd<=_CONTROL0_CMD_MAX_RECOGNIZED) ? CONTROL0_COMMANDS[cmd] : "Unknown";
return (cmd<=_CONTROL0_CMD_MAX_RECOGNIZED) ?
CONTROL0_COMMANDS[cmd] : "Unknown";
}
/** Given a control event code for a message event, return the corresponding
@ -693,7 +701,8 @@ control_setconf_helper(connection_t *conn, uint32_t len, char *body,
if (config_get_lines(config, &lines) < 0) {
warn(LD_CONTROL,"Controller gave us config lines we can't parse.");
connection_write_str_to_buf("551 Couldn't parse configuration\r\n", conn);
connection_write_str_to_buf("551 Couldn't parse configuration\r\n",
conn);
tor_free(config);
return 0;
}
@ -809,7 +818,8 @@ handle_control_getconf(connection_t *conn, uint32_t body_len, const char *body)
if (v0)
tor_snprintf(astr, alen, "%s %s\n", answer->key, answer->value);
else
tor_snprintf(astr, alen, "250-%s=%s\r\n", answer->key, answer->value);
tor_snprintf(astr, alen, "250-%s=%s\r\n",
answer->key, answer->value);
smartlist_add(answers, astr);
next = answer->next;
@ -830,8 +840,8 @@ handle_control_getconf(connection_t *conn, uint32_t body_len, const char *body)
if ((len = smartlist_len(unrecognized))) {
for (i=0; i < len-1; ++i)
connection_printf_to_buf(conn,
"552-Unrecognized configuration key \"%s\"\r\n",
(char*)smartlist_get(unrecognized, i));
"552-Unrecognized configuration key \"%s\"\r\n",
(char*)smartlist_get(unrecognized, i));
connection_printf_to_buf(conn,
"552 Unrecognized configuration key \"%s\"\r\n",
(char*)smartlist_get(unrecognized, len-1));
@ -998,7 +1008,8 @@ handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
password_len = 0;
} else {
if (!get_escaped_string(body, len, &password, &password_len)) {
connection_write_str_to_buf("551 Invalid quoted string. You need to put the password in double quotes.\r\n", conn);
connection_write_str_to_buf("551 Invalid quoted string. You need "
"to put the password in double quotes.\r\n", conn);
return 0;
}
used_quoted_string = 1;
@ -1028,7 +1039,8 @@ handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
err:
if (STATE_IS_V0(conn->state))
send_control0_error(conn,ERR_REJECTED_AUTHENTICATION,"Authentication failed");
send_control0_error(conn,ERR_REJECTED_AUTHENTICATION,
"Authentication failed");
else {
tor_free(password);
if (used_quoted_string)
@ -1156,7 +1168,8 @@ handle_control_mapaddress(connection_t *conn, uint32_t len, const char *body)
const char *from = smartlist_get(elts,0);
const char *to = smartlist_get(elts,1);
if (!is_plausible_address(from)) {
warn(LD_CONTROL,"Skipping invalid argument '%s' in MapAddress msg",from);
warn(LD_CONTROL,"Skipping invalid argument '%s' in MapAddress msg",
from);
} else if (!is_plausible_address(to)) {
warn(LD_CONTROL,"Skipping invalid argument '%s' in MapAddress msg",to);
} else if (!strcmp(from, ".") || !strcmp(from, "0.0.0.0")) {
@ -1297,7 +1310,8 @@ handle_getinfo_helper(const char *question, char **answer)
slen = strlen(path)+strlen(state)+20;
s = tor_malloc(slen+1);
tor_snprintf(s, slen, "%lu %s %s", (unsigned long)circ->global_identifier,
tor_snprintf(s, slen, "%lu %s %s",
(unsigned long)circ->global_identifier,
state, path);
smartlist_add(status, s);
tor_free(path);
@ -1537,7 +1551,8 @@ handle_control_extendcircuit(connection_t *conn, uint32_t len,
smartlist_split_string(args, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
if (smartlist_len(args)<2) {
connection_printf_to_buf(conn,"512 Missing argument to EXTENDCIRCUIT\r\n");
connection_printf_to_buf(conn,
"512 Missing argument to EXTENDCIRCUIT\r\n");
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
goto done;
@ -1605,7 +1620,8 @@ handle_control_extendcircuit(connection_t *conn, uint32_t len,
if (circ->state == CIRCUIT_STATE_OPEN) {
circuit_set_state(circ, CIRCUIT_STATE_BUILDING);
if (circuit_send_next_onion_skin(circ) < 0) {
info(LD_CONTROL,"send_next_onion_skin failed; circuit marked for closing.");
info(LD_CONTROL,
"send_next_onion_skin failed; circuit marked for closing.");
circuit_mark_for_close(circ);
if (v0)
send_control0_error(conn, ERR_INTERNAL, "couldn't send onion skin");
@ -1668,7 +1684,8 @@ handle_control_attachstream(connection_t *conn, uint32_t len,
smartlist_split_string(args, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
if (smartlist_len(args)<2) {
connection_printf_to_buf(conn,"512 Missing argument to ATTACHSTREAM\r\n");
connection_printf_to_buf(conn,
"512 Missing argument to ATTACHSTREAM\r\n");
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
return 0;
@ -1695,8 +1712,8 @@ handle_control_attachstream(connection_t *conn, uint32_t len,
"Connection is not managed by controller.");
} else {
connection_write_str_to_buf(
"555 Connection is not managed by controller.\r\n",
conn);
"555 Connection is not managed by controller.\r\n",
conn);
}
return 0;
}
@ -1710,11 +1727,12 @@ handle_control_attachstream(connection_t *conn, uint32_t len,
}
if (circ->state != CIRCUIT_STATE_OPEN) {
if (STATE_IS_V0(conn->state))
send_control0_error(conn, ERR_INTERNAL, "Refuse to attach stream to non-open circ.");
send_control0_error(conn, ERR_INTERNAL,
"Refuse to attach stream to non-open circ.");
else
connection_write_str_to_buf(
"551 Can't attach stream to non-open circuit\r\n",
conn);
"551 Can't attach stream to non-open circuit\r\n",
conn);
return 0;
}
if (connection_ap_handshake_attach_chosen_circuit(ap_conn, circ) != 1) {
@ -1783,7 +1801,8 @@ handle_control_redirectstream(connection_t *conn, uint32_t len,
uint16_t new_port = 0;
if (STATE_IS_V0(conn->state)) {
if (len < 6) {
send_control0_error(conn, ERR_SYNTAX, "redirectstream message too short");
send_control0_error(conn, ERR_SYNTAX,
"redirectstream message too short");
return 0;
}
conn_id = ntohl(get_uint32(body));
@ -1802,7 +1821,8 @@ handle_control_redirectstream(connection_t *conn, uint32_t len,
smartlist_split_string(args, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
if (smartlist_len(args) < 2)
connection_printf_to_buf(conn,"512 Missing argument to REDIRECTSTREAM\r\n");
connection_printf_to_buf(conn,
"512 Missing argument to REDIRECTSTREAM\r\n");
else if (!(ap_conn = get_stream(smartlist_get(args, 0)))
|| !ap_conn->socks_request) {
connection_printf_to_buf(conn, "552 Unknown stream \"%s\"\r\n",
@ -1869,7 +1889,8 @@ handle_control_closestream(connection_t *conn, uint32_t len,
smartlist_split_string(args, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
if (smartlist_len(args)<2)
connection_printf_to_buf(conn, "512 Missing argument to CLOSESTREAM\r\n");
connection_printf_to_buf(conn,
"512 Missing argument to CLOSESTREAM\r\n");
else if (!(ap_conn = get_stream(smartlist_get(args, 0))))
connection_printf_to_buf(conn, "552 Unknown stream \"%s\"\r\n",
(char*)smartlist_get(args, 0));
@ -1922,7 +1943,8 @@ handle_control_closecircuit(connection_t *conn, uint32_t len,
smartlist_split_string(args, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
if (smartlist_len(args)<1)
connection_printf_to_buf(conn, "512 Missing argument to CLOSECIRCUIT\r\n");
connection_printf_to_buf(conn,
"512 Missing argument to CLOSECIRCUIT\r\n");
else if (!(circ=get_circ(smartlist_get(args, 0))))
connection_printf_to_buf(conn, "552 Unknown circuit \"%s\"\r\n",
(char*)smartlist_get(args, 0));
@ -2174,7 +2196,7 @@ connection_control_process_inbuf_v0(connection_t *conn)
again:
/* Try to suck a control message from the buffer. */
switch (fetch_from_buf_control0(conn->inbuf, &body_len, &command_type, &body,
conn->state == CONTROL_CONN_STATE_NEEDAUTH_V0))
conn->state == CONTROL_CONN_STATE_NEEDAUTH_V0))
{
case -2:
tor_free(body);
@ -2379,11 +2401,11 @@ write_stream_target_to_buf(connection_t *conn, char *buf, size_t len)
if (tor_snprintf(buf2, sizeof(buf2), ".%s.exit", conn->chosen_exit_name)<0)
return -1;
if (tor_snprintf(buf, len, "%s%s%s:%d",
conn->socks_request->address,
conn->chosen_exit_name ? buf2 : "",
!conn->chosen_exit_name &&
connection_edge_is_rendezvous_stream(conn) ? ".onion" : "",
conn->socks_request->port)<0)
conn->socks_request->address,
conn->chosen_exit_name ? buf2 : "",
!conn->chosen_exit_name &&
connection_edge_is_rendezvous_stream(conn) ? ".onion" : "",
conn->socks_request->port)<0)
return -1;
return 0;
}
@ -2616,7 +2638,8 @@ control_event_address_mapped(const char *from, const char *to, time_t expires)
return 0;
if (expires < 3)
send_control1_event(EVENT_ADDRMAP, "650 ADDRMAP %s %s NEVER\r\n", from, to);
send_control1_event(EVENT_ADDRMAP,
"650 ADDRMAP %s %s NEVER\r\n", from, to);
else {
char buf[ISO_TIME_LEN+1];
format_local_iso_time(buf,expires);
@ -2633,8 +2656,9 @@ control_event_address_mapped(const char *from, const char *to, time_t expires)
* Notify any interested party of the new descriptor and what has
* been done with it, and also optionally give an explanation/reason. */
int
control_event_or_authdir_new_descriptor(const char *action, const char *descriptor, const char *msg)
control_event_or_authdir_new_descriptor(const char *action,
const char *descriptor,
const char *msg)
{
char firstline[1024];
char *buf;

46
src/or/cpuworker.c
View File

@ -2,7 +2,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char cpuworker_c_id[] = "$Id$";
const char cpuworker_c_id[] =
"$Id$";
/**
* \file cpuworker.c
@ -25,7 +26,8 @@ const char cpuworker_c_id[] = "$Id$";
/** How many bytes are sent from tor to the cpuworker? */
#define LEN_ONION_QUESTION (1+TAG_LEN+ONIONSKIN_CHALLENGE_LEN)
/** How many bytes are sent from the cpuworker back to tor? */
#define LEN_ONION_RESPONSE (1+TAG_LEN+ONIONSKIN_REPLY_LEN+CPATH_KEY_MATERIAL_LEN)
#define LEN_ONION_RESPONSE \
(1+TAG_LEN+ONIONSKIN_REPLY_LEN+CPATH_KEY_MATERIAL_LEN)
/** How many cpuworkers we have running right now. */
static int num_cpuworkers=0;
@ -118,7 +120,8 @@ connection_cpu_reached_eof(connection_t *conn)
num_cpuworkers_busy--;
}
num_cpuworkers--;
spawn_enough_cpuworkers(); /* try to regrow. hope we don't end up spinning. */
spawn_enough_cpuworkers(); /* try to regrow. hope we don't end up
spinning. */
connection_mark_for_close(conn);
return 0;
}
@ -145,7 +148,7 @@ connection_cpu_process_inbuf(connection_t *conn)
return 0;
if (conn->state == CPUWORKER_STATE_BUSY_ONION) {
if (buf_datalen(conn->inbuf) < LEN_ONION_RESPONSE) /* entire answer available? */
if (buf_datalen(conn->inbuf) < LEN_ONION_RESPONSE) /* answer available? */
return 0; /* not yet */
tor_assert(buf_datalen(conn->inbuf) == LEN_ONION_RESPONSE);
@ -163,7 +166,8 @@ connection_cpu_process_inbuf(connection_t *conn)
circ = circuit_get_by_circid_orconn(circ_id, p_conn);
if (success == 0) {
debug(LD_OR,"decoding onionskin failed. (Old key or bad software.) Closing.");
debug(LD_OR,
"decoding onionskin failed. (Old key or bad software.) Closing.");
if (circ)
circuit_mark_for_close(circ);
goto done_processing;
@ -178,7 +182,8 @@ connection_cpu_process_inbuf(connection_t *conn)
goto done_processing;
}
tor_assert(circ->p_conn);
if (onionskin_answer(circ, CELL_CREATED, buf+TAG_LEN, buf+TAG_LEN+ONIONSKIN_REPLY_LEN) < 0) {
if (onionskin_answer(circ, CELL_CREATED, buf+TAG_LEN,
buf+TAG_LEN+ONIONSKIN_REPLY_LEN) < 0) {
warn(LD_OR,"onionskin_answer failed. Closing.");
circuit_mark_for_close(circ);
goto done_processing;
@ -234,7 +239,8 @@ cpuworker_main(void *data)
fd = fdarray[1]; /* this side is ours */
#ifndef TOR_IS_MULTITHREADED
tor_close_socket(fdarray[0]); /* this is the side of the socketpair the parent uses */
tor_close_socket(fdarray[0]); /* this is the side of the socketpair the
* parent uses */
tor_free_all(1); /* so the child doesn't hold the parent's fd's open */
handle_signals(0); /* ignore interrupts from the keyboard, etc */
#endif
@ -248,10 +254,13 @@ cpuworker_main(void *data)
if ((r = recv(fd, &question_type, 1, 0)) != 1) {
// log_fn(LOG_ERR,"read type failed. Exiting.");
if (r == 0) {
info(LD_OR,"CPU worker exiting because Tor process closed connection (either rotated keys or died).");
info(LD_OR,"CPU worker exiting because Tor process closed connection "
"(either rotated keys or died).");
} else {
info(LD_OR,"CPU worker editing because of error on connection to Tor process.");
info(LD_OR,"(Error on %d was %s)", fd, tor_socket_strerror(tor_socket_errno(fd)));
info(LD_OR,"CPU worker editing because of error on connection to Tor "
"process.");
info(LD_OR,"(Error on %d was %s)",
fd, tor_socket_strerror(tor_socket_errno(fd)));
}
goto end;
}
@ -262,7 +271,8 @@ cpuworker_main(void *data)
goto end;
}
if (read_all(fd, question, ONIONSKIN_CHALLENGE_LEN, 1) != ONIONSKIN_CHALLENGE_LEN) {
if (read_all(fd, question, ONIONSKIN_CHALLENGE_LEN, 1) !=
ONIONSKIN_CHALLENGE_LEN) {
err(LD_BUG,"read question failed. Exiting.");
goto end;
}
@ -311,7 +321,8 @@ spawn_cpuworker(void)
fdarray = tor_malloc(sizeof(int)*2);
if ((err = tor_socketpair(AF_UNIX, SOCK_STREAM, 0, fdarray)) < 0) {
warn(LD_NET, "Couldn't construct socketpair: %s", tor_socket_strerror(-err));
warn(LD_NET, "Couldn't construct socketpair: %s",
tor_socket_strerror(-err));
tor_free(fdarray);
return -1;
}
@ -320,7 +331,7 @@ spawn_cpuworker(void)
spawn_func(cpuworker_main, (void*)fdarray);
debug(LD_OR,"just spawned a worker.");
#ifndef TOR_IS_MULTITHREADED
tor_close_socket(fdarray[1]); /* we don't need the worker's side of the pipe */
tor_close_socket(fdarray[1]); /* don't need the worker's side of the pipe */
tor_free(fdarray);
#endif
@ -404,7 +415,8 @@ cull_wedged_cpuworkers(void)
conn->type == CONN_TYPE_CPUWORKER &&
conn->state == CPUWORKER_STATE_BUSY_ONION &&
conn->timestamp_lastwritten + CPUWORKER_BUSY_TIMEOUT < now) {
notice(LD_BUG,"Bug: closing wedged cpuworker. Can somebody find the bug?");
notice(LD_BUG,
"Bug: closing wedged cpuworker. Can somebody find the bug?");
num_cpuworkers_busy--;
num_cpuworkers--;
connection_mark_for_close(conn);
@ -442,7 +454,8 @@ assign_to_cpuworker(connection_t *cpuworker, uint8_t question_type,
}
if (!cpuworker)
cpuworker = connection_get_by_type_state(CONN_TYPE_CPUWORKER, CPUWORKER_STATE_IDLE);
cpuworker = connection_get_by_type_state(CONN_TYPE_CPUWORKER,
CPUWORKER_STATE_IDLE);
tor_assert(cpuworker);
@ -457,7 +470,8 @@ assign_to_cpuworker(connection_t *cpuworker, uint8_t question_type,
connection_write_to_buf((char*)&question_type, 1, cpuworker);
connection_write_to_buf(tag, sizeof(tag), cpuworker);
connection_write_to_buf(circ->onionskin, ONIONSKIN_CHALLENGE_LEN, cpuworker);
connection_write_to_buf(circ->onionskin, ONIONSKIN_CHALLENGE_LEN,
cpuworker);
tor_free(circ->onionskin);
}
return 0;

93
src/or/directory.c
View File

@ -2,7 +2,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char directory_c_id[] = "$Id$";
const char directory_c_id[] =
"$Id$";
#include "or.h"
@ -469,7 +470,8 @@ directory_send_command(connection_t *conn, const char *platform,
if (conn->port == 80) {
strlcpy(hoststring, conn->address, sizeof(hoststring));
} else {
tor_snprintf(hoststring, sizeof(hoststring),"%s:%d",conn->address, conn->port);
tor_snprintf(hoststring, sizeof(hoststring),"%s:%d",
conn->address, conn->port);
}
/* come up with some proxy lines, if we're using one. */
@ -561,7 +563,8 @@ directory_send_command(connection_t *conn, const char *platform,
connection_write_to_buf(url, strlen(url), conn);
tor_free(url);
tor_snprintf(request, sizeof(request), " HTTP/1.0\r\nContent-Length: %lu\r\nHost: %s%s\r\n\r\n",
tor_snprintf(request, sizeof(request),
" HTTP/1.0\r\nContent-Length: %lu\r\nHost: %s%s\r\n\r\n",
payload ? (unsigned long)payload_len : 0,
hoststring,
proxyauthstring);
@ -749,7 +752,8 @@ parse_http_response(const char *headers, int *code, time_t *date,
} else if (!strcmp(enc, "gzip") || !strcmp(enc, "x-gzip")) {
*compression = GZIP_METHOD;
} else {
info(LD_HTTP, "Unrecognized content encoding: '%s'. Trying to deal.", enc);
info(LD_HTTP, "Unrecognized content encoding: '%s'. Trying to deal.",
enc);
*compression = -1;
}
}
@ -819,7 +823,8 @@ connection_dir_client_reached_eof(connection_t *conn)
conn->address, conn->port);
return -1;
case 0:
info(LD_HTTP,"'fetch' response not all here, but we're at eof. Closing.");
info(LD_HTTP,
"'fetch' response not all here, but we're at eof. Closing.");
return -1;
/* case 1, fall through */
}
@ -841,15 +846,18 @@ connection_dir_client_reached_eof(connection_t *conn)
now = time(NULL);
delta = now-date_header;
if (abs(delta)>ALLOW_DIRECTORY_TIME_SKEW) {
log_fn(router_digest_is_trusted_dir(conn->identity_digest) ? LOG_WARN : LOG_INFO,
log_fn(router_digest_is_trusted_dir(conn->identity_digest) ?
LOG_WARN : LOG_INFO,
LD_HTTP,
"Received directory with skewed time (server '%s:%d'): we are %d minutes %s, or the directory is %d minutes %s.",
"Received directory with skewed time (server '%s:%d'): "
"we are %d minutes %s, or the directory is %d minutes %s.",
conn->address, conn->port,
abs(delta)/60, delta>0 ? "ahead" : "behind",
abs(delta)/60, delta>0 ? "behind" : "ahead");
skewed = 1; /* don't check the recommended-versions line */
} else {
debug(LD_HTTP, "Time on received directory is within tolerance; we are %d seconds skewed. (That's okay.)", delta);
debug(LD_HTTP, "Time on received directory is within tolerance; "
"we are %d seconds skewed. (That's okay.)", delta);
}
}
@ -918,13 +926,15 @@ connection_dir_client_reached_eof(connection_t *conn)
return -1;
}
if (status_code != 200) {
warn(LD_DIR,"Received http status code %d (\"%s\") from server '%s:%d'. I'll try again soon.",
warn(LD_DIR,"Received http status code %d (\"%s\") from server "
"'%s:%d'. I'll try again soon.",
status_code, reason, conn->address, conn->port);
tor_free(body); tor_free(headers); tor_free(reason);
return -1;
}
if (router_parse_directory(body) < 0) {
notice(LD_DIR,"I failed to parse the directory I fetched from '%s:%d'. Ignoring.", conn->address, conn->port);
notice(LD_DIR,"I failed to parse the directory I fetched from "
"'%s:%d'. Ignoring.", conn->address, conn->port);
}
}
@ -932,13 +942,15 @@ connection_dir_client_reached_eof(connection_t *conn)
/* just update our list of running routers, if this list is new info */
info(LD_DIR,"Received running-routers list (size %d)", (int)body_len);
if (status_code != 200) {
warn(LD_DIR,"Received http status code %d (\"%s\") from server '%s:%d'. I'll try again soon.",
warn(LD_DIR,"Received http status code %d (\"%s\") from server "
"'%s:%d'. I'll try again soon.",
status_code, reason, conn->address, conn->port);
tor_free(body); tor_free(headers); tor_free(reason);
return -1;
}
if (router_parse_runningrouters(body)<0) {
warn(LD_DIR,"Bad running-routers from server '%s:%d'. I'll try again soon.",
warn(LD_DIR,"Bad running-routers from server '%s:%d'. I'll try again "
"soon.",
conn->address, conn->port);
tor_free(body); tor_free(headers); tor_free(reason);
return -1;
@ -948,9 +960,11 @@ connection_dir_client_reached_eof(connection_t *conn)
if (conn->purpose == DIR_PURPOSE_FETCH_NETWORKSTATUS) {
smartlist_t *which = NULL;
char *cp;
info(LD_DIR,"Received networkstatus objects (size %d) from server '%s:%d'",(int) body_len, conn->address, conn->port);
info(LD_DIR,"Received networkstatus objects (size %d) from server "
"'%s:%d'",(int) body_len, conn->address, conn->port);
if (status_code != 200) {
warn(LD_DIR,"Received http status code %d (\"%s\") from server '%s:%d' while fetching \"/tor/status/%s\". I'll try again soon.",
warn(LD_DIR,"Received http status code %d (\"%s\") from server "
"'%s:%d' while fetching \"/tor/status/%s\". I'll try again soon.",
status_code, reason, conn->address, conn->port,
conn->requested_resource);
tor_free(body); tor_free(headers); tor_free(reason);
@ -1007,7 +1021,8 @@ connection_dir_client_reached_eof(connection_t *conn)
/* 404 means that it didn't have them; no big deal.
* Older (pre-0.1.1.8) servers said 400 Servers unavailable instead. */
log_fn(no_warn ? LOG_INFO : LOG_WARN, LD_DIR,
"Received http status code %d (\"%s\") from server '%s:%d' while fetching \"/tor/server/%s\". I'll try again soon.",
"Received http status code %d (\"%s\") from server '%s:%d' "
"while fetching \"/tor/server/%s\". I'll try again soon.",
status_code, reason, conn->address, conn->port,
conn->requested_resource);
if (!which) {
@ -1056,10 +1071,13 @@ connection_dir_client_reached_eof(connection_t *conn)
if (conn->purpose == DIR_PURPOSE_UPLOAD_DIR) {
switch (status_code) {
case 200:
info(LD_GENERAL,"eof (status 200) after uploading server descriptor: finished.");
info(LD_GENERAL,"eof (status 200) after uploading server "
"descriptor: finished.");
break;
case 400:
warn(LD_GENERAL,"http status 400 (\"%s\") response from dirserver '%s:%d'. Please correct.", reason, conn->address, conn->port);
warn(LD_GENERAL,"http status 400 (\"%s\") response from "
"dirserver '%s:%d'. Please correct.",
reason, conn->address, conn->port);
break;
case 403:
warn(LD_GENERAL,"http status 403 (\"%s\") response from dirserver "
@ -1069,7 +1087,8 @@ connection_dir_client_reached_eof(connection_t *conn)
"tor-doc-server.html", reason, conn->address, conn->port);
break;
default:
warn(LD_GENERAL,"http status %d (\"%s\") reason unexpected (server '%s:%d').",
warn(LD_GENERAL,"http status %d (\"%s\") reason unexpected (server "
"'%s:%d').",
status_code, reason, conn->address, conn->port);
break;
}
@ -1078,7 +1097,8 @@ connection_dir_client_reached_eof(connection_t *conn)
}
if (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC) {
info(LD_REND,"Received rendezvous descriptor (size %d, status %d (\"%s\"))",
info(LD_REND,"Received rendezvous descriptor (size %d, status %d "
"(\"%s\"))",
(int)body_len, status_code, reason);
switch (status_code) {
case 200:
@ -1097,10 +1117,12 @@ connection_dir_client_reached_eof(connection_t *conn)
* connection_mark_for_close cleans it up. */
break;
case 400:
warn(LD_REND,"http status 400 (\"%s\"). Dirserver didn't like our rendezvous query?", reason);
warn(LD_REND,"http status 400 (\"%s\"). Dirserver didn't like our "
"rendezvous query?", reason);
break;
default:
warn(LD_REND,"http status %d (\"%s\") response unexpected (server '%s:%d').",
warn(LD_REND,"http status %d (\"%s\") response unexpected (server "
"'%s:%d').",
status_code, reason, conn->address, conn->port);
break;
}
@ -1109,14 +1131,17 @@ connection_dir_client_reached_eof(connection_t *conn)
if (conn->purpose == DIR_PURPOSE_UPLOAD_RENDDESC) {
switch (status_code) {
case 200:
info(LD_REND,"Uploading rendezvous descriptor: finished with status 200 (\"%s\")", reason);
info(LD_REND,"Uploading rendezvous descriptor: finished with status "
"200 (\"%s\")", reason);
break;
case 400:
warn(LD_REND,"http status 400 (\"%s\") response from dirserver '%s:%d'. Malformed rendezvous descriptor?",
warn(LD_REND,"http status 400 (\"%s\") response from dirserver "
"'%s:%d'. Malformed rendezvous descriptor?",
reason, conn->address, conn->port);
break;
default:
warn(LD_REND,"http status %d (\"%s\") response unexpected (server '%s:%d').",
warn(LD_REND,"http status %d (\"%s\") response unexpected (server "
"'%s:%d').",
status_code, reason, conn->address, conn->port);
break;
}
@ -1137,11 +1162,11 @@ connection_dir_reached_eof(connection_t *conn)
if (conn->purpose == DIR_PURPOSE_FETCH_SERVERDESC &&
buf_datalen(conn->inbuf)>=(24*1024)) {
notice(LD_DIR,
"Directory connection closed early after downloading %d bytes "
"of descriptors. If this happens often, please file a bug report.",
"Directory connection closed early after downloading %d bytes of "
"descriptors. If this happens often, please file a bug report.",
(int)buf_datalen(conn->inbuf));
}
connection_close_immediate(conn); /* it was an error; give up on flushing */
connection_close_immediate(conn); /* error: give up on flushing */
connection_mark_for_close(conn);
return -1;
}
@ -1247,14 +1272,15 @@ directory_handle_command_get(connection_t *conn, char *headers,
}
debug(LD_DIRSERV,"rewritten url as '%s'.", url);
if (!strcmp(url,"/tor/") || !strcmp(url,"/tor/dir.z")) { /* directory fetch */
if (!strcmp(url,"/tor/") || !strcmp(url,"/tor/dir.z")) { /* dir fetch */
int deflated = !strcmp(url,"/tor/dir.z");
dlen = dirserv_get_directory(&cp, deflated);
tor_free(url);
if (dlen == 0) {
notice(LD_DIRSERV,"Client asked for the mirrored directory, but we don't have a good one yet. Sending 503 Dir not available.");
notice(LD_DIRSERV,"Client asked for the mirrored directory, but we "
"don't have a good one yet. Sending 503 Dir not available.");
write_http_status_line(conn, 503, "Directory unavailable");
/* try to get a new one now */
if (!already_fetching_directory(DIR_PURPOSE_FETCH_DIR))
@ -1423,7 +1449,8 @@ directory_handle_command_get(connection_t *conn, char *headers,
* if we're gone to the site recently, and 404 if we haven't.
*
* Reject. */
write_http_status_line(conn, 400, "Nonauthoritative directory does not not store rendezvous descriptors");
write_http_status_line(conn, 400, "Nonauthoritative directory does not "
"store rendezvous descriptors");
tor_free(url);
return 0;
}
@ -1476,7 +1503,8 @@ directory_handle_command_post(connection_t *conn, char *headers,
if (!authdir_mode(get_options())) {
/* we just provide cached directories; we don't want to
* receive anything. */
write_http_status_line(conn, 400, "Nonauthoritative directory does not accept posted server descriptors");
write_http_status_line(conn, 400, "Nonauthoritative directory does not "
"accept posted server descriptors");
return 0;
}
@ -1563,7 +1591,8 @@ directory_handle_command(connection_t *conn)
else if (!strncasecmp(headers,"POST",4))
r = directory_handle_command_post(conn, headers, body, body_len);
else {
warn(LD_PROTOCOL,"Got headers '%s' with unknown command. Closing.", headers);
warn(LD_PROTOCOL,"Got headers '%s' with unknown command. Closing.",
headers);
r = -1;
}

64
src/or/dirserv.c
View File

@ -2,7 +2,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char dirserv_c_id[] = "$Id$";
const char dirserv_c_id[] =
"$Id$";
#include "or.h"
@ -35,7 +36,8 @@ static void directory_remove_invalid(void);
static int dirserv_regenerate_directory(void);
static char *format_versions_list(config_line_t *ln);
/* Should be static; exposed for testing */
int add_fingerprint_to_dir(const char *nickname, const char *fp, smartlist_t *list);
int add_fingerprint_to_dir(const char *nickname, const char *fp,
smartlist_t *list);
static int router_is_general_exit(routerinfo_t *ri);
static router_status_t dirserv_router_get_status(const routerinfo_t *router,
const char **msg);
@ -92,7 +94,8 @@ typedef struct fingerprint_entry_t {
* always be rejected); or the string "!invalid" (if this
* fingerprint should be accepted but never marked as
* valid. */
char *fingerprint; /**< Stored as HEX_DIGEST_LEN characters, followed by a NUL */
char *fingerprint; /**< Stored as HEX_DIGEST_LEN characters, followed by a
* NUL */
} fingerprint_entry_t;
/** List of nickname-\>identity fingerprint mappings for all the routers
@ -208,7 +211,8 @@ dirserv_parse_fingerprint_file(const char *fname)
DEFAULT_CLIENT_NICKNAME);
continue;
}
if (add_fingerprint_to_dir(nickname, fingerprint, fingerprint_list_new) != 0)
if (add_fingerprint_to_dir(nickname, fingerprint, fingerprint_list_new)
!= 0)
notice(LD_CONFIG, "Duplicate nickname '%s'.", nickname);
}
@ -280,7 +284,8 @@ dirserv_get_status_impl(const char *fp, const char *nickname,
fingerprint_list = smartlist_create();
if (should_log)
debug(LD_DIRSERV, "%d fingerprints known.", smartlist_len(fingerprint_list));
debug(LD_DIRSERV, "%d fingerprints known.",
smartlist_len(fingerprint_list));
SMARTLIST_FOREACH(fingerprint_list, fingerprint_entry_t *, ent,
{
if (!strcasecmp(fp,ent->fingerprint))
@ -342,7 +347,8 @@ dirserv_get_status_impl(const char *fp, const char *nickname,
contact ? contact : "",
platform ? platform : "");
if (msg)
*msg = "Rejected: There is already a verified server with this nickname and a different fingerprint.";
*msg = "Rejected: There is already a verified server with this nickname "
"and a different fingerprint.";
return FP_REJECT; /* Wrong fingerprint. */
}
}
@ -435,21 +441,25 @@ authdir_wants_to_reject_router(routerinfo_t *ri,
ri->nickname, (int)((ri->cache_info.published_on-now)/60),
ri->contact_info ? ri->contact_info : "",
ri->platform ? ri->platform : "");
*msg = "Rejected: Your clock is set too far in the future, or your timezone is not correct.";
*msg = "Rejected: Your clock is set too far in the future, or your "
"timezone is not correct.";
return -1;
}
if (ri->cache_info.published_on < now-ROUTER_MAX_AGE) {
notice(LD_DIRSERV,
"Publication time for router with nickname '%s' is too far "
"(%d minutes) in the past. Not adding (ContactInfo '%s', platform '%s').",
"(%d minutes) in the past. Not adding (ContactInfo '%s', "
"platform '%s').",
ri->nickname, (int)((now-ri->cache_info.published_on)/60),
ri->contact_info ? ri->contact_info : "",
ri->platform ? ri->platform : "");
*msg = "Rejected: Server is expired, or your clock is too far in the past, or your timezone is not correct.";
*msg = "Rejected: Server is expired, or your clock is too far in the past,"
" or your timezone is not correct.";
return -1;
}
if (dirserv_router_has_valid_address(ri) < 0) {
notice(LD_DIRSERV, "Router with nickname '%s' has invalid address '%s'. Not adding (ContactInfo '%s', platform '%s').",
notice(LD_DIRSERV, "Router with nickname '%s' has invalid address '%s'. "
"Not adding (ContactInfo '%s', platform '%s').",
ri->nickname, ri->address,
ri->contact_info ? ri->contact_info : "",
ri->platform ? ri->platform : "");
@ -510,7 +520,8 @@ dirserv_add_descriptor(const char *desc, const char **msg)
info(LD_DIRSERV,
"Not replacing descriptor from '%s'; differences are cosmetic.",
ri->nickname);
*msg = "Not replacing router descriptor; no information has changed since the last one with this identity.";
*msg = "Not replacing router descriptor; no information has changed since "
"the last one with this identity.";
routerinfo_free(ri);
control_event_or_authdir_new_descriptor("DROPPED", desc, *msg);
return 0;
@ -678,7 +689,8 @@ dirserv_thinks_router_is_reachable(routerinfo_t *router, time_t now)
connection_t *conn;
if (router_is_me(router) && !we_are_hibernating())
return 1;
conn = connection_or_get_by_identity_digest(router->cache_info.identity_digest);
conn = connection_or_get_by_identity_digest(
router->cache_info.identity_digest);
if (conn && conn->state == OR_CONN_STATE_OPEN)
return get_options()->AssumeReachable ||
now < router->last_reachable + REACHABLE_TIMEOUT;
@ -689,12 +701,14 @@ dirserv_thinks_router_is_reachable(routerinfo_t *router, time_t now)
* <b>router</b>'s reachability and its operator should be notified.
*/
int
dirserv_thinks_router_is_blatantly_unreachable(routerinfo_t *router, time_t now)
dirserv_thinks_router_is_blatantly_unreachable(routerinfo_t *router,
time_t now)
{
connection_t *conn;
if (router->is_hibernating)
return 0;
conn = connection_or_get_by_identity_digest(router->cache_info.identity_digest);
conn = connection_or_get_by_identity_digest(
router->cache_info.identity_digest);
if (conn && conn->state == OR_CONN_STATE_OPEN &&
now >= router->last_reachable + 2*REACHABLE_TIMEOUT &&
router->testing_since &&
@ -755,8 +769,8 @@ _compare_tor_version_str_ptr(const void **_a, const void **_b)
return -1;
if (ca && !cb)
return 1;
/* If neither parses, compare strings. Also, the directory server admin needs
** to be smacked upside the head. But Tor is tolerant and gentle. */
/* If neither parses, compare strings. Also, the directory server admin
** needs to be smacked upside the head. But Tor is tolerant and gentle. */
return strcmp(a,b);
}
@ -815,7 +829,8 @@ dirserv_dump_directory_to_string(char **dir_out,
return -1;
}
recommended_versions = format_versions_list(get_options()->RecommendedVersions);
recommended_versions =
format_versions_list(get_options()->RecommendedVersions);
published_on = time(NULL);
format_iso_time(published, published_on);
@ -1132,7 +1147,8 @@ generate_runningrouters(void)
"router-status %s\n"
"dir-signing-key\n%s"
"directory-signature %s\n",
published, router_status, identity_pkey, get_options()->Nickname);
published, router_status, identity_pkey,
get_options()->Nickname);
tor_free(router_status);
tor_free(identity_pkey);
if (router_get_runningrouters_hash(s,digest)) {
@ -1264,7 +1280,8 @@ generate_v2_networkstatus(void)
if (!contact)
contact = "(none)";
len = 2048+strlen(client_versions)+strlen(server_versions)+identity_pkey_len*2;
len = 2048+strlen(client_versions)+strlen(server_versions);
len += identity_pkey_len*2;
len += (RS_ENTRY_LEN)*smartlist_len(rl->routers);
status = tor_malloc(len);
@ -1431,7 +1448,8 @@ dirserv_get_networkstatus_v2(smartlist_t *result,
} else {
char hexbuf[HEX_DIGEST_LEN+1];
base16_encode(hexbuf, sizeof(hexbuf), cp, DIGEST_LEN);
info(LD_DIRSERV, "Don't know about any network status with fingerprint '%s'", hexbuf);
info(LD_DIRSERV, "Don't know about any network status with "
"fingerprint '%s'", hexbuf);
}
tor_free(cp);
});
@ -1542,12 +1560,14 @@ dirserv_orconn_tls_done(const char *address,
if (!ri->is_verified) {
/* We have a router at the same address! */
if (strcasecmp(ri->nickname, nickname_rcvd)) {
notice(LD_DIRSERV, "Dropping descriptor: nickname '%s' does not match nickname '%s' in cert from %s:%d",
notice(LD_DIRSERV, "Dropping descriptor: nickname '%s' does not match "
"nickname '%s' in cert from %s:%d",
ri->nickname, nickname_rcvd, address, or_port);
drop = 1;
} else if (memcmp(ri->cache_info.identity_digest, digest_rcvd,
DIGEST_LEN)) {
notice(LD_DIRSERV, "Dropping descriptor: identity key does not match key in cert from %s:%d",
notice(LD_DIRSERV, "Dropping descriptor: identity key does not match "
"key in cert from %s:%d",
address, or_port);
drop = 1;
}

90
src/or/dns.c
View File

@ -2,7 +2,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char dns_c_id[] = "$Id$";
const char dns_c_id[] =
"$Id$";
/**
* \file dns.c
@ -12,7 +13,8 @@ const char dns_c_id[] = "$Id$";
* good, ubiquitous asynchronous DNS implementation.]
**/
/* See http://elvin.dstc.com/ListArchive/elvin-dev/archive/2001/09/msg00027.html
/* See
* http://elvin.dstc.com/ListArchive/elvin-dev/archive/2001/09/msg00027.html
* for some approaches to asynchronous dns. We will want to switch once one of
* them becomes more commonly available.
*/
@ -58,7 +60,8 @@ typedef struct cached_resolve_t {
HT_ENTRY(cached_resolve_t) node;
char address[MAX_ADDRESSLEN]; /**< The hostname to be resolved. */
uint32_t addr; /**< IPv4 addr for <b>address</b>. */
char state; /**< 0 is pending; 1 means answer is valid; 2 means resolve failed. */
char state; /**< 0 is pending; 1 means answer is valid; 2 means resolve
* failed. */
#define CACHE_STATE_PENDING 0
#define CACHE_STATE_VALID 1
#define CACHE_STATE_FAILED 2
@ -160,7 +163,8 @@ purge_expired_resolves(uint32_t now)
debug(LD_EXIT,"Forgetting old cached resolve (address %s, expires %lu)",
safe_str(resolve->address), (unsigned long)resolve->expire);
if (resolve->state == CACHE_STATE_PENDING) {
debug(LD_EXIT,"Bug: Expiring a dns resolve ('%s') that's still pending. Forgot to cull it?", safe_str(resolve->address));
debug(LD_EXIT,"Bug: Expiring a dns resolve ('%s') that's still pending."
" Forgot to cull it?", safe_str(resolve->address));
tor_fragile_assert();
}
if (resolve->pending_connections) {
@ -181,7 +185,8 @@ purge_expired_resolves(uint32_t now)
}
oldest_cached_resolve = resolve->next;
if (!oldest_cached_resolve) /* if there are no more, */
newest_cached_resolve = NULL; /* then make sure the list's tail knows that too */
newest_cached_resolve = NULL; /* then make sure the list's tail knows
* that too */
HT_REMOVE(cache_map, &cache_root, resolve);
tor_free(resolve);
}
@ -291,7 +296,8 @@ dns_resolve(connection_t *exitconn)
pending_connection->conn = exitconn;
pending_connection->next = resolve->pending_connections;
resolve->pending_connections = pending_connection;
debug(LD_EXIT,"Connection (fd %d) waiting for pending DNS resolve of '%s'",
debug(LD_EXIT,"Connection (fd %d) waiting for pending DNS "
"resolve of '%s'",
exitconn->s, safe_str(exitconn->address));
exitconn->state = EXIT_CONN_STATE_RESOLVING;
return 0;
@ -349,7 +355,8 @@ assign_to_dnsworker(connection_t *exitconn)
goto err;
}
dnsconn = connection_get_by_type_state(CONN_TYPE_DNSWORKER, DNSWORKER_STATE_IDLE);
dnsconn = connection_get_by_type_state(CONN_TYPE_DNSWORKER,
DNSWORKER_STATE_IDLE);
if (!dnsconn) {
warn(LD_EXIT,"no idle dns workers. Failing.");
@ -374,7 +381,7 @@ assign_to_dnsworker(connection_t *exitconn)
return 0;
err:
dns_cancel_pending_resolve(exitconn->address); /* also sends end and frees! */
dns_cancel_pending_resolve(exitconn->address); /* also sends end and frees */
return -1;
}
@ -395,7 +402,8 @@ connection_dns_remove(connection_t *conn)
resolve = HT_FIND(cache_map, &cache_root, &search);
if (!resolve) {
/* XXXX RD This *is* a bug, right? -NM */
notice(LD_BUG,"Address '%s' is not pending. Dropping.", safe_str(conn->address));
notice(LD_BUG, "Address '%s' is not pending. Dropping.",
safe_str(conn->address));
return;
}
@ -407,7 +415,8 @@ connection_dns_remove(connection_t *conn)
if (pend->conn == conn) {
resolve->pending_connections = pend->next;
tor_free(pend);
debug(LD_EXIT, "First connection (fd %d) no longer waiting for resolve of '%s'",
debug(LD_EXIT, "First connection (fd %d) no longer waiting for resolve "
"of '%s'",
conn->s, safe_str(conn->address));
return;
} else {
@ -416,7 +425,8 @@ connection_dns_remove(connection_t *conn)
victim = pend->next;
pend->next = victim->next;
tor_free(victim);
debug(LD_EXIT, "Connection (fd %d) no longer waiting for resolve of '%s'",
debug(LD_EXIT, "Connection (fd %d) no longer waiting for resolve "
"of '%s'",
conn->s, safe_str(conn->address));
return; /* more are pending */
}
@ -529,8 +539,10 @@ dns_purge_resolve(cached_resolve_t *resolve)
newest_cached_resolve = NULL;
} else {
/* FFFF make it a doubly linked list if this becomes too slow */
for (tmp=oldest_cached_resolve; tmp && tmp->next != resolve; tmp=tmp->next) ;
tor_assert(tmp); /* it's got to be in the list, or we screwed up somewhere else */
for (tmp=oldest_cached_resolve; tmp && tmp->next != resolve; tmp=tmp->next)
;
tor_assert(tmp); /* it's got to be in the list, or we screwed up somewhere
* else */
tmp->next = resolve->next; /* unlink it */
if (newest_cached_resolve == resolve)
@ -605,7 +617,8 @@ dns_found_answer(char *address, uint32_t addr, char outcome)
/* prevent double-remove. */
pendconn->state = EXIT_CONN_STATE_RESOLVEFAILED;
if (pendconn->purpose == EXIT_PURPOSE_CONNECT) {
connection_edge_end(pendconn, END_STREAM_REASON_RESOLVEFAILED, pendconn->cpath_layer);
connection_edge_end(pendconn, END_STREAM_REASON_RESOLVEFAILED,
pendconn->cpath_layer);
/* This detach must happen after we send the end cell. */
circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn);
} else {
@ -694,7 +707,8 @@ connection_dns_process_inbuf(connection_t *conn)
tor_assert(conn->type == CONN_TYPE_DNSWORKER);
if (conn->state != DNSWORKER_STATE_BUSY && buf_datalen(conn->inbuf)) {
warn(LD_BUG,"Bug: read data (%d bytes) from an idle dns worker (fd %d, address '%s'). Please report.",
warn(LD_BUG,"Bug: read data (%d bytes) from an idle dns worker (fd %d, "
"address '%s'). Please report.",
(int)buf_datalen(conn->inbuf), conn->s, safe_str(conn->address));
tor_fragile_assert();
@ -781,11 +795,13 @@ dnsworker_main(void *data)
int fd;
int result;
/* log_fn(LOG_NOTICE,"After spawn: fdarray @%d has %d:%d", (int)fdarray, fdarray[0],fdarray[1]); */
/* log_fn(LOG_NOTICE,"After spawn: fdarray @%d has %d:%d", (int)fdarray,
* fdarray[0],fdarray[1]); */
fd = fdarray[1]; /* this side is ours */
#ifndef TOR_IS_MULTITHREADED
tor_close_socket(fdarray[0]); /* this is the side of the socketpair the parent uses */
tor_close_socket(fdarray[0]); /* this is the side of the socketpair the
* parent uses */
tor_free_all(1); /* so the child doesn't hold the parent's fd's open */
handle_signals(0); /* ignore interrupts from the keyboard, etc */
#endif
@ -796,10 +812,13 @@ dnsworker_main(void *data)
if ((r = recv(fd, &address_len, 1, 0)) != 1) {
if (r == 0) {
info(LD_EXIT,"DNS worker exiting because Tor process closed connection (either pruned idle dnsworker or died).");
info(LD_EXIT,"DNS worker exiting because Tor process closed "
"connection (either pruned idle dnsworker or died).");
} else {
info(LD_EXIT,"DNS worker exiting because of error on connection to Tor process.");
info(LD_EXIT,"(Error on %d was %s)", fd, tor_socket_strerror(tor_socket_errno(fd)));
info(LD_EXIT,"DNS worker exiting because of error on connection "
"to Tor process.");
info(LD_EXIT,"(Error on %d was %s)", fd,
tor_socket_strerror(tor_socket_errno(fd)));
}
tor_close_socket(fd);
crypto_thread_cleanup();
@ -821,11 +840,13 @@ dnsworker_main(void *data)
switch (result) {
case 1:
/* XXX result can never be 1, because we set it to -1 above on error */
info(LD_NET,"Could not resolve dest addr %s (transient).",safe_str(address));
info(LD_NET,"Could not resolve dest addr %s (transient).",
safe_str(address));
answer[0] = DNS_RESOLVE_FAILED_TRANSIENT;
break;
case -1:
info(LD_NET,"Could not resolve dest addr %s (permanent).",safe_str(address));
info(LD_NET,"Could not resolve dest addr %s (permanent).",
safe_str(address));
answer[0] = DNS_RESOLVE_FAILED_PERMANENT;
break;
case 0:
@ -856,18 +877,21 @@ spawn_dnsworker(void)
fdarray = tor_malloc(sizeof(int)*2);
if ((err = tor_socketpair(AF_UNIX, SOCK_STREAM, 0, fdarray)) < 0) {
warn(LD_NET, "Couldn't construct socketpair: %s", tor_socket_strerror(-err));
warn(LD_NET, "Couldn't construct socketpair: %s",
tor_socket_strerror(-err));
tor_free(fdarray);
return -1;
}
/* log_fn(LOG_NOTICE,"Before spawn: fdarray @%d has %d:%d", (int)fdarray, fdarray[0],fdarray[1]); */
/* log_fn(LOG_NOTICE,"Before spawn: fdarray @%d has %d:%d",
(int)fdarray, fdarray[0],fdarray[1]); */
fd = fdarray[0]; /* We copy this out here, since dnsworker_main may free fdarray */
fd = fdarray[0]; /* We copy this out here, since dnsworker_main may free
* fdarray */
spawn_func(dnsworker_main, (void*)fdarray);
debug(LD_EXIT,"just spawned a worker.");
#ifndef TOR_IS_MULTITHREADED
tor_close_socket(fdarray[1]); /* we don't need the worker's side of the pipe */
tor_close_socket(fdarray[1]); /* don't need the worker's side of the pipe */
tor_free(fdarray);
#endif
@ -903,12 +927,13 @@ spawn_enough_dnsworkers(void)
connection_t *dnsconn;
/* XXX This may not be the best strategy. Maybe we should queue pending
* requests until the old ones finish or time out: otherwise, if
* the connection requests come fast enough, we never get any DNS done. -NM
* requests until the old ones finish or time out: otherwise, if the
* connection requests come fast enough, we never get any DNS done. -NM
*
* XXX But if we queue them, then the adversary can pile even more
* queries onto us, blocking legitimate requests for even longer.
* Maybe we should compromise and only kill if it's been at it for
* more than, e.g., 2 seconds. -RD
* queries onto us, blocking legitimate requests for even longer. Maybe
* we should compromise and only kill if it's been at it for more than,
* e.g., 2 seconds. -RD
*/
if (num_dnsworkers_busy == MAX_DNSWORKERS) {
/* We always want at least one worker idle.
@ -944,7 +969,8 @@ spawn_enough_dnsworkers(void)
/* cull excess workers */
info(LD_EXIT,"%d of %d dnsworkers are idle. Killing one.",
num_dnsworkers-num_dnsworkers_busy, num_dnsworkers);
dnsconn = connection_get_by_type_state(CONN_TYPE_DNSWORKER, DNSWORKER_STATE_IDLE);
dnsconn = connection_get_by_type_state(CONN_TYPE_DNSWORKER,
DNSWORKER_STATE_IDLE);
tor_assert(dnsconn);
connection_mark_for_close(dnsconn);
num_dnsworkers--;

21
src/or/hibernate.c
View File

@ -1,7 +1,8 @@
/* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char hibernate_c_id[] = "$Id$";
const char hibernate_c_id[] =
"$Id$";
/**
* \file hibernate.c
@ -139,7 +140,8 @@ accounting_parse_options(or_options_t *options, int validate_only)
} else if (0==strcasecmp(s, "day")) {
unit = UNIT_DAY;
} else {
warn(LD_CONFIG, "Unrecognized accounting unit '%s': only 'month', 'week', and 'day' are supported.", s);
warn(LD_CONFIG, "Unrecognized accounting unit '%s': only 'month', 'week',"
" and 'day' are supported.", s);
goto err;
}
@ -147,14 +149,16 @@ accounting_parse_options(or_options_t *options, int validate_only)
case UNIT_WEEK:
d = tor_parse_long(smartlist_get(items,1), 10, 1, 7, &ok, NULL);
if (!ok) {
warn(LD_CONFIG, "Weekly accounting must start begin on a day between 1(Monday) and 7 (Sunday)");
warn(LD_CONFIG, "Weekly accounting must begin on a day between "
"1 (Monday) and 7 (Sunday)");
goto err;
}
break;
case UNIT_MONTH:
d = tor_parse_long(smartlist_get(items,1), 10, 1, 28, &ok, NULL);
if (!ok) {
warn(LD_CONFIG, "Monthly accounting must start begin on a day between 1 and 28");
warn(LD_CONFIG, "Monthly accounting must begin on a day between "
"1 and 28");
goto err;
}
break;
@ -689,7 +693,8 @@ hibernate_begin(int new_state, time_t now)
/* XXX upload rendezvous service descriptors with no intro points */
if (new_state == HIBERNATE_STATE_EXITING) {
notice(LD_GENERAL,"Interrupt: will shut down in %d seconds. Interrupt again to exit now.", options->ShutdownWaitLength);
notice(LD_GENERAL,"Interrupt: will shut down in %d seconds. Interrupt "
"again to exit now.", options->ShutdownWaitLength);
hibernate_end_time = time(NULL) + options->ShutdownWaitLength;
} else { /* soft limit reached */
hibernate_end_time = interval_end_time;
@ -784,10 +789,12 @@ hibernate_end_time_elapsed(time_t now)
format_iso_time(buf,interval_wakeup_time);
if (hibernate_state != HIBERNATE_STATE_DORMANT) {
/* We weren't sleeping before; we should sleep now. */
notice(LD_ACCT, "Accounting period ended. Commencing hibernation until %s GMT",buf);
notice(LD_ACCT, "Accounting period ended. Commencing hibernation until "
"%s GMT",buf);
hibernate_go_dormant(now);
} else {
notice(LD_ACCT, "Accounting period ended. This period, we will hibernate until %s GMT",buf);
notice(LD_ACCT, "Accounting period ended. This period, we will hibernate"
" until %s GMT",buf);
}
}
}

157
src/or/main.c
View File

@ -74,7 +74,8 @@ int has_completed_circuit=0;
#include <tchar.h>
#define GENSRV_SERVICENAME TEXT("tor")
#define GENSRV_DISPLAYNAME TEXT("Tor Win32 Service")
#define GENSRV_DESCRIPTION TEXT("Provides an anonymous Internet communication system")
#define GENSRV_DESCRIPTION \
TEXT("Provides an anonymous Internet communication system")
// Cheating: using the pre-defined error codes, tricks Windows into displaying
// a semi-related human-readable error message if startup fails as
@ -121,7 +122,8 @@ connection_add(connection_t *conn)
tor_assert(conn->s >= 0);
if (nfds >= get_options()->_ConnLimit-1) {
warn(LD_NET,"Failing because we have %d connections already. Please raise your ulimit -n.", nfds);
warn(LD_NET,"Failing because we have %d connections already. Please "
"raise your ulimit -n.", nfds);
return -1;
}
@ -197,7 +199,8 @@ connection_unlink(connection_t *conn, int remove)
if (conn->type == CONN_TYPE_EXIT) {
assert_connection_edge_not_dns_pending(conn);
}
if (conn->type == CONN_TYPE_OR && !tor_digest_is_zero(conn->identity_digest)) {
if (conn->type == CONN_TYPE_OR &&
!tor_digest_is_zero(conn->identity_digest)) {
connection_or_remove_from_identity_map(conn);
}
connection_free(conn);
@ -263,7 +266,8 @@ connection_watch_events(connection_t *conn, short events)
if (r<0)
warn(LD_NET,
"Error from libevent setting read event state for %d to %swatched: %s",
"Error from libevent setting read event state for %d to "
"%swatched: %s",
conn->s, (events & EV_READ)?"":"un",
tor_socket_strerror(tor_socket_errno(conn->s)));
@ -275,7 +279,8 @@ connection_watch_events(connection_t *conn, short events)
if (r<0)
warn(LD_NET,
"Error from libevent setting read event state for %d to %swatched: %s",
"Error from libevent setting read event state for %d to "
"%swatched: %s",
conn->s, (events & EV_WRITE)?"":"un",
tor_socket_strerror(tor_socket_errno(conn->s)));
}
@ -298,7 +303,8 @@ connection_stop_reading(connection_t *conn)
debug(LD_NET,"connection_stop_reading() called.");
if (event_del(conn->read_event))
warn(LD_NET, "Error from libevent setting read event state for %d to unwatched.",
warn(LD_NET, "Error from libevent setting read event state for %d "
"to unwatched.",
conn->s);
}
@ -310,7 +316,8 @@ connection_start_reading(connection_t *conn)
tor_assert(conn->read_event);
if (event_add(conn->read_event, NULL))
warn(LD_NET, "Error from libevent setting read event state for %d to watched.",
warn(LD_NET, "Error from libevent setting read event state for %d "
"to watched.",
conn->s);
}
@ -331,7 +338,8 @@ connection_stop_writing(connection_t *conn)
tor_assert(conn->write_event);
if (event_del(conn->write_event))
warn(LD_NET, "Error from libevent setting write event state for %d to unwatched.",
warn(LD_NET, "Error from libevent setting write event state for %d "
"to unwatched.",
conn->s);
}
@ -344,7 +352,8 @@ connection_start_writing(connection_t *conn)
tor_assert(conn->write_event);
if (event_add(conn->write_event, NULL))
warn(LD_NET, "Error from libevent setting write event state for %d to watched.",
warn(LD_NET, "Error from libevent setting write event state for %d "
"to watched.",
conn->s);
}
@ -378,7 +387,8 @@ conn_read_callback(int fd, short event, void *_conn)
if (connection_handle_read(conn) < 0) {
if (!conn->marked_for_close) {
#ifndef MS_WINDOWS
warn(LD_BUG,"Bug: unhandled error on read for %s connection (fd %d); removing",
warn(LD_BUG,"Bug: unhandled error on read for %s connection "
"(fd %d); removing",
conn_type_to_string(conn->type), conn->s);
tor_fragile_assert();
#endif
@ -407,8 +417,9 @@ conn_write_callback(int fd, short events, void *_conn)
if (connection_handle_write(conn) < 0) {
if (!conn->marked_for_close) {
/* this connection is broken. remove it. */
log_fn(LOG_WARN,LD_BUG,"Bug: unhandled error on write for %s connection (fd %d); removing",
conn_type_to_string(conn->type), conn->s);
log_fn(LOG_WARN,LD_BUG,
"Bug: unhandled error on write for %s connection (fd %d); removing",
conn_type_to_string(conn->type), conn->s);
tor_fragile_assert();
conn->has_sent_end = 1; /* otherwise we cry wolf about duplicate close */
/* XXX do we need a close-immediate here, so we don't try to flush? */
@ -450,12 +461,14 @@ conn_close_if_marked(int i)
info(LD_NET,
"Conn (addr %s, fd %d, type %s, state %d) marked, but wants "
"to flush %d bytes. (Marked at %s:%d)",
conn->address, conn->s, conn_type_to_string(conn->type), conn->state,
conn->address, conn->s, conn_type_to_string(conn->type),
conn->state,
(int)conn->outbuf_flushlen,
conn->marked_for_close_file, conn->marked_for_close);
if (connection_speaks_cells(conn)) {
if (conn->state == OR_CONN_STATE_OPEN) {
retval = flush_buf_tls(conn->tls, conn->outbuf, sz, &conn->outbuf_flushlen);
retval = flush_buf_tls(conn->tls, conn->outbuf, sz,
&conn->outbuf_flushlen);
} else
retval = -1; /* never flush non-open broken tls connections */
} else {
@ -464,8 +477,9 @@ conn_close_if_marked(int i)
if (retval >= 0 && /* Technically, we could survive things like
TLS_WANT_WRITE here. But don't bother for now. */
conn->hold_open_until_flushed && connection_wants_to_flush(conn)) {
LOG_FN_CONN(conn,
(LOG_INFO,LD_NET,"Holding conn (fd %d) open for more flushing.",conn->s));
LOG_FN_CONN(conn, (LOG_INFO,LD_NET,
"Holding conn (fd %d) open for more flushing.",
conn->s));
/* XXX should we reset timestamp_lastwritten here? */
return 0;
}
@ -554,12 +568,15 @@ directory_info_has_arrived(time_t now, int from_cache)
or_options_t *options = get_options();
if (!router_have_minimum_dir_info()) {
log(LOG_NOTICE, LD_DIR, "I learned some more directory information, but not enough to build a circuit.");
log(LOG_NOTICE, LD_DIR,
"I learned some more directory information, but not enough to "
"build a circuit.");
return;
}
if (!has_fetched_directory) {
log(LOG_NOTICE, LD_DIR, "We have enough directory information to build circuits.");
log(LOG_NOTICE, LD_DIR, "We have enough directory information to "
"build circuits.");
}
has_fetched_directory=1;
@ -596,7 +613,8 @@ run_connection_housekeeping(int i, time_t now)
* parsing partial serverdesc responses. */
if (conn->purpose == DIR_PURPOSE_FETCH_SERVERDESC &&
buf_datalen(conn->inbuf)>=1024) {
info(LD_DIR,"Trying to extract information from wedged server desc download.");
info(LD_DIR,"Trying to extract information from wedged server desc "
"download.");
connection_dir_reached_eof(conn);
} else {
connection_mark_for_close(conn);
@ -636,21 +654,25 @@ run_connection_housekeeping(int i, time_t now)
conn->hold_open_until_flushed = 1;
} else if (we_are_hibernating() && conn->n_circuits == 0 &&
!buf_datalen(conn->outbuf)) {
info(LD_OR,"Expiring non-used OR connection to fd %d (%s:%d) [Hibernating or exiting].",
info(LD_OR,"Expiring non-used OR connection to fd %d (%s:%d) "
"[Hibernating or exiting].",
conn->s,conn->address, conn->port);
connection_mark_for_close(conn);
conn->hold_open_until_flushed = 1;
} else if (!clique_mode(options) && conn->n_circuits &&
(!router || !server_mode(options) ||
!router_is_clique_mode(router))) {
info(LD_OR,"Expiring non-used OR connection to fd %d (%s:%d) [Not in clique mode].",
info(LD_OR,"Expiring non-used OR connection to fd %d (%s:%d) "
"[Not in clique mode].",
conn->s,conn->address, conn->port);
connection_mark_for_close(conn);
conn->hold_open_until_flushed = 1;
} else if (
now >= conn->timestamp_lastempty + options->KeepalivePeriod*10 &&
now >= conn->timestamp_lastwritten + options->KeepalivePeriod*10) {
log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,"Expiring stuck OR connection to fd %d (%s:%d). (%d bytes to flush; %d seconds since last write)",
log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,
"Expiring stuck OR connection to fd %d (%s:%d). (%d bytes to "
"flush; %d seconds since last write)",
conn->s, conn->address, conn->port,
(int)buf_datalen(conn->outbuf),
(int)(now-conn->timestamp_lastwritten));
@ -712,7 +734,8 @@ run_scheduled_events(time_t now)
if (time_to_reset_descriptor_failures < now) {
router_reset_descriptor_download_failures();
time_to_reset_descriptor_failures = now + DESCRIPTOR_FAILURE_RESET_INTERVAL;
time_to_reset_descriptor_failures =
now + DESCRIPTOR_FAILURE_RESET_INTERVAL;
}
/** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */
@ -788,7 +811,7 @@ run_scheduled_events(time_t now)
check_descriptor_ipaddress_changed(now);
}
mark_my_descriptor_dirty_if_older_than(
now - FORCE_REGENERATE_DESCRIPTOR_INTERVAL);
now - FORCE_REGENERATE_DESCRIPTOR_INTERVAL);
consider_publishable_server(now, 0);
/* also, check religiously for reachability, if it's within the first
* 20 minutes of our uptime. */
@ -935,7 +958,8 @@ second_elapsed_callback(int fd, short event, void *args)
me->address, me->dir_port);
}
/* if more than 100s have elapsed, probably the clock jumped: doesn't count. */
/* if more than 100s have elapsed, probably the clock jumped: doesn't
* count. */
if (seconds_elapsed < 100)
stats_n_seconds_working += seconds_elapsed;
else
@ -948,7 +972,8 @@ second_elapsed_callback(int fd, short event, void *args)
#if 0
if (current_second % 300 == 0) {
rep_history_clean(current_second - options->RephistTrackTime);
dumpmemusage(get_min_log_level()<LOG_INFO ? get_min_log_level() : LOG_INFO);
dumpmemusage(get_min_log_level()<LOG_INFO ?
get_min_log_level() : LOG_INFO);
}
#endif
@ -989,16 +1014,19 @@ do_hup(void)
/* first, reload config variables, in case they've changed */
/* no need to provide argc/v, they've been cached inside init_from_config */
if (options_init_from_torrc(0, NULL) < 0) {
err(LD_CONFIG,"Reading config failed--see warnings above. For usage, try -h.");
err(LD_CONFIG,"Reading config failed--see warnings above. "
"For usage, try -h.");
return -1;
}
options = get_options(); /* they have changed now */
if (authdir_mode(options)) {
/* reload the approved-routers file */
tor_snprintf(keydir,sizeof(keydir),"%s/approved-routers", options->DataDirectory);
tor_snprintf(keydir, sizeof(keydir),
"%s/approved-routers", options->DataDirectory);
info(LD_GENERAL,"Reloading approved fingerprints from \"%s\"...",keydir);
if (dirserv_parse_fingerprint_file(keydir) < 0) {
info(LD_GENERAL, "Error reloading fingerprints. Continuing with old list.");
info(LD_GENERAL, "Error reloading fingerprints. "
"Continuing with old list.");
}
}
@ -1199,7 +1227,8 @@ signal_callback(int fd, short events, void *arg)
break;
case SIGUSR2:
switch_logs_debug();
debug(LD_GENERAL,"Caught USR2, going to loglevel debug. Send HUP to change back.");
debug(LD_GENERAL,"Caught USR2, going to loglevel debug. "
"Send HUP to change back.");
break;
case SIGHUP:
if (do_hup() < 0) {
@ -1210,7 +1239,8 @@ signal_callback(int fd, short events, void *arg)
break;
#ifdef SIGCHLD
case SIGCHLD:
while (waitpid(-1,NULL,WNOHANG) > 0) ; /* keep reaping until no more zombies */
while (waitpid(-1,NULL,WNOHANG) > 0) ; /* keep reaping until no more
zombies */
break;
#endif
}
@ -1227,7 +1257,8 @@ dumpmemusage(int severity)
extern uint64_t rephist_total_alloc;
extern uint32_t rephist_total_num;
log(severity, LD_GENERAL, "In buffers: "U64_FORMAT" used/"U64_FORMAT" allocated (%d conns).",
log(severity, LD_GENERAL,
"In buffers: "U64_FORMAT" used/"U64_FORMAT" allocated (%d conns).",
U64_PRINTF_ARG(buf_total_used), U64_PRINTF_ARG(buf_total_alloc),
nfds);
log(severity, LD_GENERAL, "In rephist: "U64_FORMAT" used by %d Tors.",
@ -1249,21 +1280,29 @@ dumpstats(int severity)
for (i=0;i<nfds;i++) {
conn = connection_array[i];
log(severity, LD_GENERAL, "Conn %d (socket %d) type %d (%s), state %d (%s), created %d secs ago",
log(severity, LD_GENERAL,
"Conn %d (socket %d) type %d (%s), state %d (%s), created %d secs ago",
i, conn->s, conn->type, conn_type_to_string(conn->type),
conn->state, conn_state_to_string(conn->type, conn->state), (int)(now - conn->timestamp_created));
conn->state, conn_state_to_string(conn->type, conn->state),
(int)(now - conn->timestamp_created));
if (!connection_is_listener(conn)) {
log(severity,LD_GENERAL,"Conn %d is to '%s:%d'.",i,safe_str(conn->address), conn->port);
log(severity,LD_GENERAL, "Conn %d: %d bytes waiting on inbuf (len %d, last read %d secs ago)",i,
log(severity,LD_GENERAL,
"Conn %d is to '%s:%d'.",i,safe_str(conn->address), conn->port);
log(severity,LD_GENERAL,
"Conn %d: %d bytes waiting on inbuf (len %d, last read %d secs ago)",
i,
(int)buf_datalen(conn->inbuf),
(int)buf_capacity(conn->inbuf),
(int)(now - conn->timestamp_lastread));
log(severity,LD_GENERAL, "Conn %d: %d bytes waiting on outbuf (len %d, last written %d secs ago)",i,
log(severity,LD_GENERAL,
"Conn %d: %d bytes waiting on outbuf "
"(len %d, last written %d secs ago)",i,
(int)buf_datalen(conn->outbuf),
(int)buf_capacity(conn->outbuf),
(int)(now - conn->timestamp_lastwritten));
}
circuit_dump_by_conn(conn, severity); /* dump info about all the circuits using this conn */
circuit_dump_by_conn(conn, severity); /* dump info about all the circuits
* using this conn */
}
log(severity, LD_NET,
"Cells processed: %10lu padding\n"
@ -1383,12 +1422,14 @@ tor_init(int argc, char *argv[])
rep_hist_init();
/* Initialize the service cache. */
rend_cache_init();
addressmap_init(); /* Init the client dns cache. Do it always, since it's cheap. */
addressmap_init(); /* Init the client dns cache. Do it always, since it's
* cheap. */
/* give it somewhere to log to initially */
add_temp_log();
log(LOG_NOTICE, LD_GENERAL, "Tor v%s. This is experimental software. Do not rely on it for strong anonymity.",VERSION);
log(LOG_NOTICE, LD_GENERAL, "Tor v%s. This is experimental software. "
"Do not rely on it for strong anonymity.",VERSION);
if (network_init()<0) {
err(LD_NET,"Error initializing network; exiting.");
@ -1397,13 +1438,15 @@ tor_init(int argc, char *argv[])
atexit(exit_function);
if (options_init_from_torrc(argc,argv) < 0) {
err(LD_CONFIG,"Reading config failed--see warnings above. For usage, try -h.");
err(LD_CONFIG,"Reading config failed--see warnings above. "
"For usage, try -h.");
return -1;
}
#ifndef MS_WINDOWS
if (geteuid()==0)
warn(LD_GENERAL,"You are running Tor as root. You don't need to, and you probably shouldn't.");
warn(LD_GENERAL,"You are running Tor as root. You don't need to, "
"and you probably shouldn't.");
#endif
crypto_global_init(get_options()->HardwareAccel);
@ -1609,7 +1652,8 @@ nt_service_body(int argc, char **argv)
service_status.dwServiceSpecificExitCode = 0;
service_status.dwCheckPoint = 0;
service_status.dwWaitHint = 1000;
hStatus = RegisterServiceCtrlHandler(GENSRV_SERVICENAME, (LPHANDLER_FUNCTION) nt_service_control);
hStatus = RegisterServiceCtrlHandler(GENSRV_SERVICENAME,
(LPHANDLER_FUNCTION) nt_service_control);
if (hStatus == 0) {
// failed;
@ -1618,13 +1662,15 @@ nt_service_body(int argc, char **argv)
// check for torrc
if (nt_torrc_is_present()) {
r = tor_init(backup_argc, backup_argv); // refactor this part out of tor_main and do_main_loop
r = tor_init(backup_argc, backup_argv);
// refactor this part out of tor_main and do_main_loop
if (r) {
r = NT_SERVICE_ERROR_TORINIT_FAILED;
}
}
else {
err(LD_CONFIG, "torrc is not in the current working directory. The Tor service will not start.");
err(LD_CONFIG, "torrc is not in the current working directory. "
"The Tor service will not start.");
r = NT_SERVICE_ERROR_NO_TORRC;
}
@ -1677,7 +1723,8 @@ nt_service_main(void)
printf("Configuration was valid\n");
break;
default:
err(LD_CONFIG, "Illegal command number %d: internal error.", get_options()->command);
err(LD_CONFIG, "Illegal command number %d: internal error.",
get_options()->command);
}
tor_cleanup();
}
@ -1691,7 +1738,8 @@ nt_service_open_scm(void)
SC_HANDLE hSCManager;
char *errmsg = NULL;
if ((hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE)) == NULL) {
if ((hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE))
== NULL) {
errmsg = nt_strerror(GetLastError());
printf("OpenSCManager() failed : %s\n", errmsg);
LocalFree(errmsg);
@ -1706,7 +1754,8 @@ nt_service_open(SC_HANDLE hSCManager)
SC_HANDLE hService;
char *errmsg = NULL;
if ((hService = OpenService(hSCManager, GENSRV_SERVICENAME, SERVICE_ALL_ACCESS)) == NULL) {
if ((hService = OpenService(hSCManager, GENSRV_SERVICENAME,
SERVICE_ALL_ACCESS)) == NULL) {
errmsg = nt_strerror(GetLastError());
printf("OpenService() failed : %s\n", errmsg);
LocalFree(errmsg);
@ -1857,9 +1906,11 @@ nt_service_install(void)
* - and changed the lpPassword param to "" instead of NULL as per an
* MSDN article.
*/
if ((hService = CreateService(hSCManager, GENSRV_SERVICENAME, GENSRV_DISPLAYNAME,
if ((hService = CreateService(hSCManager, GENSRV_SERVICENAME,
GENSRV_DISPLAYNAME,
SERVICE_ALL_ACCESS, SERVICE_WIN32_OWN_PROCESS,
SERVICE_AUTO_START, SERVICE_ERROR_IGNORE, command,
SERVICE_AUTO_START, SERVICE_ERROR_IGNORE,
command,
NULL, NULL, NULL, NULL, "")) == NULL) {
errmsg = nt_strerror(GetLastError());
printf("CreateService() failed : %s\n", errmsg);
@ -1995,13 +2046,15 @@ int
tor_main(int argc, char *argv[])
{
#ifdef USE_DMALLOC
int r = CRYPTO_set_mem_ex_functions(_tor_malloc, _tor_realloc, _tor_dmalloc_free);
int r = CRYPTO_set_mem_ex_functions(_tor_malloc, _tor_realloc,
_tor_dmalloc_free);
notice(LD_CONFIG, "Set up damalloc; returned %d", r);
#endif
#ifdef MS_WINDOWS_SERVICE
backup_argv = argv;
backup_argc = argc;
if ((argc >= 3) && (!strcmp(argv[1], "-service") || !strcmp(argv[1], "--service"))) {
if ((argc >= 3) &&
(!strcmp(argv[1], "-service") || !strcmp(argv[1], "--service"))) {
if (!strcmp(argv[2], "install"))
return nt_service_install();
if (!strcmp(argv[2], "remove"))

27
src/or/onion.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char onion_c_id[] = "$Id$";
const char onion_c_id[] =
"$Id$";
/**
* \file onion.c
@ -68,7 +69,8 @@ onion_pending_add(circuit_t *circ)
/* cull elderly requests. */
circ = ol_list->circ;
onion_pending_remove(ol_list->circ);
info(LD_CIRC,"Circuit create request is too old; cancelling due to overload.");
info(LD_CIRC,
"Circuit create request is too old; cancelling due to overload.");
circuit_mark_for_close(circ);
}
return 0;
@ -116,7 +118,9 @@ onion_pending_remove(circuit_t *circ)
} else { /* we need to hunt through the rest of the list */
for ( ;tmpo->next && tmpo->next->circ != circ; tmpo=tmpo->next) ;
if (!tmpo->next) {
debug(LD_GENERAL,"circ (p_circ_id %d) not in list, probably at cpuworker.",circ->p_circ_id);
debug(LD_GENERAL,
"circ (p_circ_id %d) not in list, probably at cpuworker.",
circ->p_circ_id);
return;
}
/* now we know tmpo->next->circ == circ */
@ -149,7 +153,7 @@ onion_pending_remove(circuit_t *circ)
int
onion_skin_create(crypto_pk_env_t *dest_router_key,
crypto_dh_env_t **handshake_state_out,
char *onion_skin_out) /* Must be ONIONSKIN_CHALLENGE_LEN bytes */
char *onion_skin_out) /* ONIONSKIN_CHALLENGE_LEN bytes */
{
char *challenge = NULL;
crypto_dh_env_t *dh = NULL;
@ -210,10 +214,10 @@ onion_skin_create(crypto_pk_env_t *dest_router_key,
* next key_out_len bytes of key material in key_out.
*/
int
onion_skin_server_handshake(const char *onion_skin, /* ONIONSKIN_CHALLENGE_LEN bytes */
onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/
crypto_pk_env_t *private_key,
crypto_pk_env_t *prev_private_key,
char *handshake_reply_out, /* ONIONSKIN_REPLY_LEN bytes */
char *handshake_reply_out, /*ONIONSKIN_REPLY_LEN*/
char *key_out,
size_t key_out_len)
{
@ -236,7 +240,8 @@ onion_skin_server_handshake(const char *onion_skin, /* ONIONSKIN_CHALLENGE_LEN b
break;
}
if (len<0) {
info(LD_PROTOCOL, "Couldn't decrypt onionskin: client may be using old onion key");
info(LD_PROTOCOL,
"Couldn't decrypt onionskin: client may be using old onion key");
goto err;
} else if (len != DH_KEY_LEN) {
warn(LD_PROTOCOL, "Unexpected onionskin length after decryption: %d",
@ -302,7 +307,7 @@ onion_skin_server_handshake(const char *onion_skin, /* ONIONSKIN_CHALLENGE_LEN b
*/
int
onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
const char *handshake_reply, /* Must be ONIONSKIN_REPLY_LEN bytes */
const char *handshake_reply, /* ONIONSKIN_REPLY_LEN bytes */
char *key_out,
size_t key_out_len)
{
@ -327,7 +332,8 @@ onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
if (memcmp(key_material, handshake_reply+DH_KEY_LEN, 20)) {
/* H(K) does *not* match. Something fishy. */
tor_free(key_material);
warn(LD_PROTOCOL,"Digest DOES NOT MATCH on onion handshake. Bug or attack.");
warn(LD_PROTOCOL,"Digest DOES NOT MATCH on onion handshake. "
"Bug or attack.");
return -1;
}
@ -412,7 +418,8 @@ fast_client_handshake(const char *handshake_state, /* DIGEST_LEN bytes */
}
if (memcmp(out, handshake_reply_out+DIGEST_LEN, DIGEST_LEN)) {
/* H(K) does *not* match. Something fishy. */
warn(LD_PROTOCOL,"Digest DOES NOT MATCH on fast handshake. Bug or attack.");
warn(LD_PROTOCOL,"Digest DOES NOT MATCH on fast handshake. "
"Bug or attack.");
return -1;
}
memcpy(key_out, out+DIGEST_LEN, key_out_len);

202
src/or/or.h
View File

@ -226,7 +226,8 @@ typedef enum {
#define CONN_TYPE_CONTROL 13
#define _CONN_TYPE_MAX 13
#define CONN_IS_EDGE(x) ((x)->type == CONN_TYPE_EXIT || (x)->type == CONN_TYPE_AP)
#define CONN_IS_EDGE(x) \
((x)->type == CONN_TYPE_EXIT || (x)->type == CONN_TYPE_AP)
/** State for any listener connection. */
#define LISTENER_STATE_READY 0
@ -234,7 +235,8 @@ typedef enum {
#define _DNSWORKER_STATE_MIN 1
/** State for a connection to a dnsworker process that's idle. */
#define DNSWORKER_STATE_IDLE 1
/** State for a connection to a dnsworker process that's resolving a hostname. */
/** State for a connection to a dnsworker process that's resolving a
* hostname. */
#define DNSWORKER_STATE_BUSY 2
#define _DNSWORKER_STATE_MAX 2
@ -350,7 +352,8 @@ typedef enum {
#define CIRCUIT_STATE_BUILDING 0
/** Circuit state: Waiting to process the onionskin. */
#define CIRCUIT_STATE_ONIONSKIN_PENDING 1
/** Circuit state: I'd like to deliver a create, but my n_conn is still connecting. */
/** Circuit state: I'd like to deliver a create, but my n_conn is still
* connecting. */
#define CIRCUIT_STATE_OR_WAIT 2
/** Circuit state: onionskin(s) processed, ready to send/receive cells. */
#define CIRCUIT_STATE_OPEN 3
@ -394,7 +397,8 @@ typedef enum {
#define CIRCUIT_PURPOSE_C_GENERAL 5
/** Client-side circuit purpose: at Alice, connecting to intro point. */
#define CIRCUIT_PURPOSE_C_INTRODUCING 6
/** Client-side circuit purpose: at Alice, sent INTRODUCE1 to intro point, waiting for ACK/NAK. */
/** Client-side circuit purpose: at Alice, sent INTRODUCE1 to intro point,
* waiting for ACK/NAK. */
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT 7
/** Client-side circuit purpose: at Alice, introduced and acked, closing. */
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED 8
@ -512,7 +516,8 @@ typedef enum {
#define REQUIRED_FIREWALL_ORPORT 443
/* legal characters in a nickname */
#define LEGAL_NICKNAME_CHARACTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
#define LEGAL_NICKNAME_CHARACTERS \
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
/** Name to use in client TLS certificates if no nickname is given.*/
#define DEFAULT_CLIENT_NICKNAME "client"
@ -626,12 +631,14 @@ struct connection_t {
buf_t *inbuf; /**< Buffer holding data read over this connection. */
int inbuf_reached_eof; /**< Boolean: did read() return 0 on this conn? */
time_t timestamp_lastread; /**< When was the last time poll() said we could read? */
time_t timestamp_lastread; /**< When was the last time poll() said we could
* read? */
buf_t *outbuf; /**< Buffer holding data to write over this connection. */
size_t outbuf_flushlen; /**< How much data should we try to flush from the
* outbuf? */
time_t timestamp_lastwritten; /**< When was the last time poll() said we could write? */
time_t timestamp_lastwritten; /**< When was the last time poll() said we
* could write? */
time_t timestamp_created; /**< When was this connection_t created? */
time_t timestamp_lastempty; /**< When was the outbuf last completely empty?*/
@ -694,7 +701,8 @@ struct connection_t {
* connection is using. */
/* Used only by Dir connections */
char *requested_resource; /**< Which 'resource' did we ask the directory for?*/
char *requested_resource; /**< Which 'resource' did we ask the directory
* for?*/
/* Used only by AP connections */
socks_request_t *socks_request; /**< SOCKS structure describing request (AP
@ -814,8 +822,10 @@ typedef struct {
*/
typedef struct routerstatus_t {
time_t published_on; /**< When was this router published? */
char nickname[MAX_NICKNAME_LEN+1]; /**<The nickname this router says it has. */
char identity_digest[DIGEST_LEN]; /**< Digest of the router's identity key. */
char nickname[MAX_NICKNAME_LEN+1]; /**< The nickname this router says it
* has. */
char identity_digest[DIGEST_LEN]; /**< Digest of the router's identity
* key. */
char descriptor_digest[DIGEST_LEN]; /**< Digest of the router's most recent
* descriptor. */
uint32_t addr; /**< IPv4 address for this router. */
@ -873,7 +883,8 @@ typedef struct networkstatus_t {
char *server_versions; /**< comma-separated list of recommended server
* versions. */
unsigned int binds_names:1; /**< True iff this directory server binds names. */
unsigned int binds_names:1; /**< True iff this directory server binds
* names. */
unsigned int recommends_versions:1; /**< True iff this directory server
* recommends client and server software
* versions. */
@ -900,7 +911,8 @@ typedef struct {
* full routerinfo_t to extend: we only need addr:port:keyid to build an OR
* connection, and onion_key to create the onionskin.) */
typedef struct extend_info_t {
char nickname[MAX_HEX_NICKNAME_LEN+1]; /**< This router's nickname for display. */
char nickname[MAX_HEX_NICKNAME_LEN+1]; /**< This router's nickname for
* display. */
char identity_digest[DIGEST_LEN]; /**< Hash of this router's identity key. */
uint32_t addr; /**< IP address in host order. */
uint16_t port; /**< OR port. */
@ -1233,23 +1245,27 @@ typedef struct {
* for version 1 directories? */
int NamingAuthoritativeDir; /**< Boolean: is this an authoritative directory
* that's willing to bind names? */
int VersioningAuthoritativeDir; /**< Boolean: is this an authoritative directory
* that's willing to recommend versions? */
int VersioningAuthoritativeDir; /**< Boolean: is this an authoritative
* directory that's willing to recommend
* versions? */
int ClientOnly; /**< Boolean: should we never evolve into a server role? */
int NoPublish; /**< Boolean: should we never publish a descriptor? */
int ConnLimit; /**< Requested maximum number of simultaneous connections. */
int _ConnLimit; /**< Actual maximum number of simultaneous connections. */
int RunAsDaemon; /**< If true, run in the background. (Unix only) */
int FascistFirewall; /**< Whether to prefer ORs reachable on open ports. */
smartlist_t *FirewallPorts; /**< Which ports our firewall allows (strings). */
smartlist_t *FirewallPorts; /**< Which ports our firewall allows
* (strings). */
config_line_t *ReachableAddresses; /**< Which IP:ports our firewall allows
* (exit policy.) */
/** Application ports that require all nodes in circ to have sufficient uptime. */
/** Application ports that require all nodes in circ to have sufficient
* uptime. */
smartlist_t *LongLivedPorts;
/** Should we try to reuse the same exit node for a given host */
smartlist_t *TrackHostExits;
int TrackHostExitsExpire; /**< Number of seconds until we expire an addressmap */
int TrackHostExitsExpire; /**< Number of seconds until we expire an
* addressmap */
config_line_t *AddressMap; /**< List of address map directives. */
int DirFetchPeriod; /**< How often do we fetch new directories? */
int DirPostPeriod; /**< How often do we post our server descriptor to the
@ -1266,10 +1282,10 @@ typedef struct {
* a new one? */
int MaxCircuitDirtiness; /**< Never use circs that were first used more than
this interval ago. */
uint64_t BandwidthRate; /**< How much bandwidth, on average, are we willing to
* use in a second? */
uint64_t BandwidthBurst; /**< How much bandwidth, at maximum, are we willing to
* use in a second? */
uint64_t BandwidthRate; /**< How much bandwidth, on average, are we willing
* to use in a second? */
uint64_t BandwidthBurst; /**< How much bandwidth, at maximum, are we willing
* to use in a second? */
uint64_t MaxAdvertisedBandwidth; /**< How much bandwidth are we willing to
* tell people we have? */
int NumCpus; /**< How many CPUs should we try to use? */
@ -1321,7 +1337,8 @@ typedef struct {
* long do we wait before exiting? */
int SafeLogging; /**< Boolean: are we allowed to log sensitive strings
* such as addresses (0), or do we scrub them first (1)? */
#define LOG_PROTOCOL_WARN (get_options()->ProtocolWarnings ? LOG_WARN : LOG_INFO)
#define LOG_PROTOCOL_WARN (get_options()->ProtocolWarnings ? \
LOG_WARN : LOG_INFO)
int ProtocolWarnings; /**< Boolean: when other parties screw up the Tor
* protocol, is it a warn or an info in our logs? */
int TestSocks; /**< Boolean: when we get a socks connection, do we loudly
@ -1370,7 +1387,8 @@ struct socks_request_t {
* two-stage socks5 handshake.
*/
int has_finished; /**< Has the SOCKS handshake finished? */
char address[MAX_SOCKS_ADDR_LEN]; /**< What address did the client ask to connect to? */
char address[MAX_SOCKS_ADDR_LEN]; /**< What address did the client ask to
connect to? */
uint16_t port; /**< What port did the client ask to connect to? */
};
@ -1416,16 +1434,19 @@ void circuit_dump_by_conn(connection_t *conn, int severity);
circuit_t *circuit_init(uint8_t purpose, int need_uptime,
int need_capacity, int internal);
circuit_t *circuit_establish_circuit(uint8_t purpose, extend_info_t *exit,
int need_uptime, int need_capacity, int internal);
int need_uptime, int need_capacity,
int internal);
int circuit_handle_first_hop(circuit_t *circ);
void circuit_n_conn_done(connection_t *or_conn, int status);
int circuit_send_next_onion_skin(circuit_t *circ);
void circuit_note_clock_jumped(int seconds_elapsed);
int circuit_extend(cell_t *cell, circuit_t *circ);
int circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data, int reverse);
int circuit_init_cpath_crypto(crypt_path_t *cpath, char *key_data,
int reverse);
int circuit_finish_handshake(circuit_t *circ, uint8_t cell_type, char *reply);
int circuit_truncated(circuit_t *circ, crypt_path_t *layer);
int onionskin_answer(circuit_t *circ, uint8_t cell_type, char *payload, char *keys);
int onionskin_answer(circuit_t *circ, uint8_t cell_type, char *payload,
char *keys);
int circuit_all_predicted_ports_handled(time_t now, int *need_uptime,
int *need_capacity);
@ -1461,7 +1482,8 @@ int circuit_id_used_on_conn(uint16_t circ_id, connection_t *conn);
circuit_t *circuit_get_by_edge_conn(connection_t *conn);
void circuit_unlink_all_from_or_conn(connection_t *conn);
circuit_t *circuit_get_by_global_id(uint32_t id);
circuit_t *circuit_get_by_rend_query_and_purpose(const char *rend_query, uint8_t purpose);
circuit_t *circuit_get_by_rend_query_and_purpose(const char *rend_query,
uint8_t purpose);
circuit_t *circuit_get_next_by_pk_and_purpose(circuit_t *start,
const char *digest, uint8_t purpose);
circuit_t *circuit_get_rendezvous(const char *cookie);
@ -1483,19 +1505,24 @@ void circuit_free_all(void);
void circuit_expire_building(time_t now);
void circuit_remove_handled_ports(smartlist_t *needed_ports);
int circuit_stream_is_being_handled(connection_t *conn, uint16_t port, int min);
int circuit_stream_is_being_handled(connection_t *conn, uint16_t port,
int min);
void circuit_build_needed_circs(time_t now);
void circuit_detach_stream(circuit_t *circ, connection_t *conn);
void circuit_about_to_close_connection(connection_t *conn);
void circuit_has_opened(circuit_t *circ);
void circuit_build_failed(circuit_t *circ);
circuit_t *circuit_launch_by_nickname(uint8_t purpose, const char *exit_nickname,
int need_uptime, int need_capacity, int is_internal);
circuit_t *circuit_launch_by_nickname(uint8_t purpose,
const char *exit_nickname,
int need_uptime, int need_capacity,
int is_internal);
circuit_t *circuit_launch_by_extend_info(uint8_t purpose,
extend_info_t *info,
int need_uptime, int need_capacity, int is_internal);
int need_uptime, int need_capacity,
int is_internal);
circuit_t *circuit_launch_by_router(uint8_t purpose, routerinfo_t *exit,
int need_uptime, int need_capacity, int is_internal);
int need_uptime, int need_capacity,
int is_internal);
void circuit_reset_failure_count(int timeout);
int connection_ap_handshake_attach_chosen_circuit(connection_t *conn,
circuit_t *circ);
@ -1520,7 +1547,8 @@ const char *safe_str(const char *address);
int config_get_lines(char *string, config_line_t **result);
void config_free_lines(config_line_t *front);
int options_trial_assign(config_line_t *list, int use_defaults, int clear_first);
int options_trial_assign(config_line_t *list, int use_defaults,
int clear_first);
int resolve_my_address(or_options_t *options, uint32_t *addr,
char **hostname_out);
void options_init(or_options_t *options);
@ -1567,7 +1595,8 @@ void _connection_mark_for_close(connection_t *conn,int line, const char *file);
void connection_expire_held_open(void);
int connection_connect(connection_t *conn, char *address, uint32_t addr, uint16_t port);
int connection_connect(connection_t *conn, char *address, uint32_t addr,
uint16_t port);
int retry_all_listeners(int force, smartlist_t *replaced_conns,
smartlist_t *new_conns);
@ -1583,18 +1612,21 @@ int connection_wants_to_flush(connection_t *conn);
int connection_outbuf_too_full(connection_t *conn);
int connection_handle_write(connection_t *conn);
void _connection_controller_force_write(connection_t *conn);
void connection_write_to_buf(const char *string, size_t len, connection_t *conn);
void connection_write_to_buf(const char *string, size_t len,
connection_t *conn);
connection_t *connection_or_exact_get_by_addr_port(uint32_t addr, uint16_t port);
connection_t *connection_or_exact_get_by_addr_port(uint32_t addr,
uint16_t port);
connection_t *connection_get_by_global_id(uint32_t id);
connection_t *connection_get_by_type(int type);
connection_t *connection_get_by_type_purpose(int type, int purpose);
connection_t *connection_get_by_type_addr_port_purpose(int type, uint32_t addr,
uint16_t port, int purpose);
uint16_t port, int purpose);
connection_t *connection_get_by_type_state(int type, int state);
connection_t *connection_get_by_type_state_lastwritten(int type, int state);
connection_t *connection_get_by_type_state_rendquery(int type, int state, const char *rendquery);
connection_t *connection_get_by_type_state_rendquery(int type, int state,
const char *rendquery);
#define connection_speaks_cells(conn) ((conn)->type == CONN_TYPE_OR)
#define connection_has_pending_tls_data(conn) \
@ -1611,7 +1643,7 @@ char *alloc_http_authenticator(const char *authenticator);
void assert_connection_ok(connection_t *conn, time_t now);
int connection_or_nonopen_was_started_here(connection_t *conn);
/********************************* connection_edge.c ***************************/
/********************************* connection_edge.c *************************/
#define connection_mark_unattached_ap(conn, endreason) \
_connection_mark_unattached_ap((conn), (endreason), __LINE__, _SHORT_FILE_)
@ -1621,13 +1653,15 @@ void _connection_mark_unattached_ap(connection_t *conn, int endreason,
int connection_edge_reached_eof(connection_t *conn);
int connection_edge_process_inbuf(connection_t *conn, int package_partial);
int connection_edge_destroy(uint16_t circ_id, connection_t *conn);
int connection_edge_end(connection_t *conn, char reason, crypt_path_t *cpath_layer);
int connection_edge_end(connection_t *conn, char reason,
crypt_path_t *cpath_layer);
int connection_edge_end_errno(connection_t *conn, crypt_path_t *cpath_layer);
int connection_edge_finished_flushing(connection_t *conn);
int connection_edge_finished_connecting(connection_t *conn);
int connection_ap_handshake_send_begin(connection_t *ap_conn, circuit_t *circ);
int connection_ap_handshake_send_resolve(connection_t *ap_conn, circuit_t *circ);
int connection_ap_handshake_send_resolve(connection_t *ap_conn,
circuit_t *circ);
int connection_ap_make_bridge(char *address, uint16_t port);
void connection_ap_handshake_socks_reply(connection_t *conn, char *reply,
@ -1655,13 +1689,16 @@ void addressmap_clear_transient(void);
void addressmap_free_all(void);
void addressmap_rewrite(char *address, size_t maxlen);
int addressmap_already_mapped(const char *address);
void addressmap_register(const char *address, char *new_address, time_t expires);
void addressmap_register(const char *address, char *new_address,
time_t expires);
int client_dns_incr_failures(const char *address);
void client_dns_clear_failures(const char *address);
void client_dns_set_addressmap(const char *address, uint32_t val, const char *exitname, int ttl);
void client_dns_set_addressmap(const char *address, uint32_t val,
const char *exitname, int ttl);
int address_is_in_virtual_range(const char *addr);
const char *addressmap_register_virtual_address(int type, char *new_address);
void addressmap_get_mappings(smartlist_t *sl, time_t min_expires, time_t max_expires);
void addressmap_get_mappings(smartlist_t *sl, time_t min_expires,
time_t max_expires);
void parse_socks_policy(void);
void free_socks_policy(void);
@ -1757,8 +1794,11 @@ int control_event_or_conn_status(connection_t *conn, or_conn_status_event_t e);
int control_event_bandwidth_used(uint32_t n_read, uint32_t n_written);
void control_event_logmsg(int severity, unsigned int domain, const char *msg);
int control_event_descriptors_changed(smartlist_t *routers);
int control_event_address_mapped(const char *from, const char *to,time_t expires);
int control_event_or_authdir_new_descriptor(const char *action, const char *descriptor, const char *msg);
int control_event_address_mapped(const char *from, const char *to,
time_t expires);
int control_event_or_authdir_new_descriptor(const char *action,
const char *descriptor,
const char *msg);
int init_cookie_authentication(int enabled);
int decode_hashed_password(char *buf, const char *hashed);
@ -1783,8 +1823,10 @@ void directory_post_to_dirservers(uint8_t purpose, const char *payload,
void directory_get_from_dirserver(uint8_t purpose, const char *resource,
int retry_if_no_servers);
void directory_initiate_command_router(routerinfo_t *router, uint8_t purpose,
int private_connection, const char *resource,
const char *payload, size_t payload_len);
int private_connection,
const char *resource,
const char *payload,
size_t payload_len);
int parse_http_response(const char *headers, int *code, time_t *date,
int *compression, char **response);
@ -1939,7 +1981,8 @@ void relay_header_pack(char *dest, const relay_header_t *src);
void relay_header_unpack(relay_header_t *dest, const char *src);
int connection_edge_send_command(connection_t *fromconn, circuit_t *circ,
int relay_command, const char *payload,
size_t payload_len, crypt_path_t *cpath_layer);
size_t payload_len,
crypt_path_t *cpath_layer);
int connection_edge_package_raw_inbuf(connection_t *conn, int package_partial);
void connection_edge_consider_sending_sendme(connection_t *conn);
socks5_reply_status_t connection_edge_end_reason_socks5_response(int reason);
@ -1970,8 +2013,10 @@ void rep_history_clean(time_t before);
void rep_hist_note_used_port(uint16_t port, time_t now);
smartlist_t *rep_hist_get_predicted_ports(time_t now);
void rep_hist_note_used_resolve(time_t now);
void rep_hist_note_used_internal(time_t now, int need_uptime, int need_capacity);
int rep_hist_get_predicted_internal(time_t now, int *need_uptime, int *need_capacity);
void rep_hist_note_used_internal(time_t now, int need_uptime,
int need_capacity);
int rep_hist_get_predicted_internal(time_t now, int *need_uptime,
int *need_capacity);
void rep_hist_free_all(void);
@ -1979,11 +2024,15 @@ void rep_hist_free_all(void);
void rend_client_introcirc_has_opened(circuit_t *circ);
void rend_client_rendcirc_has_opened(circuit_t *circ);
int rend_client_introduction_acked(circuit_t *circ, const char *request, size_t request_len);
int rend_client_introduction_acked(circuit_t *circ, const char *request,
size_t request_len);
void rend_client_refetch_renddesc(const char *query);
int rend_client_remove_intro_point(extend_info_t *failed_intro, const char *query);
int rend_client_rendezvous_acked(circuit_t *circ, const char *request, size_t request_len);
int rend_client_receive_rendezvous(circuit_t *circ, const char *request, size_t request_len);
int rend_client_remove_intro_point(extend_info_t *failed_intro,
const char *query);
int rend_client_rendezvous_acked(circuit_t *circ, const char *request,
size_t request_len);
int rend_client_receive_rendezvous(circuit_t *circ, const char *request,
size_t request_len);
void rend_client_desc_here(const char *query);
extend_info_t *rend_client_get_random_intro(const char *query);
@ -2022,7 +2071,8 @@ int rend_encode_service_descriptor(rend_service_descriptor_t *desc,
crypto_pk_env_t *key,
char **str_out,
size_t *len_out);
rend_service_descriptor_t *rend_parse_service_descriptor(const char *str, size_t len);
rend_service_descriptor_t *rend_parse_service_descriptor(const char *str,
size_t len);
int rend_get_service_id(crypto_pk_env_t *pk, char *out);
/** A cached rendezvous descriptor. */
@ -2037,8 +2087,10 @@ void rend_cache_init(void);
void rend_cache_clean(void);
void rend_cache_free_all(void);
int rend_valid_service_id(const char *query);
int rend_cache_lookup_desc(const char *query, int version, const char **desc, size_t *desc_len);
int rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **entry_out);
int rend_cache_lookup_desc(const char *query, int version, const char **desc,
size_t *desc_len);
int rend_cache_lookup_entry(const char *query, int version,
rend_cache_entry_t **entry_out);
int rend_cache_store(const char *desc, size_t desc_len);
/********************************* rendservice.c ***************************/
@ -2051,19 +2103,25 @@ void rend_services_introduce(void);
void rend_consider_services_upload(time_t now);
void rend_service_intro_has_opened(circuit_t *circuit);
int rend_service_intro_established(circuit_t *circuit, const char *request, size_t request_len);
int rend_service_intro_established(circuit_t *circuit, const char *request,
size_t request_len);
void rend_service_rendezvous_has_opened(circuit_t *circuit);
int rend_service_introduce(circuit_t *circuit, const char *request, size_t request_len);
int rend_service_introduce(circuit_t *circuit, const char *request,
size_t request_len);
void rend_service_relaunch_rendezvous(circuit_t *oldcirc);
int rend_service_set_connection_addr_port(connection_t *conn, circuit_t *circ);
void rend_service_dump_stats(int severity);
void rend_service_free_all(void);
/********************************* rendmid.c *******************************/
int rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_len);
int rend_mid_introduce(circuit_t *circ, const char *request, size_t request_len);
int rend_mid_establish_rendezvous(circuit_t *circ, const char *request, size_t request_len);
int rend_mid_rendezvous(circuit_t *circ, const char *request, size_t request_len);
int rend_mid_establish_intro(circuit_t *circ, const char *request,
size_t request_len);
int rend_mid_introduce(circuit_t *circ, const char *request,
size_t request_len);
int rend_mid_establish_rendezvous(circuit_t *circ, const char *request,
size_t request_len);
int rend_mid_rendezvous(circuit_t *circ, const char *request,
size_t request_len);
/********************************* router.c ***************************/
typedef enum {
@ -2152,7 +2210,8 @@ trusted_dir_server_t *router_get_trusteddirserver_by_digest(
const char *digest);
int all_trusted_directory_servers_down(void);
void routerlist_add_family(smartlist_t *sl, routerinfo_t *router);
void add_nickname_list_to_smartlist(smartlist_t *sl, const char *list, int warn_if_down, int warn_if_unnamed);
void add_nickname_list_to_smartlist(smartlist_t *sl, const char *list,
int warn_if_down, int warn_if_unnamed);
routerinfo_t *routerlist_find_my_routerinfo(void);
int exit_policy_implicitly_allows_local_networks(addr_policy_t *policy,
int warn);
@ -2163,8 +2222,10 @@ int exit_policy_implicitly_allows_local_networks(addr_policy_t *policy,
#define ROUTER_REQUIRED_MIN_UPTIME (24*3600) /* a day */
#define ROUTER_REQUIRED_MIN_BANDWIDTH 10000
routerinfo_t *router_find_exact_exit_enclave(const char *address, uint16_t port);
int router_is_unreliable(routerinfo_t *router, int need_uptime, int need_capacity);
routerinfo_t *router_find_exact_exit_enclave(const char *address,
uint16_t port);
int router_is_unreliable(routerinfo_t *router, int need_uptime,
int need_capacity);
routerinfo_t *routerlist_sl_choose_by_bandwidth(smartlist_t *sl);
routerinfo_t *router_choose_random_node(const char *preferred,
const char *excluded,
@ -2197,7 +2258,9 @@ int router_add_to_routerlist(routerinfo_t *router, const char **msg,
int router_load_single_router(const char *s, const char **msg);
void router_load_routers_from_string(const char *s, int from_cache,
smartlist_t *requested_fingerprints);
typedef enum { NS_FROM_CACHE, NS_FROM_DIR, NS_GENERATED} networkstatus_source_t;
typedef enum {
NS_FROM_CACHE, NS_FROM_DIR, NS_GENERATED
} networkstatus_source_t;
int router_set_networkstatus(const char *s, time_t arrived_at,
networkstatus_source_t source,
smartlist_t *requested_fingerprints);
@ -2262,7 +2325,8 @@ int router_get_router_hash(const char *s, char *digest);
int router_get_dir_hash(const char *s, char *digest);
int router_get_runningrouters_hash(const char *s, char *digest);
int router_get_networkstatus_v2_hash(const char *s, char *digest);
int router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest,
int router_append_dirobj_signature(char *buf, size_t buf_len,
const char *digest,
crypto_pk_env_t *private_key);
int router_parse_list_from_string(const char **s,
smartlist_t *dest);

101
src/or/relay.c
View File

@ -15,7 +15,8 @@ const char relay_c_id[] = "$Id$";
static int relay_crypt(circuit_t *circ, cell_t *cell, int cell_direction,
crypt_path_t **layer_hint, char *recognized);
static connection_t *relay_lookup_conn(circuit_t *circ, cell_t *cell, int cell_direction);
static connection_t *relay_lookup_conn(circuit_t *circ, cell_t *cell,
int cell_direction);
static int
connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ,
@ -113,9 +114,14 @@ relay_crypt_one_payload(crypto_cipher_env_t *cipher, char *in,
int encrypt_mode)
{
char out[CELL_PAYLOAD_SIZE]; /* 'in' must be this size too */
int r;
if (( encrypt_mode && crypto_cipher_encrypt(cipher, out, in, CELL_PAYLOAD_SIZE)) ||
(!encrypt_mode && crypto_cipher_decrypt(cipher, out, in, CELL_PAYLOAD_SIZE))) {
if (encrypt_mode)
r = crypto_cipher_encrypt(cipher, out, in, CELL_PAYLOAD_SIZE);
else
r = crypto_cipher_decrypt(cipher, out, in, CELL_PAYLOAD_SIZE);
if (r) {
warn(LD_BUG,"Error during relay encryption");
return -1;
}
@ -158,14 +164,16 @@ circuit_receive_relay_cell(cell_t *cell, circuit_t *circ, int cell_direction)
debug(LD_OR,"Sending away from origin.");
if (connection_edge_process_relay_cell(cell, circ, conn, NULL) < 0) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"connection_edge_process_relay_cell (away from origin) failed.");
"connection_edge_process_relay_cell (away from origin) "
"failed.");
return -1;
}
}
if (cell_direction == CELL_DIRECTION_IN) {
++stats_n_relay_cells_delivered;
debug(LD_OR,"Sending to origin.");
if (connection_edge_process_relay_cell(cell, circ, conn, layer_hint) < 0) {
if (connection_edge_process_relay_cell(cell, circ, conn,
layer_hint) < 0) {
warn(LD_OR,"connection_edge_process_relay_cell (at origin) failed.");
return -1;
}
@ -185,11 +193,15 @@ circuit_receive_relay_cell(cell_t *cell, circuit_t *circ, int cell_direction)
if (!conn) {
if (circ->rend_splice && cell_direction == CELL_DIRECTION_OUT) {
tor_assert(circ->purpose == CIRCUIT_PURPOSE_REND_ESTABLISHED);
tor_assert(circ->rend_splice->purpose == CIRCUIT_PURPOSE_REND_ESTABLISHED);
tor_assert(circ->rend_splice->purpose ==
CIRCUIT_PURPOSE_REND_ESTABLISHED);
cell->circ_id = circ->rend_splice->p_circ_id;
if (circuit_receive_relay_cell(cell, circ->rend_splice, CELL_DIRECTION_IN)<0) {
warn(LD_REND, "Error relaying cell across rendezvous; closing circuits");
circuit_mark_for_close(circ); /* XXXX Do this here, or just return -1? */
if (circuit_receive_relay_cell(cell, circ->rend_splice,
CELL_DIRECTION_IN) < 0) {
warn(LD_REND, "Error relaying cell across rendezvous; closing "
"circuits");
/* XXXX Do this here, or just return -1? */
circuit_mark_for_close(circ);
return -1;
}
return 0;
@ -238,7 +250,7 @@ relay_crypt(circuit_t *circ, cell_t *cell, int cell_direction,
if (cell_direction == CELL_DIRECTION_IN) {
if (CIRCUIT_IS_ORIGIN(circ)) { /* We're at the beginning of the circuit.
We'll want to do layered decrypts. */
* We'll want to do layered decrypts. */
tor_assert(circ->cpath);
thishop = circ->cpath;
if (thishop->state != CPATH_STATE_OPEN) {
@ -269,7 +281,8 @@ relay_crypt(circuit_t *circ, cell_t *cell, int cell_direction,
} else { /* we're in the middle. Just one crypt. */
if (relay_crypt_one_payload(circ->p_crypto, cell->payload, 1) < 0)
return -1;
// log_fn(LOG_DEBUG,"Skipping recognized check, because we're not the OP.");
// log_fn(LOG_DEBUG,"Skipping recognized check, because we're not "
// "the OP.");
}
} else /* cell_direction == CELL_DIRECTION_OUT */ {
/* we're in the middle. Just one crypt. */
@ -371,7 +384,8 @@ relay_lookup_conn(circuit_t *circ, cell_t *cell, int cell_direction)
return tmpconn;
}
}
for (tmpconn = circ->resolving_streams; tmpconn; tmpconn=tmpconn->next_stream) {
for (tmpconn = circ->resolving_streams; tmpconn;
tmpconn=tmpconn->next_stream) {
if (rh.stream_id == tmpconn->stream_id && !tmpconn->marked_for_close) {
debug(LD_EXIT,"found conn for stream %d.", rh.stream_id);
return tmpconn;
@ -428,7 +442,8 @@ connection_edge_send_command(connection_t *fromconn, circuit_t *circ,
int cell_direction;
if (fromconn && fromconn->marked_for_close) {
warn(LD_BUG,"Bug: called on conn that's already marked for close at %s:%d.",
warn(LD_BUG,
"Bug: called on conn that's already marked for close at %s:%d.",
fromconn->marked_for_close_file, fromconn->marked_for_close);
return 0;
}
@ -470,7 +485,8 @@ connection_edge_send_command(connection_t *fromconn, circuit_t *circ,
debug(LD_OR,"delivering %d cell %s.", relay_command,
cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");
if (circuit_package_relay_cell(&cell, circ, cell_direction, cpath_layer) < 0) {
if (circuit_package_relay_cell(&cell, circ, cell_direction, cpath_layer)
< 0) {
warn(LD_BUG,"circuit_package_relay_cell failed. Closing.");
circuit_mark_for_close(circ);
return -1;
@ -487,7 +503,8 @@ connection_edge_end_reason_str(int reason)
{
switch (reason) {
case -1:
warn(LD_PROTOCOL,"End cell arrived with length 0. Should be at least 1.");
warn(LD_PROTOCOL,
"End cell arrived with length 0. Should be at least 1.");
return "MALFORMED";
case END_STREAM_REASON_MISC: return "misc error";
case END_STREAM_REASON_RESOLVEFAILED: return "resolve failed";
@ -596,7 +613,8 @@ errno_to_end_reason(int e)
E_CASE(EMFILE):
return END_STREAM_REASON_RESOURCELIMIT;
default:
info(LD_EXIT, "Didn't recognize errno %d (%s); telling the OP that we are ending a stream for 'misc' reason.",
info(LD_EXIT, "Didn't recognize errno %d (%s); telling the OP that "
"we are ending a stream for 'misc' reason.",
e, tor_socket_strerror(e));
return END_STREAM_REASON_MISC;
}
@ -633,7 +651,8 @@ connection_edge_process_end_not_open(
if (rh->length > 0 && edge_reason_is_retriable(reason)) {
if (conn->type != CONN_TYPE_AP) {
warn(LD_PROTOCOL,"Got an end because of %s, but we're not an AP. Closing.",
warn(LD_PROTOCOL,
"Got an end because of %s, but we're not an AP. Closing.",
connection_edge_end_reason_str(reason));
return -1;
}
@ -693,7 +712,8 @@ connection_edge_process_end_not_open(
return 0;
/* else, conn will get closed below */
} else {
notice(LD_APP,"Have tried resolving address '%s' at %d different places. Giving up.",
notice(LD_APP,"Have tried resolving address '%s' at %d different "
"places. Giving up.",
safe_str(conn->socks_request->address), MAX_RESOLVE_FAILURES);
/* clear the failures, so it will have a full try next time */
client_dns_clear_failures(conn->socks_request->address);
@ -739,11 +759,13 @@ connection_edge_process_relay_cell_not_open(
connection_t *conn, crypt_path_t *layer_hint)
{
if (rh->command == RELAY_COMMAND_END)
return connection_edge_process_end_not_open(rh, cell, circ, conn, layer_hint);
return connection_edge_process_end_not_open(rh, cell, circ, conn,
layer_hint);
if (conn->type == CONN_TYPE_AP && rh->command == RELAY_COMMAND_CONNECTED) {
if (conn->state != AP_CONN_STATE_CONNECT_WAIT) {
warn(LD_APP,"Got 'connected' while not in state connect_wait. Dropping.");
warn(LD_APP,"Got 'connected' while not in state connect_wait. "
"Dropping.");
return 0;
}
// log_fn(LOG_INFO,"Connected! Notifying application.");
@ -755,7 +777,8 @@ connection_edge_process_relay_cell_not_open(
int ttl;
if (!addr) {
info(LD_APP,"...but it claims the IP address was 0.0.0.0. Closing.");
connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL, conn->cpath_layer);
connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL,
conn->cpath_layer);
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return 0;
}
@ -780,7 +803,8 @@ connection_edge_process_relay_cell_not_open(
int ttl;
int answer_len;
if (conn->state != AP_CONN_STATE_RESOLVE_WAIT) {
warn(LD_APP,"Got a 'resolved' cell while not in state resolve_wait. Dropping.");
warn(LD_APP,"Got a 'resolved' cell while not in state resolve_wait. "
"Dropping.");
return 0;
}
tor_assert(conn->socks_request->command == SOCKS_COMMAND_RESOLVE);
@ -791,7 +815,8 @@ connection_edge_process_relay_cell_not_open(
return 0;
}
if (rh->length >= answer_len+6)
ttl = (int)ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE+2+answer_len));
ttl = (int)ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE+
2+answer_len));
else
ttl = -1;
connection_ap_handshake_socks_resolved(conn,
@ -799,15 +824,18 @@ connection_edge_process_relay_cell_not_open(
cell->payload[RELAY_HEADER_SIZE+1], /*answer_len*/
cell->payload+RELAY_HEADER_SIZE+2, /*answer*/
ttl);
connection_mark_unattached_ap(conn, END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
connection_mark_unattached_ap(conn,
END_STREAM_REASON_ALREADY_SOCKS_REPLIED);
return 0;
}
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"Got an unexpected relay command %d, in state %d (%s). Dropping.",
rh->command, conn->state, conn_state_to_string(conn->type, conn->state));
rh->command, conn->state,
conn_state_to_string(conn->type, conn->state));
return 0; /* for forward compatibility, don't kill the circuit */
// connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL, conn->cpath_layer);
// connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL,
// conn->cpath_layer);
// connection_mark_for_close(conn);
// return -1;
}
@ -999,7 +1027,8 @@ connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ,
return 0;
}
conn->package_window += STREAMWINDOW_INCREMENT;
debug(domain,"stream-level sendme, packagewindow now %d.", conn->package_window);
debug(domain,"stream-level sendme, packagewindow now %d.",
conn->package_window);
connection_start_reading(conn);
/* handle whatever might still be on the inbuf */
if (connection_edge_package_raw_inbuf(conn, 1) < 0) {
@ -1043,7 +1072,8 @@ connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ,
return 0;
}
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"Received unknown relay command %d. Perhaps the other side is using a newer version of Tor? Dropping.",
"Received unknown relay command %d. Perhaps the other side is using "
"a newer version of Tor? Dropping.",
rh.command);
return 0; /* for forward compatibility, don't kill the circuit */
}
@ -1071,7 +1101,8 @@ connection_edge_package_raw_inbuf(connection_t *conn, int package_partial)
tor_assert(conn);
tor_assert(!connection_speaks_cells(conn));
if (conn->marked_for_close) {
warn(LD_BUG,"Bug: called on conn that's already marked for close at %s:%d.",
warn(LD_BUG,
"Bug: called on conn that's already marked for close at %s:%d.",
conn->marked_for_close_file, conn->marked_for_close);
return 0;
}
@ -1088,7 +1119,8 @@ repeat_connection_edge_package_raw_inbuf:
return 0;
if (conn->package_window <= 0) {
info(domain,"called with package_window %d. Skipping.", conn->package_window);
info(domain,"called with package_window %d. Skipping.",
conn->package_window);
connection_stop_reading(conn);
return 0;
}
@ -1162,7 +1194,8 @@ connection_edge_consider_sending_sendme(connection_t *conn)
}
while (conn->deliver_window < STREAMWINDOW_START - STREAMWINDOW_INCREMENT) {
debug(conn->cpath_layer?LD_APP:LD_EXIT,"Outbuf %d, Queueing stream sendme.", (int)conn->outbuf_flushlen);
debug(conn->cpath_layer?LD_APP:LD_EXIT,
"Outbuf %d, Queueing stream sendme.", (int)conn->outbuf_flushlen);
conn->deliver_window += STREAMWINDOW_INCREMENT;
if (connection_edge_send_command(conn, circ, RELAY_COMMAND_SENDME,
NULL, 0, conn->cpath_layer) < 0) {
@ -1184,7 +1217,8 @@ circuit_resume_edge_reading(circuit_t *circ, crypt_path_t *layer_hint)
debug(layer_hint?LD_APP:LD_EXIT,"resuming");
/* have to check both n_streams and p_streams, to handle rendezvous */
if (circuit_resume_edge_reading_helper(circ->n_streams, circ, layer_hint) >= 0)
if (circuit_resume_edge_reading_helper(circ->n_streams, circ, layer_hint)
>= 0)
circuit_resume_edge_reading_helper(circ->p_streams, circ, layer_hint);
}
@ -1201,7 +1235,8 @@ circuit_resume_edge_reading_helper(connection_t *conn,
if (conn->marked_for_close)
continue;
if ((!layer_hint && conn->package_window > 0) ||
(layer_hint && conn->package_window > 0 && conn->cpath_layer == layer_hint)) {
(layer_hint && conn->package_window > 0 &&
conn->cpath_layer == layer_hint)) {
connection_start_reading(conn);
/* handle whatever might still be on the inbuf */
if (connection_edge_package_raw_inbuf(conn, 1)<0) {

39
src/or/rendclient.c
View File

@ -1,7 +1,8 @@
/* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char rendclient_c_id[] = "$Id$";
const char rendclient_c_id[] =
"$Id$";
/**
* \file rendclient.c
@ -65,7 +66,8 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc)
tor_assert(introcirc->purpose == CIRCUIT_PURPOSE_C_INTRODUCING);
tor_assert(rendcirc->purpose == CIRCUIT_PURPOSE_C_REND_READY);
tor_assert(!rend_cmp_service_ids(introcirc->rend_query, rendcirc->rend_query));
tor_assert(!rend_cmp_service_ids(introcirc->rend_query,
rendcirc->rend_query));
if (rend_cache_lookup_entry(introcirc->rend_query, -1, &entry) < 1) {
warn(LD_REND,"query '%s' didn't have valid rend desc in cache. Failing.",
@ -112,7 +114,8 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc)
dh_offset = 7+DIGEST_LEN+2+klen+REND_COOKIE_LEN;
} else {
/* Version 0. */
strncpy(tmp, rendcirc->build_state->chosen_exit->nickname, (MAX_NICKNAME_LEN+1)); /* nul pads */
strncpy(tmp, rendcirc->build_state->chosen_exit->nickname,
(MAX_NICKNAME_LEN+1)); /* nul pads */
memcpy(tmp+MAX_NICKNAME_LEN+1, rendcirc->rend_cookie, REND_COOKIE_LEN);
dh_offset = MAX_NICKNAME_LEN+1+REND_COOKIE_LEN;
}
@ -125,7 +128,8 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc)
/*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg,
* to avoid buffer overflows? */
r = crypto_pk_public_hybrid_encrypt(entry->parsed->pk, payload+DIGEST_LEN, tmp,
r = crypto_pk_public_hybrid_encrypt(entry->parsed->pk, payload+DIGEST_LEN,
tmp,
dh_offset+DH_KEY_LEN,
PK_PKCS1_OAEP_PADDING, 0);
if (r<0) {
@ -246,7 +250,8 @@ void
rend_client_refetch_renddesc(const char *query)
{
if (connection_get_by_type_state_rendquery(CONN_TYPE_DIR, 0, query)) {
info(LD_REND,"Would fetch a new renddesc here (for %s), but one is already in progress.", safe_str(query));
info(LD_REND,"Would fetch a new renddesc here (for %s), but one is "
"already in progress.", safe_str(query));
} else {
/* not one already; initiate a dir rend desc lookup */
directory_get_from_dirserver(DIR_PURPOSE_FETCH_RENDDESC, query, 1);
@ -328,22 +333,26 @@ rend_client_remove_intro_point(extend_info_t *failed_intro, const char *query)
* the circuit to C_REND_READY.
*/
int
rend_client_rendezvous_acked(circuit_t *circ, const char *request, size_t request_len)
rend_client_rendezvous_acked(circuit_t *circ, const char *request,
size_t request_len)
{
/* we just got an ack for our establish-rendezvous. switch purposes. */
if (circ->purpose != CIRCUIT_PURPOSE_C_ESTABLISH_REND) {
warn(LD_PROTOCOL,"Got a rendezvous ack when we weren't expecting one. Closing circ.");
warn(LD_PROTOCOL,"Got a rendezvous ack when we weren't expecting one. "
"Closing circ.");
circuit_mark_for_close(circ);
return -1;
}
info(LD_REND,"Got rendezvous ack. This circuit is now ready for rendezvous.");
info(LD_REND,"Got rendezvous ack. This circuit is now ready for "
"rendezvous.");
circ->purpose = CIRCUIT_PURPOSE_C_REND_READY;
return 0;
}
/** Bob sent us a rendezvous cell; join the circuits. */
int
rend_client_receive_rendezvous(circuit_t *circ, const char *request, size_t request_len)
rend_client_receive_rendezvous(circuit_t *circ, const char *request,
size_t request_len)
{
crypt_path_t *hop;
char keys[DIGEST_LEN+CPATH_KEY_MATERIAL_LEN];
@ -351,13 +360,15 @@ rend_client_receive_rendezvous(circuit_t *circ, const char *request, size_t requ
if ((circ->purpose != CIRCUIT_PURPOSE_C_REND_READY &&
circ->purpose != CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED)
|| !circ->build_state->pending_final_cpath) {
warn(LD_PROTOCOL,"Got rendezvous2 cell from hidden service, but not expecting it. Closing.");
warn(LD_PROTOCOL,"Got rendezvous2 cell from hidden service, but not "
"expecting it. Closing.");
circuit_mark_for_close(circ);
return -1;
}
if (request_len != DH_KEY_LEN+DIGEST_LEN) {
warn(LD_PROTOCOL,"Incorrect length (%d) on RENDEZVOUS2 cell.",(int)request_len);
warn(LD_PROTOCOL,"Incorrect length (%d) on RENDEZVOUS2 cell.",
(int)request_len);
goto err;
}
@ -435,7 +446,8 @@ rend_client_desc_here(const char *query)
}
tor_assert(conn->state != AP_CONN_STATE_RENDDESC_WAIT); /* avoid loop */
} else { /* 404, or fetch didn't get that far */
notice(LD_REND,"Closing stream for '%s.onion': hidden service is unavailable (try again later).", safe_str(query));
notice(LD_REND,"Closing stream for '%s.onion': hidden service is "
"unavailable (try again later).", safe_str(query));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TIMEOUT);
}
}
@ -470,7 +482,8 @@ rend_client_get_random_intro(const char *query)
char *choice = entry->parsed->intro_points[i];
routerinfo_t *router = router_get_by_nickname(choice, 0);
if (!router) {
info(LD_REND, "Unknown router with nickname '%s'; trying another.",choice);
info(LD_REND, "Unknown router with nickname '%s'; trying another.",
choice);
tor_free(choice);
entry->parsed->intro_points[i] =
entry->parsed->intro_points[--entry->parsed->n_intro_points];

21
src/or/rendcommon.c
View File

@ -1,7 +1,8 @@
/* Copyright 2004 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char rendcommon_c_id[] = "$Id$";
const char rendcommon_c_id[] =
"$Id$";
/**
* \file rendcommon.c
@ -151,7 +152,8 @@ rend_parse_service_descriptor(const char *str, size_t len)
cp += 2;
if (version == 0 && result->n_intro_points != 0) {
result->intro_points = tor_malloc_zero(sizeof(char*)*result->n_intro_points);
result->intro_points =
tor_malloc_zero(sizeof(char*)*result->n_intro_points);
for (i=0;i<result->n_intro_points;++i) {
if (end-cp < 2) goto truncated;
eos = (const char *)memchr(cp,'\0',end-cp);
@ -162,7 +164,8 @@ rend_parse_service_descriptor(const char *str, size_t len)
} else if (version != 0 && result->n_intro_points != 0) {
result->intro_point_extend_info =
tor_malloc_zero(sizeof(extend_info_t*)*result->n_intro_points);
result->intro_points = tor_malloc_zero(sizeof(char*)*result->n_intro_points);
result->intro_points =
tor_malloc_zero(sizeof(char*)*result->n_intro_points);
for (i=0;i<result->n_intro_points;++i) {
extend_info_t *info = result->intro_point_extend_info[i] =
tor_malloc_zero(sizeof(extend_info_t));
@ -179,7 +182,8 @@ rend_parse_service_descriptor(const char *str, size_t len)
cp += 8+DIGEST_LEN;
if (end-cp < klen) goto truncated;
if (!(info->onion_key = crypto_pk_asn1_decode(cp,klen))) {
warn(LD_PROTOCOL, "Internal error decoding onion key for intro point.");
warn(LD_PROTOCOL,
"Internal error decoding onion key for intro point.");
goto error;
}
cp += klen;
@ -332,7 +336,8 @@ rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
* *desc.
*/
int
rend_cache_lookup_desc(const char *query, int version, const char **desc, size_t *desc_len)
rend_cache_lookup_desc(const char *query, int version, const char **desc,
size_t *desc_len)
{
rend_cache_entry_t *e;
int r;
@ -385,12 +390,14 @@ rend_cache_store(const char *desc, size_t desc_len)
}
e = (rend_cache_entry_t*) strmap_get_lc(rend_cache, key);
if (e && e->parsed->timestamp > parsed->timestamp) {
info(LD_REND,"We already have a newer service descriptor %s with the same ID and version.", safe_str(query));
info(LD_REND,"We already have a newer service descriptor %s with the "
"same ID and version.", safe_str(query));
rend_service_descriptor_free(parsed);
return 0;
}
if (e && e->len == desc_len && !memcmp(desc,e->desc,desc_len)) {
info(LD_REND,"We already have this service descriptor %s.", safe_str(query));
info(LD_REND,"We already have this service descriptor %s.",
safe_str(query));
e->received = time(NULL);
rend_service_descriptor_free(parsed);
return 0;

25
src/or/rendmid.c
View File

@ -1,7 +1,8 @@
/* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char rendmid_c_id[] = "$Id$";
const char rendmid_c_id[] =
"$Id$";
/**
* \file rendmid.c
@ -14,7 +15,8 @@ const char rendmid_c_id[] = "$Id$";
* setting the circuit's purpose and service pk digest.
*/
int
rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_len)
rend_mid_establish_intro(circuit_t *circ, const char *request,
size_t request_len)
{
crypto_pk_env_t *pk = NULL;
char buf[DIGEST_LEN+9];
@ -28,7 +30,8 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_le
"Received an ESTABLISH_INTRO request on circuit %d", circ->p_circ_id);
if (circ->purpose != CIRCUIT_PURPOSE_OR || circ->n_conn) {
warn(LD_PROTOCOL, "Rejecting ESTABLISH_INTRO on non-OR or non-edge circuit.");
warn(LD_PROTOCOL,
"Rejecting ESTABLISH_INTRO on non-OR or non-edge circuit.");
goto err;
}
if (request_len < 2+DIGEST_LEN)
@ -60,7 +63,8 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_le
if (crypto_pk_public_checksig_digest(pk, request, 2+asn1len+DIGEST_LEN,
request+2+DIGEST_LEN+asn1len,
request_len-(2+DIGEST_LEN+asn1len))<0) {
warn(LD_PROTOCOL, "Incorrect signature on ESTABLISH_INTRO cell; rejecting.");
warn(LD_PROTOCOL,
"Incorrect signature on ESTABLISH_INTRO cell; rejecting.");
goto err;
}
@ -129,8 +133,8 @@ rend_mid_introduce(circuit_t *circ, const char *request, size_t request_len)
/* change to MAX_HEX_NICKNAME_LEN once 0.0.9.x is obsolete */
if (request_len < (DIGEST_LEN+(MAX_NICKNAME_LEN+1)+REND_COOKIE_LEN+
DH_KEY_LEN+CIPHER_KEY_LEN+PKCS1_OAEP_PADDING_OVERHEAD)) {
warn(LD_PROTOCOL,
"Impossibly short INTRODUCE1 cell on circuit %d; responding with nack.",
warn(LD_PROTOCOL, "Impossibly short INTRODUCE1 cell on circuit %d; "
"responding with nack.",
circ->p_circ_id);
goto err;
}
@ -142,7 +146,8 @@ rend_mid_introduce(circuit_t *circ, const char *request, size_t request_len)
NULL, request, CIRCUIT_PURPOSE_INTRO_POINT);
if (!intro_circ) {
info(LD_REND,
"No intro circ found for INTRODUCE1 cell (%s) from circuit %d; responding with nack.",
"No intro circ found for INTRODUCE1 cell (%s) from circuit %d; "
"responding with nack.",
safe_str(serviceid), circ->p_circ_id);
goto err;
}
@ -183,12 +188,14 @@ rend_mid_introduce(circuit_t *circ, const char *request, size_t request_len)
* rendezvous cookie.
*/
int
rend_mid_establish_rendezvous(circuit_t *circ, const char *request, size_t request_len)
rend_mid_establish_rendezvous(circuit_t *circ, const char *request,
size_t request_len)
{
char hexid[9];
if (circ->purpose != CIRCUIT_PURPOSE_OR || circ->n_conn) {
warn(LD_PROTOCOL, "Tried to establish rendezvous on non-OR or non-edge circuit.");
warn(LD_PROTOCOL,
"Tried to establish rendezvous on non-OR or non-edge circuit.");
goto err;
}

93
src/or/rendservice.c
View File

@ -1,7 +1,8 @@
/* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char rendservice_c_id[] = "$Id$";
const char rendservice_c_id[] =
"$Id$";
/**
* \file rendservice.c
@ -10,7 +11,8 @@ const char rendservice_c_id[] = "$Id$";
#include "or.h"
static circuit_t *find_intro_circuit(routerinfo_t *router, const char *pk_digest);
static circuit_t *find_intro_circuit(routerinfo_t *router,
const char *pk_digest);
/** Represents the mapping from a virtual port of a rendezvous service to
* a real port on some IP.
@ -124,7 +126,8 @@ add_service(rend_service_t *service)
} else {
smartlist_set_capacity(service->ports, -1);
smartlist_add(rend_service_list, service);
debug(LD_REND,"Configuring service with directory \"%s\"",service->directory);
debug(LD_REND,"Configuring service with directory \"%s\"",
service->directory);
for (i = 0; i < smartlist_len(service->ports); ++i) {
char addrbuf[INET_NTOA_BUF_LEN];
p = smartlist_get(service->ports, i);
@ -155,7 +158,8 @@ parse_port_config(const char *string)
rend_service_port_config_t *result = NULL;
sl = smartlist_create();
smartlist_split_string(sl, string, " ", SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
smartlist_split_string(sl, string, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
if (smartlist_len(sl) < 1 || smartlist_len(sl) > 2) {
warn(LD_CONFIG, "Bad syntax in hidden service port configuration.");
goto err;
@ -163,7 +167,8 @@ parse_port_config(const char *string)
virtport = atoi(smartlist_get(sl,0));
if (virtport < 1 || virtport > 65535) {
warn(LD_CONFIG, "Missing or invalid port in hidden service port configuration.");
warn(LD_CONFIG, "Missing or invalid port in hidden service port "
"configuration.");
goto err;
}
@ -175,7 +180,8 @@ parse_port_config(const char *string)
addrport = smartlist_get(sl,1);
if (strchr(addrport, ':') || strchr(addrport, '.')) {
if (parse_addr_port(addrport, NULL, &addr, &p)<0) {
warn(LD_CONFIG,"Unparseable address in hidden service port configuration.");
warn(LD_CONFIG,"Unparseable address in hidden service port "
"configuration.");
goto err;
}
realport = p?p:virtport;
@ -231,7 +237,8 @@ rend_config_services(or_options_t *options, int validate_only)
continue;
}
if (!service) {
warn(LD_CONFIG, "HiddenServicePort with no preceding HiddenServiceDir directive.");
warn(LD_CONFIG, "HiddenServicePort with no preceding HiddenServiceDir "
"directive.");
rend_service_free(service);
return -1;
}
@ -244,14 +251,16 @@ rend_config_services(or_options_t *options, int validate_only)
smartlist_add(service->ports, portcfg);
} else if (!strcasecmp(line->key, "HiddenServiceNodes")) {
if (service->intro_prefer_nodes) {
warn(LD_CONFIG, "Got multiple HiddenServiceNodes lines for a single service.");
warn(LD_CONFIG, "Got multiple HiddenServiceNodes lines for a single "
"service.");
return -1;
}
service->intro_prefer_nodes = tor_strdup(line->value);
} else {
tor_assert(!strcasecmp(line->key, "HiddenServiceExcludeNodes"));
if (service->intro_exclude_nodes) {
warn(LD_CONFIG, "Got multiple HiddenServiceExcludedNodes lines for a single service.");
warn(LD_CONFIG, "Got multiple HiddenServiceExcludedNodes lines for "
"a single service.");
return -1;
}
service->intro_exclude_nodes = tor_strdup(line->value);
@ -383,7 +392,8 @@ rend_service_requires_uptime(rend_service_t *service)
for (i=0; i < smartlist_len(service->ports); ++i) {
p = smartlist_get(service->ports, i);
if (smartlist_string_num_isin(get_options()->LongLivedPorts, p->virtual_port))
if (smartlist_string_num_isin(get_options()->LongLivedPorts,
p->virtual_port))
return 1;
}
return 0;
@ -397,7 +407,8 @@ rend_service_requires_uptime(rend_service_t *service)
* rendezvous point.
*/
int
rend_service_introduce(circuit_t *circuit, const char *request, size_t request_len)
rend_service_introduce(circuit_t *circuit, const char *request,
size_t request_len)
{
char *ptr, *r_cookie;
extend_info_t *extend_info = NULL;
@ -448,7 +459,8 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
keylen = crypto_pk_keysize(service->private_key);
if (request_len < keylen+DIGEST_LEN) {
warn(LD_PROTOCOL, "PK-encrypted portion of INTRODUCE2 cell was truncated.");
warn(LD_PROTOCOL,
"PK-encrypted portion of INTRODUCE2 cell was truncated.");
return -1;
}
/* Next N bytes is encrypted with service key */
@ -473,12 +485,14 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
klen = ntohs(get_uint16(buf+7+DIGEST_LEN));
if ((int)len != 7+DIGEST_LEN+2+klen+20+128) {
warn(LD_PROTOCOL, "Bad length %u for version 2 INTRODUCE2 cell.", (int)len);
warn(LD_PROTOCOL, "Bad length %u for version 2 INTRODUCE2 cell.",
(int)len);
goto err;
}
extend_info->onion_key = crypto_pk_asn1_decode(buf+7+DIGEST_LEN+2, klen);
if (!extend_info->onion_key) {
warn(LD_PROTOCOL, "Error decoding onion key in version 2 INTRODUCE2 cell.");
warn(LD_PROTOCOL,
"Error decoding onion key in version 2 INTRODUCE2 cell.");
goto err;
}
ptr = buf+7+DIGEST_LEN+2+klen;
@ -500,7 +514,8 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
/* XXX when 0.1.0.x is obsolete, change this to reject version < 2. */
ptr=memchr(rp_nickname,0,nickname_field_len);
if (!ptr || ptr == rp_nickname) {
warn(LD_PROTOCOL, "Couldn't find a null-padded nickname in INTRODUCE2 cell.");
warn(LD_PROTOCOL,
"Couldn't find a null-padded nickname in INTRODUCE2 cell.");
return -1;
}
if ((version == 0 && !is_legal_nickname(rp_nickname)) ||
@ -511,7 +526,8 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
/* Okay, now we know that a nickname is at the start of the buffer. */
ptr = rp_nickname+nickname_field_len;
len -= nickname_field_len;
len -= rp_nickname - buf; /* also remove header space used by version, if any */
len -= rp_nickname - buf; /* also remove header space used by version, if
* any */
router = router_get_by_nickname(rp_nickname, 0);
if (!router) {
info(LD_REND, "Couldn't find router '%s' named in rendezvous cell.",
@ -533,7 +549,8 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
/* Try DH handshake... */
dh = crypto_dh_new();
if (!dh || crypto_dh_generate_public(dh)<0) {
warn(LD_BUG,"Internal error: couldn't build DH state or generate public key.");
warn(LD_BUG,"Internal error: couldn't build DH state "
"or generate public key.");
goto err;
}
if (crypto_dh_compute_secret(dh, ptr+REND_COOKIE_LEN, DH_KEY_LEN, keys,
@ -551,13 +568,15 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
*/
for (i=0;i<MAX_REND_FAILURES;i++) {
launched = circuit_launch_by_extend_info(
CIRCUIT_PURPOSE_S_CONNECT_REND, extend_info, circ_needs_uptime, 1, 1);
CIRCUIT_PURPOSE_S_CONNECT_REND, extend_info,
circ_needs_uptime, 1, 1);
if (launched)
break;
}
if (!launched) { /* give up */
warn(LD_REND,"Giving up launching first hop of circuit to rendezvous point '%s' for service %s.",
warn(LD_REND, "Giving up launching first hop of circuit to rendezvous "
"point '%s' for service %s.",
extend_info->nickname, serviceid);
goto err;
}
@ -605,7 +624,8 @@ rend_service_relaunch_rendezvous(circuit_t *oldcirc)
if (!oldcirc->build_state ||
oldcirc->build_state->failure_count > MAX_REND_FAILURES ||
oldcirc->build_state->expiry_time < time(NULL)) {
info(LD_REND,"Attempt to build circuit to %s for rendezvous has failed too many times or expired; giving up.",
info(LD_REND,"Attempt to build circuit to %s for rendezvous has failed "
"too many times or expired; giving up.",
oldcirc->build_state ? oldcirc->build_state->chosen_exit->nickname :
"*unknown*");
return;
@ -615,7 +635,8 @@ rend_service_relaunch_rendezvous(circuit_t *oldcirc)
tor_assert(oldstate);
if (oldstate->pending_final_cpath == NULL) {
info(LD_REND,"Skipping relaunch of circ that failed on its first hop. Initiator will retry.");
info(LD_REND,"Skipping relaunch of circ that failed on its first hop. "
"Initiator will retry.");
return;
}
@ -645,7 +666,8 @@ rend_service_relaunch_rendezvous(circuit_t *oldcirc)
* <b>service</b> at the introduction point <b>nickname</b>
*/
static int
rend_service_launch_establish_intro(rend_service_t *service, const char *nickname)
rend_service_launch_establish_intro(rend_service_t *service,
const char *nickname)
{
circuit_t *launched;
@ -655,7 +677,8 @@ rend_service_launch_establish_intro(rend_service_t *service, const char *nicknam
rep_hist_note_used_internal(time(NULL), 1, 0);
++service->n_intro_circuits_launched;
launched = circuit_launch_by_nickname(CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, nickname, 1, 0, 1);
launched = circuit_launch_by_nickname(CIRCUIT_PURPOSE_S_ESTABLISH_INTRO,
nickname, 1, 0, 1);
if (!launched) {
info(LD_REND, "Can't launch circuit to establish introduction at '%s'.",
nickname);
@ -735,7 +758,8 @@ rend_service_intro_has_opened(circuit_t *circuit)
* live introduction point, and note that the service descriptor is
* now out-of-date.*/
int
rend_service_intro_established(circuit_t *circuit, const char *request, size_t request_len)
rend_service_intro_established(circuit_t *circuit, const char *request,
size_t request_len)
{
rend_service_t *service;
@ -786,7 +810,8 @@ rend_service_rendezvous_has_opened(circuit_t *circuit)
service = rend_service_get_by_pk_digest(circuit->rend_pk_digest);
if (!service) {
warn(LD_GENERAL, "Internal error: unrecognized service ID on introduction circuit.");
warn(LD_GENERAL, "Internal error: unrecognized service ID on "
"introduction circuit.");
goto err;
}
@ -880,7 +905,8 @@ upload_service_descriptor(rend_service_t *service, int version)
version,
service->private_key,
&desc, &desc_len)<0) {
warn(LD_BUG, "Internal error: couldn't encode service descriptor; not uploading.");
warn(LD_BUG, "Internal error: couldn't encode service descriptor; "
"not uploading.");
return;
}
@ -931,7 +957,8 @@ rend_services_introduce(void)
continue;
}
/* Find out which introduction points we have in progress for this service. */
/* Find out which introduction points we have in progress for this
service. */
for (j=0; j < smartlist_len(service->intro_nodes); ++j) {
intro = smartlist_get(service->intro_nodes, j);
router = router_get_by_nickname(intro, 0);
@ -966,7 +993,8 @@ rend_services_introduce(void)
char *hex_digest;
router = router_choose_random_node(service->intro_prefer_nodes,
service->intro_exclude_nodes, exclude_routers, 1, 0,
get_options()->_AllowUnverified & ALLOW_UNVERIFIED_INTRODUCTION, 0);
get_options()->_AllowUnverified & ALLOW_UNVERIFIED_INTRODUCTION,
0);
if (!router) {
warn(LD_REND, "Could only establish %d introduction points for %s.",
smartlist_len(service->intro_nodes), service->service_id);
@ -1054,12 +1082,14 @@ rend_service_dump_stats(int severity)
for (i=0; i < smartlist_len(rend_service_list); ++i) {
service = smartlist_get(rend_service_list, i);
log(severity, LD_GENERAL, "Service configured in \"%s\":", service->directory);
log(severity, LD_GENERAL, "Service configured in \"%s\":",
service->directory);
for (j=0; j < smartlist_len(service->intro_nodes); ++j) {
nickname = smartlist_get(service->intro_nodes, j);
router = router_get_by_nickname(smartlist_get(service->intro_nodes,j),1);
if (!router) {
log(severity, LD_GENERAL, " Intro point at %s: unrecognized router",nickname);
log(severity, LD_GENERAL, " Intro point at %s: unrecognized router",
nickname);
continue;
}
circ = find_intro_circuit(router, service->pk_digest);
@ -1092,7 +1122,8 @@ rend_service_set_connection_addr_port(connection_t *conn, circuit_t *circ)
circ->rend_pk_digest,10);
service = rend_service_get_by_pk_digest(circ->rend_pk_digest);
if (!service) {
warn(LD_REND, "Couldn't find any service associated with pk %s on rendezvous circuit %d; closing.",
warn(LD_REND, "Couldn't find any service associated with pk %s on "
"rendezvous circuit %d; closing.",
serviceid, circ->n_circ_id);
return -1;
}

18
src/or/rephist.c
View File

@ -1,7 +1,8 @@
/* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char rephist_c_id[] = "$Id$";
const char rephist_c_id[] =
"$Id$";
/**
* \file rephist.c
@ -291,7 +292,8 @@ rep_hist_dump_stats(time_t now, int severity)
log(severity, LD_GENERAL, "--------------- Dumping history information:");
for (orhist_it = digestmap_iter_init(history_map); !digestmap_iter_done(orhist_it);
for (orhist_it = digestmap_iter_init(history_map);
!digestmap_iter_done(orhist_it);
orhist_it = digestmap_iter_next(history_map,orhist_it)) {
digestmap_iter_get(orhist_it, &digest1, &or_history_p);
or_history = (or_history_t*) or_history_p;
@ -320,7 +322,8 @@ rep_hist_dump_stats(time_t now, int severity)
len = strlen(buffer);
for (lhist_it = digestmap_iter_init(or_history->link_history_map);
!digestmap_iter_done(lhist_it);
lhist_it = digestmap_iter_next(or_history->link_history_map, lhist_it)) {
lhist_it = digestmap_iter_next(or_history->link_history_map,
lhist_it)) {
digestmap_iter_get(lhist_it, &digest2, &link_history_p);
if ((r = router_get_by_digest(digest2)))
name2 = r->nickname;
@ -367,7 +370,8 @@ rep_history_clean(time_t before)
digestmap_iter_get(lhist_it, &d2, &link_history_p);
link_history = link_history_p;
if (link_history->changed < before) {
lhist_it = digestmap_iter_next_rmv(or_history->link_history_map,lhist_it);
lhist_it = digestmap_iter_next_rmv(or_history->link_history_map,
lhist_it);
rephist_total_alloc -= sizeof(link_history_t);
tor_free(link_history);
continue;
@ -396,7 +400,8 @@ typedef struct bw_array_t {
int total_obs; /**< Total for all members of obs except obs[cur_obs_idx] */
int max_total; /**< Largest value that total_obs has taken on in the current
* period. */
uint64_t total_in_period; /**< Total bytes transferred in the current period. */
uint64_t total_in_period; /**< Total bytes transferred in the current
* period. */
/** When does the next period begin? */
time_t next_period;
@ -766,7 +771,8 @@ rep_hist_note_used_internal(time_t now, int need_uptime, int need_capacity)
/** Return 1 if we've used an internal circ recently; else return 0. */
int
rep_hist_get_predicted_internal(time_t now, int *need_uptime, int *need_capacity)
rep_hist_get_predicted_internal(time_t now, int *need_uptime,
int *need_capacity)
{
if (!predicted_internal_time) { /* initialize it */
predicted_internal_time = now;

42
src/or/router.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char router_c_id[] = "$Id$";
const char router_c_id[] =
"$Id$";
#include "or.h"
@ -241,7 +242,8 @@ init_keys(void)
char keydir[512];
char keydir2[512];
char fingerprint[FINGERPRINT_LEN+1];
char fingerprint_line[FINGERPRINT_LEN+MAX_NICKNAME_LEN+3];/*nickname fp\n\0 */
/*nickname fp\n\0 */
char fingerprint_line[FINGERPRINT_LEN+MAX_NICKNAME_LEN+3];
char *cp;
const char *mydesc, *datadir;
crypto_pk_env_t *prkey;
@ -465,7 +467,8 @@ router_orport_found_reachable(void)
{
if (!can_reach_or_port) {
if (!clique_mode(get_options()))
notice(LD_OR,"Self-testing indicates your ORPort is reachable from the outside. Excellent.%s",
notice(LD_OR,"Self-testing indicates your ORPort is reachable from "
"the outside. Excellent.%s",
get_options()->NoPublish ? "" : " Publishing server descriptor.");
can_reach_or_port = 1;
mark_my_descriptor_dirty();
@ -478,7 +481,8 @@ void
router_dirport_found_reachable(void)
{
if (!can_reach_dir_port) {
notice(LD_DIRSERV,"Self-testing indicates your DirPort is reachable from the outside. Excellent.");
notice(LD_DIRSERV,"Self-testing indicates your DirPort is reachable "
"from the outside. Excellent.");
can_reach_dir_port = 1;
}
}
@ -530,7 +534,8 @@ advertised_server_mode(void)
}
/**
* Called with a boolean: set whether we have recently published our descriptor.
* Called with a boolean: set whether we have recently published our
* descriptor.
*/
static void
set_server_advertised(int s)
@ -608,12 +613,13 @@ router_retry_connections(int force)
tor_assert(server_mode(options));
SMARTLIST_FOREACH(rl->routers, routerinfo_t *, router, {
const char *id_digest = router->cache_info.identity_digest;
if (router_is_me(router))
continue;
if (!clique_mode(options) && !router_is_clique_mode(router))
continue;
if (force ||
!connection_or_get_by_identity_digest(router->cache_info.identity_digest)) {
!connection_or_get_by_identity_digest(id_digest)) {
debug(LD_OR,"%sconnecting to %s at %s:%u.",
clique_mode(options) ? "(forced) " : "",
router->nickname, router->address, router->or_port);
@ -621,7 +627,7 @@ router_retry_connections(int force)
if (!router->testing_since)
router->testing_since = now;
connection_or_connect(router->addr, router->or_port,
router->cache_info.identity_digest);
id_digest);
}
});
}
@ -776,7 +782,8 @@ router_rebuild_descriptor(int force)
ri->or_port = options->ORPort;
ri->dir_port = options->DirPort;
ri->cache_info.published_on = time(NULL);
ri->onion_pkey = crypto_pk_dup_key(get_onion_key()); /* must invoke from main thread */
ri->onion_pkey = crypto_pk_dup_key(get_onion_key()); /* must invoke from
* main thread */
ri->identity_pkey = crypto_pk_dup_key(get_identity_key());
if (crypto_pk_get_digest(ri->identity_pkey,
ri->cache_info.identity_digest)<0) {
@ -892,7 +899,8 @@ check_descriptor_bandwidth_changed(time_t now)
cur > prev*2 ||
cur < prev/2) {
if (last_changed+MAX_BANDWIDTH_CHANGE_FREQ < now) {
info(LD_GENERAL,"Measured bandwidth has changed; rebuilding descriptor.");
info(LD_GENERAL,
"Measured bandwidth has changed; rebuilding descriptor.");
mark_my_descriptor_dirty();
last_changed = now;
}
@ -929,7 +937,9 @@ check_descriptor_ipaddress_changed(time_t now)
in_cur.s_addr = htonl(cur);
tor_inet_ntoa(&in_cur, addrbuf_cur, sizeof(addrbuf_cur));
info(LD_GENERAL,"Our IP Address has changed from %s to %s; rebuilding descriptor.", addrbuf_prev, addrbuf_cur);
info(LD_GENERAL,
"Our IP Address has changed from %s to %s; rebuilding descriptor.",
addrbuf_prev, addrbuf_cur);
mark_my_descriptor_dirty();
}
}
@ -983,7 +993,8 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
/* Make sure the identity key matches the one in the routerinfo. */
if (crypto_pk_cmp_keys(ident_key, router->identity_pkey)) {
warn(LD_BUG,"Tried to sign a router with a private key that didn't match router's public key!");
warn(LD_BUG,"Tried to sign a router with a private key that didn't "
"match router's public key!");
return -1;
}
@ -1002,7 +1013,7 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
/* PEM-encode the identity key key */
if (crypto_pk_write_public_key_to_string(router->identity_pkey,
&identity_pkey,&identity_pkeylen)<0) {
&identity_pkey,&identity_pkeylen)<0) {
warn(LD_BUG,"write identity_pkey to string failed!");
tor_free(onion_pkey);
return -1;
@ -1101,8 +1112,8 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
written += result;
} else {
/* There is a range of ports; write ":79-80". */
result = tor_snprintf(s+written, maxlen-written, ":%d-%d\n", tmpe->prt_min,
tmpe->prt_max);
result = tor_snprintf(s+written, maxlen-written, ":%d-%d\n",
tmpe->prt_min, tmpe->prt_max);
if (result<0)
return -1;
written += result;
@ -1138,7 +1149,8 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
cp = s_tmp = s_dup = tor_strdup(s);
ri_tmp = router_parse_entry_from_string(cp, NULL);
if (!ri_tmp) {
err(LD_BUG,"We just generated a router descriptor we can't parse: <<%s>>", s);
err(LD_BUG,"We just generated a router descriptor we can't parse: <<%s>>",
s);
return -1;
}
tor_free(s_dup);

189
src/or/routerlist.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char routerlist_c_id[] = "$Id$";
const char routerlist_c_id[] =
"$Id$";
/**
* \file routerlist.c
@ -213,7 +214,8 @@ router_rebuild_store(int force)
chunk_list = smartlist_create();
for (i = 0; i < 2; ++i) {
smartlist_t *lst = (i == 0) ? routerlist->old_routers : routerlist->routers;
smartlist_t *lst = (i == 0) ? routerlist->old_routers :
routerlist->routers;
SMARTLIST_FOREACH(lst, void *, ptr,
{
signed_descriptor_t *sd = (i==0) ?
@ -335,7 +337,8 @@ router_pick_directory_server(int requireother,
if (choice || !retry_if_no_servers)
return choice;
info(LD_DIR,"No reachable router entries for dirservers. Trying them all again.");
info(LD_DIR,
"No reachable router entries for dirservers. Trying them all again.");
/* mark all authdirservers as up again */
mark_all_trusteddirservers_up();
/* try again */
@ -563,7 +566,8 @@ routerlist_add_family(smartlist_t *sl, routerinfo_t *router)
* currently running. Add the routerinfos for those routers to <b>sl</b>.
*/
void
add_nickname_list_to_smartlist(smartlist_t *sl, const char *list, int warn_if_down, int warn_if_unnamed)
add_nickname_list_to_smartlist(smartlist_t *sl, const char *list,
int warn_if_down, int warn_if_unnamed)
{
routerinfo_t *router;
smartlist_t *nickname_list;
@ -709,7 +713,8 @@ router_is_unreliable(routerinfo_t *router, int need_uptime, int need_capacity)
{
if (need_uptime && router->uptime < ROUTER_REQUIRED_MIN_UPTIME)
return 1;
if (need_capacity && router->bandwidthcapacity < ROUTER_REQUIRED_MIN_BANDWIDTH)
if (need_capacity &&
router->bandwidthcapacity < ROUTER_REQUIRED_MIN_BANDWIDTH)
return 1;
return 0;
}
@ -902,7 +907,8 @@ router_get_by_nickname(const char *nickname, int warn_if_unnamed)
best_match = router;
}
} else if (maybedigest &&
!memcmp(digest, router->cache_info.identity_digest, DIGEST_LEN)) {
!memcmp(digest, router->cache_info.identity_digest, DIGEST_LEN)
) {
return router;
}
});
@ -919,12 +925,14 @@ router_get_by_nickname(const char *nickname, int warn_if_unnamed)
char fp[HEX_DIGEST_LEN+1];
if (strcasecmp(router->nickname, nickname))
continue;
rs=router_get_combined_status_by_digest(router->cache_info.identity_digest);
rs = router_get_combined_status_by_digest(
router->cache_info.identity_digest);
if (!rs->name_lookup_warned) {
rs->name_lookup_warned = 1;
any_unwarned = 1;
}
base16_encode(fp, sizeof(fp), router->cache_info.identity_digest, DIGEST_LEN);
base16_encode(fp, sizeof(fp),
router->cache_info.identity_digest, DIGEST_LEN);
dlen = 32 + HEX_DIGEST_LEN + strlen(router->address);
desc = tor_malloc(dlen);
tor_snprintf(desc, dlen, "\"$%s\" for the one at %s:%d",
@ -942,11 +950,12 @@ router_get_by_nickname(const char *nickname, int warn_if_unnamed)
SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
smartlist_free(fps);
} else if (warn_if_unnamed) {
local_routerstatus_t *rs =
router_get_combined_status_by_digest(best_match->cache_info.identity_digest);
local_routerstatus_t *rs = router_get_combined_status_by_digest(
best_match->cache_info.identity_digest);
if (rs && !rs->name_lookup_warned) {
char fp[HEX_DIGEST_LEN+1];
base16_encode(fp, sizeof(fp), best_match->cache_info.identity_digest, DIGEST_LEN);
base16_encode(fp, sizeof(fp),
best_match->cache_info.identity_digest, DIGEST_LEN);
warn(LD_CONFIG, "You specified a server \"%s\" by name, but the "
"directory authorities do not have a listing for this name. "
"To make sure you get the same server in the future, refer to "
@ -1101,7 +1110,8 @@ routerinfo_copy(const routerinfo_t *router)
r->nickname = tor_strdup(r->nickname);
r->platform = tor_strdup(r->platform);
if (r->cache_info.signed_descriptor)
r->cache_info.signed_descriptor = tor_strdup(r->cache_info.signed_descriptor);
r->cache_info.signed_descriptor =
tor_strdup(r->cache_info.signed_descriptor);
if (r->onion_pkey)
r->onion_pkey = crypto_pk_dup_key(r->onion_pkey);
if (r->identity_pkey)
@ -1276,12 +1286,14 @@ routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
routerlist_insert(rl, ri_new);
return;
}
if (memcmp(ri_old->cache_info.identity_digest, ri_new->cache_info.identity_digest, DIGEST_LEN)) {
if (memcmp(ri_old->cache_info.identity_digest,
ri_new->cache_info.identity_digest, DIGEST_LEN)) {
/* digests don't match; digestmap_set won't replace */
digestmap_remove(rl->identity_map, ri_old->cache_info.identity_digest);
}
digestmap_set(rl->identity_map, ri_new->cache_info.identity_digest, ri_new);
digestmap_set(rl->desc_digest_map, ri_new->cache_info.signed_descriptor_digest, &(ri_new->cache_info));
digestmap_set(rl->desc_digest_map,
ri_new->cache_info.signed_descriptor_digest, &(ri_new->cache_info));
if (make_old && get_options()->DirPort) {
signed_descriptor_t *sd = signed_descriptor_from_routerinfo(ri_old);
@ -1292,7 +1304,8 @@ routerlist_replace(routerlist_t *rl, routerinfo_t *ri_old,
ri_new->cache_info.signed_descriptor_digest,
DIGEST_LEN)) {
/* digests don't match; digestmap_set didn't replace */
digestmap_remove(rl->desc_digest_map, ri_old->cache_info.signed_descriptor_digest);
digestmap_remove(rl->desc_digest_map,
ri_old->cache_info.signed_descriptor_digest);
}
routerinfo_free(ri_old);
}
@ -1361,7 +1374,8 @@ networkstatus_free(networkstatus_t *ns)
tor_free(ns->client_versions);
tor_free(ns->server_versions);
if (ns->entries) {
SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs, routerstatus_free(rs));
SMARTLIST_FOREACH(ns->entries, routerstatus_t *, rs,
routerstatus_free(rs));
smartlist_free(ns->entries);
}
tor_free(ns);
@ -1408,7 +1422,8 @@ router_mark_as_down(const char *digest)
return;
debug(LD_DIR,"Marking router '%s' as down.",router->nickname);
if (router_is_me(router) && !we_are_hibernating())
warn(LD_NET, "We just marked ourself as down. Are your external addresses reachable?");
warn(LD_NET, "We just marked ourself as down. Are your external "
"addresses reachable?");
router->is_running = 0;
}
@ -1451,7 +1466,8 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg,
/* XXXX NM If this assert doesn't trigger, we should remove the id_digest
* local. */
crypto_pk_get_digest(router->identity_pkey, id_digest);
tor_assert(!memcmp(id_digest, router->cache_info.identity_digest, DIGEST_LEN));
tor_assert(!memcmp(id_digest, router->cache_info.identity_digest,
DIGEST_LEN));
/* Make sure that we haven't already got this exact descriptor. */
if (digestmap_get(routerlist->desc_digest_map,
@ -1512,11 +1528,14 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg,
old_router->num_unreachable_notifications;
}
if (authdir &&
dirserv_thinks_router_is_blatantly_unreachable(router, time(NULL))) {
dirserv_thinks_router_is_blatantly_unreachable(router,
time(NULL))) {
if (router->num_unreachable_notifications >= 3) {
unreachable = 1;
notice(LD_DIR, "Notifying server '%s' that it's unreachable. (ContactInfo '%s', platform '%s').",
router->nickname, router->contact_info ? router->contact_info : "",
notice(LD_DIR, "Notifying server '%s' that it's unreachable. "
"(ContactInfo '%s', platform '%s').",
router->nickname,
router->contact_info ? router->contact_info : "",
router->platform ? router->platform : "");
} else {
info(LD_DIR,"'%s' may be unreachable -- the %d previous "
@ -1532,7 +1551,8 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg,
directory_set_dirty();
*msg = unreachable ? "Dirserver believes your ORPort is unreachable" :
authdir_verified ? "Verified server updated" :
"Unverified server updated. (Have you sent us your key fingerprint?)";
("Unverified server updated. (Have you sent us your key "
"fingerprint?)");
return unreachable ? 1 : 0;
}
} else if (!strcasecmp(router->nickname, old_router->nickname)) {
@ -1549,7 +1569,8 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg,
while ((conn = connection_or_get_by_identity_digest(
old_router->cache_info.identity_digest))) {
// And LD_OR? XXXXNM
info(LD_DIR,"Closing conn to router '%s'; there is now a named router with that name.",
info(LD_DIR,"Closing conn to router '%s'; there is now a named "
"router with that name.",
old_router->nickname);
connection_mark_for_close(conn);
}
@ -1559,7 +1580,8 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg,
debug(LD_DIR, "Skipping unverified entry for verified router '%s'",
router->nickname);
routerinfo_free(router);
*msg = "Already have named router with same nickname and different key.";
*msg =
"Already have named router with same nickname and different key.";
return -2;
}
}
@ -1904,8 +1926,10 @@ router_set_networkstatus(const char *s, time_t arrived_at,
warn(LD_DIR, "Couldn't parse network status.");
return -1;
}
if (!(trusted_dir=router_get_trusteddirserver_by_digest(ns->identity_digest))) {
info(LD_DIR, "Network status was signed, but not by an authoritative directory we recognize.");
if (!(trusted_dir =
router_get_trusteddirserver_by_digest(ns->identity_digest))) {
info(LD_DIR, "Network status was signed, but not by an authoritative "
"directory we recognize.");
networkstatus_free(ns);
return -1;
}
@ -1928,7 +1952,7 @@ router_set_networkstatus(const char *s, time_t arrived_at,
networkstatus_list = smartlist_create();
if (source == NS_FROM_DIR && router_digest_is_me(ns->identity_digest)) {
/* Don't replace our own networkstatus when we get it from somebody else. */
/* Don't replace our own networkstatus when we get it from somebody else.*/
networkstatus_free(ns);
return 0;
}
@ -1939,7 +1963,8 @@ router_set_networkstatus(const char *s, time_t arrived_at,
if (smartlist_string_isin(requested_fingerprints, fp)) {
smartlist_string_remove(requested_fingerprints, fp);
} else {
char *requested = smartlist_join_strings(requested_fingerprints," ",0,NULL);
char *requested =
smartlist_join_strings(requested_fingerprints," ",0,NULL);
warn(LD_DIR,
"We received a network status with a fingerprint (%s) that we "
"never requested. (We asked for: %s.) Dropping.", fp, requested);
@ -2022,7 +2047,8 @@ router_set_networkstatus(const char *s, time_t arrived_at,
return 0;
}
/** How old do we allow a network-status to get before removing it completely? */
/** How old do we allow a network-status to get before removing it
* completely? */
#define MAX_NETWORKSTATUS_AGE (10*24*60*60)
/** Remove all very-old network_status_t objects from memory and from the
* disk cache. */
@ -2139,7 +2165,8 @@ update_networkstatus_cache_downloads(time_t now)
strlcpy(resource, "fp/", sizeof(resource));
base16_encode(resource+3, sizeof(resource)-3, ds->digest, DIGEST_LEN);
strlcat(resource, ".z", sizeof(resource));
directory_get_from_dirserver(DIR_PURPOSE_FETCH_NETWORKSTATUS,resource,1);
directory_get_from_dirserver(DIR_PURPOSE_FETCH_NETWORKSTATUS,
resource,1);
});
} else {
/* A non-authority cache launches one connection to a random authority. */
@ -2219,7 +2246,8 @@ update_networkstatus_client_downloads(time_t now)
/* Also, download at least 1 every NETWORKSTATUS_CLIENT_DL_INTERVAL. */
if (n_running_dirservers &&
most_recent_received < now-NETWORKSTATUS_CLIENT_DL_INTERVAL && needed < 1) {
most_recent_received < now-NETWORKSTATUS_CLIENT_DL_INTERVAL &&
needed < 1) {
info(LD_DIR, "Our most recent network-status document (from %s) "
"is %d seconds old; downloading another.",
most_recent?most_recent->description:"nobody",
@ -2333,9 +2361,11 @@ router_compare_addr_to_addr_policy(uint32_t addr, uint16_t port,
if (tmpe->policy_type == ADDR_POLICY_ACCEPT) {
/* If we already hit a clause that might trigger a 'reject', than we
* can't be sure of this certain 'accept'.*/
return maybe_reject ? ADDR_POLICY_PROBABLY_ACCEPTED : ADDR_POLICY_ACCEPTED;
return maybe_reject ? ADDR_POLICY_PROBABLY_ACCEPTED :
ADDR_POLICY_ACCEPTED;
} else {
return maybe_accept ? ADDR_POLICY_PROBABLY_REJECTED : ADDR_POLICY_REJECTED;
return maybe_accept ? ADDR_POLICY_PROBABLY_REJECTED :
ADDR_POLICY_REJECTED;
}
}
}
@ -2438,7 +2468,7 @@ exit_policy_implicitly_allows_local_networks(addr_policy_t *policy,
p = NULL;
/* log_fn(LOG_INFO,"Checking network %s", private_networks[i].network); */
if (policy_includes_addr_mask_implicitly(
policy, private_networks[i].addr, private_networks[i].mask, &p)) {
policy, private_networks[i].addr, private_networks[i].mask, &p)) {
if (should_warn)
warn(LD_CONFIG, "Exit policy %s implicitly accepts %s",
p?p->string:"(default)",
@ -2475,7 +2505,9 @@ add_trusted_dir_server(const char *nickname, const char *address,
if (!address) { /* The address is us; we should guess. */
if (resolve_my_address(get_options(), &a, &hostname) < 0) {
warn(LD_CONFIG, "Couldn't find a suitable address when adding ourself as a trusted directory server.");
warn(LD_CONFIG,
"Couldn't find a suitable address when adding ourself as a "
"trusted directory server.");
return;
}
} else {
@ -2587,11 +2619,15 @@ routers_update_all_from_networkstatus(void)
* network-statuses we have. Perhaps we should wait until we
* have tried all of them? -RD */
if (n_valid <= n_recent/2) {
warn(LD_GENERAL, "%d/%d recent directory servers list us as invalid. Please consider sending your identity fingerprint to the tor-ops.",
warn(LD_GENERAL,
"%d/%d recent directory servers list us as invalid. Please "
"consider sending your identity fingerprint to the tor-ops.",
n_recent-n_valid, n_recent);
have_warned_about_unverified_status = 1;
} else if (!n_named) { // (n_named <= n_recent/2) {
warn(LD_GENERAL, "0/%d recent directory servers recognize this server. Please consider sending your identity fingerprint to the tor-ops.",
warn(LD_GENERAL, "0/%d recent directory servers recognize this "
"server. Please consider sending your identity fingerprint to "
"the tor-ops.",
n_recent);
have_warned_about_unverified_status = 1;
}
@ -2624,13 +2660,17 @@ routers_update_all_from_networkstatus(void)
if (n_recent > 2 && n_recommended < n_recent/2) {
if (consensus == VS_NEW || consensus == VS_NEW_IN_SERIES) {
if (!have_warned_about_new_version) {
notice(LD_GENERAL, "This version of Tor (%s) is newer than any recommended version%s, according to %d/%d recent network statuses.",
VERSION, consensus == VS_NEW_IN_SERIES ? " in its series" : "",
notice(LD_GENERAL, "This version of Tor (%s) is newer than any "
"recommended version%s, according to %d/%d recent network "
"statuses.",
VERSION,
consensus == VS_NEW_IN_SERIES ? " in its series" : "",
n_recent-n_recommended, n_recent);
have_warned_about_new_version = 1;
}
} else {
notice(LD_GENERAL, "This version of Tor (%s) is %s, according to %d/%d recent network statuses.",
notice(LD_GENERAL, "This version of Tor (%s) is %s, according to "
"%d/%d recent network statuses.",
VERSION, consensus == VS_OLD ? "obsolete" : "not recommended",
n_recent-n_recommended, n_recent);
have_warned_about_old_version = 1;
@ -2699,8 +2739,8 @@ networkstatus_list_update_recent(time_t now)
networkstatus_list_has_changed = 1;
}
/** Update our view of router status (as stored in routerstatus_list) from
* the current set of network status documents (as stored in networkstatus_list).
/** Update our view of router status (as stored in routerstatus_list) from the
* current set of network status documents (as stored in networkstatus_list).
* Do nothing unless the network status list has changed since the last time
* this function was called.
*/
@ -2780,7 +2820,8 @@ routerstatus_list_update_from_networkstatus(time_t now)
base16_encode(fp1, sizeof(fp1), other_digest, DIGEST_LEN);
base16_encode(fp2, sizeof(fp2), rs->identity_digest, DIGEST_LEN);
log_fn(should_warn ? LOG_WARN : LOG_INFO, LD_DIR,
"Naming authorities disagree about which key goes with %s. ($%s vs $%s)",
"Naming authorities disagree about which key goes with %s. "
"($%s vs $%s)",
rs->nickname, fp1, fp2);
strmap_set_lc(name_map, rs->nickname, conflict);
smartlist_add(warned_conflicts, tor_strdup(rs->nickname));
@ -2849,7 +2890,8 @@ routerstatus_list_update_from_networkstatus(time_t now)
char hd[HEX_DIGEST_LEN+1];
base16_encode(hd, HEX_DIGEST_LEN+1, rs->identity_digest, DIGEST_LEN);
if (! smartlist_string_isin(warned_conflicts, hd)) {
warn(LD_DIR, "Naming authorities disagree about nicknames for $%s (\"%s\" vs \"%s\")",
warn(LD_DIR, "Naming authorities disagree about nicknames for $%s "
"(\"%s\" vs \"%s\")",
hd, the_name, rs->nickname);
smartlist_add(warned_conflicts, tor_strdup(hd));
}
@ -2884,7 +2926,8 @@ routerstatus_list_update_from_networkstatus(time_t now)
smartlist_string_remove(warned_conflicts, rs_out->status.nickname);
}
if (rs_out->status.is_named)
strlcpy(rs_out->status.nickname, the_name, sizeof(rs_out->status.nickname));
strlcpy(rs_out->status.nickname, the_name,
sizeof(rs_out->status.nickname));
rs_out->status.is_valid = n_valid > n_statuses/2;
rs_out->status.is_running = n_running > n_recent/2;
}
@ -2906,7 +2949,9 @@ routerstatus_list_update_from_networkstatus(time_t now)
* is_named, is_verified, and is_running fields according to our current
* networkstatus_t documents. */
void
routers_update_status_from_networkstatus(smartlist_t *routers, int reset_failures, int assume_recognized)
routers_update_status_from_networkstatus(smartlist_t *routers,
int reset_failures,
int assume_recognized)
{
trusted_dir_server_t *ds;
local_routerstatus_t *rs;
@ -2920,8 +2965,9 @@ routers_update_status_from_networkstatus(smartlist_t *routers, int reset_failure
SMARTLIST_FOREACH(routers, routerinfo_t *, router,
{
rs = router_get_combined_status_by_digest(router->cache_info.identity_digest);
ds = router_get_trusteddirserver_by_digest(router->cache_info.identity_digest);
const char *digest = router->cache_info.identity_digest;
rs = router_get_combined_status_by_digest(digest);
ds = router_get_trusteddirserver_by_digest(digest);
if (!rs)
continue;
@ -2942,9 +2988,10 @@ routers_update_status_from_networkstatus(smartlist_t *routers, int reset_failure
} else {
if (!router->xx_is_recognized) {
router->xx_is_recognized = routerdesc_digest_is_recognized(
router->cache_info.identity_digest, router->cache_info.signed_descriptor_digest);
digest, router->cache_info.signed_descriptor_digest);
}
router->xx_is_extra_new = router->cache_info.published_on > rs->status.published_on;
router->xx_is_extra_new =
router->cache_info.published_on > rs->status.published_on;
}
if (reset_failures && router->xx_is_recognized) {
rs->n_download_failures = 0;
@ -2997,7 +3044,8 @@ router_list_downloadable(void)
} else {
/*
char fp[HEX_DIGEST_LEN+1];
base16_encode(fp, HEX_DIGEST_LEN+1, rs->status.identity_digest, DIGEST_LEN);
base16_encode(fp, HEX_DIGEST_LEN+1, rs->status.identity_digest,
DIGEST_LEN);
log_fn(LOG_NOTICE, "Not yet ready to download %s (%d more seconds)", fp,
(int)(rs->next_attempt_at-now));
*/
@ -3024,7 +3072,8 @@ router_list_downloadable(void)
SMARTLIST_FOREACH(downloading, const char *, d,
{
local_routerstatus_t *rs;
if ((rs = router_get_combined_status_by_digest(d)) && rs->should_download) {
if ((rs = router_get_combined_status_by_digest(d)) &&
rs->should_download) {
rs->should_download = 0;
--n_downloadable;
++n_in_progress;
@ -3040,7 +3089,8 @@ router_list_downloadable(void)
SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
{
local_routerstatus_t *rs;
if (!(rs = router_get_combined_status_by_digest(ri->cache_info.identity_digest)) ||
if (!(rs = router_get_combined_status_by_digest(
ri->cache_info.identity_digest)) ||
!rs->should_download) {
// log_fn(LOG_NOTICE, "No status for %s", fp);
continue;
@ -3056,7 +3106,8 @@ router_list_downloadable(void)
/* Change this "or" to be an "and" once dirs generate hashes right.
* Remove the version check once older versions are uncommon.
* XXXXX. NM */
if (!memcmp(ri->cache_info.signed_descriptor_digest, rs->status.descriptor_digest,
if (!memcmp(ri->cache_info.signed_descriptor_digest,
rs->status.descriptor_digest,
DIGEST_LEN) ||
rs->status.published_on <= ri->cache_info.published_on) {
++n_uptodate;
@ -3065,9 +3116,10 @@ router_list_downloadable(void)
} else if (!mirror &&
ri->platform &&
!tor_version_as_new_as(ri->platform, "0.1.1.6-alpha") &&
ri->cache_info.published_on + MAX_OLD_SERVER_DOWNLOAD_RATE > now) {
/* Same digest, or date is up-to-date, or we have a comparatively recent
* server with an old version.
(ri->cache_info.published_on +
MAX_OLD_SERVER_DOWNLOAD_RATE) > now) {
/* Same digest, or date is up-to-date, or we have a comparatively
* recent server with an old version.
* No need to download it. */
// log_fn(LOG_NOTICE, "Up-to-date status for %s", fp);
++n_skip_old;
@ -3082,7 +3134,8 @@ router_list_downloadable(void)
format_iso_time(t2, ri->published_on);
log_fn(LOG_NOTICE, "Out-of-date status for %s %s (%d %d) [%s %s]", fp,
ri->nickname,
!memcmp(ri->cache_info.signed_descriptor_digest,rs->status.descriptor_digest,
!memcmp(ri->cache_info.signed_descriptor_digest,
rs->status.descriptor_digest,
DIGEST_LEN),
rs->published_on < ri->published_on,
t1, t2);
@ -3112,7 +3165,8 @@ router_list_downloadable(void)
{
if (rs->should_download) {
char *fp = tor_malloc(HEX_DIGEST_LEN+1);
base16_encode(fp, HEX_DIGEST_LEN+1, rs->status.identity_digest, DIGEST_LEN);
base16_encode(fp, HEX_DIGEST_LEN+1, rs->status.identity_digest,
DIGEST_LEN);
smartlist_add(superseded, fp);
}
});
@ -3169,9 +3223,11 @@ update_router_descriptor_downloads(time_t now)
MAX_CLIENT_INTERVAL_WITHOUT_REQUEST) > now;
}
if (should_delay) {
// debug(LD_DIR, "There are not many downloadable routerdescs; waiting till we have some more.");
// debug(LD_DIR, "There are not many downloadable routerdescs; "
// "waiting till we have some more.");
} else
info(LD_DIR, "There are not many downloadable routerdescs, but we've been waiting long enough (%d seconds). Downloading.",
info(LD_DIR, "There are not many downloadable routerdescs, but we've "
"been waiting long enough (%d seconds). Downloading.",
(int)(now-last_routerdesc_download_attempted));
}
@ -3250,6 +3306,7 @@ router_reset_descriptor_download_failures(void)
int
router_differences_are_cosmetic(routerinfo_t *r1, routerinfo_t *r2)
{
time_t r1pub, r2pub;
tor_assert(r1 && r2);
/* r1 should be the one that was published first. */
@ -3269,7 +3326,8 @@ router_differences_are_cosmetic(routerinfo_t *r1, routerinfo_t *r2)
strcasecmp(r1->platform, r2->platform) ||
(r1->contact_info && !r2->contact_info) || /* contact_info is optional */
(!r1->contact_info && r2->contact_info) ||
(r1->contact_info && r2->contact_info && strcasecmp(r1->contact_info, r2->contact_info)) ||
(r1->contact_info && r2->contact_info &&
strcasecmp(r1->contact_info, r2->contact_info)) ||
r1->is_hibernating != r2->is_hibernating ||
config_cmp_addr_policies(r1->exit_policy, r2->exit_policy))
return 0;
@ -3298,7 +3356,9 @@ router_differences_are_cosmetic(routerinfo_t *r1, routerinfo_t *r2)
/* Did uptime fail to increase by approximately the amount we would think,
* give or take 30 minutes? */
if (abs(r2->uptime - (r1->uptime + (r2->cache_info.published_on-r1->cache_info.published_on)))>30*60)
r1pub = r1->cache_info.published_on;
r2pub = r2->cache_info.published_on;
if (abs(r2->uptime - (r1->uptime + (r2pub - r1pub))))
return 0;
/* Otherwise, the difference is cosmetic. */
@ -3317,7 +3377,8 @@ routerlist_assert_ok(routerlist_t *rl)
{
r2 = digestmap_get(rl->identity_map, r->cache_info.identity_digest);
tor_assert(r == r2);
sd2 = digestmap_get(rl->desc_digest_map, r->cache_info.signed_descriptor_digest);
sd2 = digestmap_get(rl->desc_digest_map,
r->cache_info.signed_descriptor_digest);
tor_assert(&(r->cache_info) == sd2);
});
SMARTLIST_FOREACH(rl->old_routers, signed_descriptor_t *, sd,

36
src/or/routerparse.c
View File

@ -3,7 +3,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char routerparse_c_id[] = "$Id$";
const char routerparse_c_id[] =
"$Id$";
/**
* \file routerparse.c
@ -609,7 +610,8 @@ check_directory_signature(const char *digest,
_pkey = pkey;
}
if (!_pkey) {
warn(LD_DIR, "Obsolete directory format (dir signing key not present) or signing key not trusted--rejecting.");
warn(LD_DIR, "Obsolete directory format (dir signing key not present) or "
"signing key not trusted--rejecting.");
return -1;
}
@ -764,8 +766,10 @@ router_parse_entry_from_string(const char *s, const char *end)
router->addr = ntohl(in.s_addr);
if (tok->n_args >= 5) {
router->or_port = (uint16_t) tor_parse_long(tok->args[2],10,0,65535,NULL,NULL);
router->dir_port = (uint16_t) tor_parse_long(tok->args[4],10,0,65535,NULL,NULL);
router->or_port =
(uint16_t) tor_parse_long(tok->args[2],10,0,65535,NULL,NULL);
router->dir_port =
(uint16_t) tor_parse_long(tok->args[4],10,0,65535,NULL,NULL);
ports_set = 1;
}
} else {
@ -782,8 +786,10 @@ router_parse_entry_from_string(const char *s, const char *end)
warn(LD_DIR,"Wrong # of arguments to \"ports\"");
goto err;
}
router->or_port = (uint16_t) tor_parse_long(tok->args[0],10,0,65535,NULL,NULL);
router->dir_port = (uint16_t) tor_parse_long(tok->args[2],10,0,65535,NULL,NULL);
router->or_port =
(uint16_t) tor_parse_long(tok->args[0],10,0,65535,NULL,NULL);
router->dir_port =
(uint16_t) tor_parse_long(tok->args[2],10,0,65535,NULL,NULL);
ports_set = 1;
}
@ -793,13 +799,18 @@ router_parse_entry_from_string(const char *s, const char *end)
goto err;
} else if (tok) {
if (tok->n_args < 3) {
/* XXXX Once 0.0.7 is *really* dead, restore this warning to its old form*/
warn(LD_DIR,"Not enough arguments to \"bandwidth\": must be an obsolete server. Rejecting one server (nickname '%s').", router->nickname);
/* XXXX Once 0.0.7 is *really* dead, restore this warning to its old
* form */
warn(LD_DIR,"Not enough arguments to \"bandwidth\": must be an obsolete "
" server. Rejecting one server (nickname '%s').", router->nickname);
goto err;
}
router->bandwidthrate = tor_parse_long(tok->args[0],10,0,INT_MAX,NULL,NULL);
router->bandwidthburst = tor_parse_long(tok->args[1],10,0,INT_MAX,NULL,NULL);
router->bandwidthcapacity = tor_parse_long(tok->args[2],10,0,INT_MAX,NULL,NULL);
router->bandwidthrate =
tor_parse_long(tok->args[0],10,0,INT_MAX,NULL,NULL);
router->bandwidthburst =
tor_parse_long(tok->args[1],10,0,INT_MAX,NULL,NULL);
router->bandwidthcapacity =
tor_parse_long(tok->args[2],10,0,INT_MAX,NULL,NULL);
bw_set = 1;
}
@ -1231,7 +1242,8 @@ networkstatus_parse_from_string(const char *s)
routerstatus_t *rs2 = smartlist_get(ns->entries, i+1);
if (!memcmp(rs1->identity_digest,
rs2->identity_digest, DIGEST_LEN)) {
warn(LD_DIR, "Network-status has two entries for the same router. Dropping one.");
warn(LD_DIR,
"Network-status has two entries for the same router. Dropping one.");
smartlist_del_keeporder(ns->entries, i--);
routerstatus_free(rs1);
}

100
src/or/test.c
View File

@ -2,7 +2,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char test_c_id[] = "$Id$";
const char test_c_id[] =
"$Id$";
/**
* \file test.c
@ -47,7 +48,8 @@ setup_directory(void)
#ifdef MS_WINDOWS
// XXXX
tor_snprintf(temp_dir, sizeof(temp_dir), "c:\\windows\\temp\\tor_test_%d", (int)getpid());
tor_snprintf(temp_dir, sizeof(temp_dir),
"c:\\windows\\temp\\tor_test_%d", (int)getpid());
r = mkdir(temp_dir);
#else
tor_snprintf(temp_dir, sizeof(temp_dir), "/tmp/tor_test_%d", (int) getpid());
@ -710,7 +712,8 @@ test_util(void)
test_streq("a", smartlist_get(sl,0));
test_streq("bbd", smartlist_get(sl,1));
test_streq("cdef", smartlist_get(sl,2));
smartlist_split_string(sl, " z <> zhasd <> <> bnud<> ", "<>", SPLIT_SKIP_SPACE, 0);
smartlist_split_string(sl, " z <> zhasd <> <> bnud<> ", "<>",
SPLIT_SKIP_SPACE, 0);
test_eq(8, smartlist_len(sl));
test_streq("z", smartlist_get(sl,3));
test_streq("zhasd", smartlist_get(sl,4));
@ -744,22 +747,26 @@ test_util(void)
test_streq(cp, "XY");
tor_free(cp);
smartlist_split_string(sl, " z <> zhasd <> <> bnud<> ", "<>", SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
smartlist_split_string(sl, " z <> zhasd <> <> bnud<> ", "<>",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
test_eq(3, smartlist_len(sl));
test_streq("z", smartlist_get(sl, 0));
test_streq("zhasd", smartlist_get(sl, 1));
test_streq("bnud", smartlist_get(sl, 2));
smartlist_split_string(sl, " z <> zhasd <> <> bnud<> ", "<>", SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 2);
smartlist_split_string(sl, " z <> zhasd <> <> bnud<> ", "<>",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 2);
test_eq(5, smartlist_len(sl));
test_streq("z", smartlist_get(sl, 3));
test_streq("zhasd <> <> bnud<>", smartlist_get(sl, 4));
SMARTLIST_FOREACH(sl, char *, cp, tor_free(cp));
smartlist_clear(sl);
smartlist_split_string(sl, "abcd\n", "\n", SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
smartlist_split_string(sl, "abcd\n", "\n",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
test_eq(1, smartlist_len(sl));
test_streq("abcd", smartlist_get(sl, 0));
smartlist_split_string(sl, "efgh", "\n", SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
smartlist_split_string(sl, "efgh", "\n",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
test_eq(2, smartlist_len(sl));
test_streq("efgh", smartlist_get(sl, 1));
@ -774,7 +781,8 @@ test_util(void)
test_streq(cp,"and,arma,by,nickm,onion,router,the");
tor_free(cp);
test_streq("nickm", smartlist_bsearch(sl, "zNicKM", _compare_without_first_ch));
test_streq("nickm", smartlist_bsearch(sl, "zNicKM",
_compare_without_first_ch));
test_streq("and", smartlist_bsearch(sl, " AND", _compare_without_first_ch));
test_eq_ptr(NULL, smartlist_bsearch(sl, " ANz", _compare_without_first_ch));
@ -919,7 +927,8 @@ test_gzip(void)
test_assert(!memcmp(buf2, "\037\213", 2)); /* Gzip magic. */
test_eq(detect_compression_method(buf2, len1), GZIP_METHOD);
test_assert(!tor_gzip_uncompress(&buf3, &len2, buf2, len1, GZIP_METHOD, 1));
test_assert(!tor_gzip_uncompress(&buf3, &len2, buf2, len1,
GZIP_METHOD, 1));
test_assert(buf3);
test_streq(buf1,buf3);
@ -941,7 +950,8 @@ test_gzip(void)
tor_free(buf3);
buf2 = tor_realloc(buf2, len1*2);
memcpy(buf2+len1, buf2, len1);
test_assert(!tor_gzip_uncompress(&buf3, &len2, buf2, len1*2, ZLIB_METHOD, 1));
test_assert(!tor_gzip_uncompress(&buf3, &len2, buf2, len1*2,
ZLIB_METHOD, 1));
test_eq(len2, (strlen(buf1)+1)*2);
test_memeq(buf3,
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZAAAAAAAAAAAAAAAAAAAZ\0"
@ -953,11 +963,14 @@ test_gzip(void)
tor_free(buf3);
/* Check whether we can uncompress partial strings. */
buf1 = tor_strdup("String with low redundancy that won't be compressed much.");
test_assert(!tor_gzip_compress(&buf2, &len1, buf1, strlen(buf1)+1,ZLIB_METHOD));
buf1 =
tor_strdup("String with low redundancy that won't be compressed much.");
test_assert(!tor_gzip_compress(&buf2, &len1, buf1, strlen(buf1)+1,
ZLIB_METHOD));
tor_assert(len1>16);
/* when we allow an uncomplete string, we should succeed.*/
tor_assert(!tor_gzip_uncompress(&buf3, &len2, buf2, len1-16, ZLIB_METHOD, 0));
tor_assert(!tor_gzip_uncompress(&buf3, &len2, buf2, len1-16,
ZLIB_METHOD, 0));
buf3[len2]='\0';
tor_assert(len2 > 5);
tor_assert(!strcmpstart(buf1, buf3));
@ -1100,7 +1113,8 @@ test_onion_handshake(void)
/* server handshake */
memset(s_buf, 0, ONIONSKIN_REPLY_LEN);
memset(s_keys, 0, 40);
test_assert(! onion_skin_server_handshake(c_buf, pk, NULL, s_buf, s_keys, 40));
test_assert(! onion_skin_server_handshake(c_buf, pk, NULL,
s_buf, s_keys, 40));
/* client handshake 2 */
memset(c_keys, 0, 40);
@ -1236,7 +1250,8 @@ test_dir_format(void)
strcat(buf2, pk2_str);
strcat(buf2, bw_lines);
strcat(buf2, "router-signature\n");
buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same twice*/
buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same
* twice */
test_streq(buf, buf2);
tor_free(bw_lines);
@ -1369,42 +1384,42 @@ test_dir_format(void)
test_streq("", ver1.status_tag);
#define test_eq_vs(vs1, vs2) test_eq_type(version_status_t, "%d", (vs1), (vs2))
#define test_v_i_o(val, ver, lst) \
test_eq_vs(val, tor_version_is_obsolete(ver, lst))
/* make sure tor_version_is_obsolete() works */
test_eq_vs(VS_OLD, tor_version_is_obsolete("0.0.1", "Tor 0.0.2"));
test_eq_vs(VS_OLD, tor_version_is_obsolete("0.0.1", "0.0.2, Tor 0.0.3"));
test_eq_vs(VS_OLD, tor_version_is_obsolete("0.0.1", "0.0.2,Tor 0.0.3"));
test_eq_vs(VS_OLD, tor_version_is_obsolete("0.0.1", "0.0.3,BetterTor 0.0.1"));
test_eq_vs(VS_RECOMMENDED,tor_version_is_obsolete("0.0.2", "Tor 0.0.2,Tor 0.0.3"));
test_eq_vs(VS_NEW_IN_SERIES,
tor_version_is_obsolete("0.0.2", "Tor 0.0.2pre1,Tor 0.0.3"));
test_eq_vs(VS_OLD, tor_version_is_obsolete("0.0.2", "Tor 0.0.2.1,Tor 0.0.3"));
test_eq_vs(VS_NEW, tor_version_is_obsolete("0.1.0", "Tor 0.0.2,Tor 0.0.3"));
test_eq_vs(VS_RECOMMENDED,
tor_version_is_obsolete("0.0.7rc2", "0.0.7,Tor 0.0.7rc2,Tor 0.0.8"));
test_eq_vs(VS_OLD, tor_version_is_obsolete("0.0.5.0", "0.0.5.1-cvs"));
test_eq_vs(VS_NEW_IN_SERIES, tor_version_is_obsolete("0.0.5.1-cvs", "0.0.5"));
test_v_i_o(VS_OLD, "0.0.1", "Tor 0.0.2");
test_v_i_o(VS_OLD, "0.0.1", "0.0.2, Tor 0.0.3");
test_v_i_o(VS_OLD, "0.0.1", "0.0.2,Tor 0.0.3");
test_v_i_o(VS_OLD, "0.0.1","0.0.3,BetterTor 0.0.1");
test_v_i_o(VS_RECOMMENDED, "0.0.2", "Tor 0.0.2,Tor 0.0.3");
test_v_i_o(VS_NEW_IN_SERIES, "0.0.2", "Tor 0.0.2pre1,Tor 0.0.3");
test_v_i_o(VS_OLD, "0.0.2", "Tor 0.0.2.1,Tor 0.0.3");
test_v_i_o(VS_NEW, "0.1.0", "Tor 0.0.2,Tor 0.0.3");
test_v_i_o(VS_RECOMMENDED, "0.0.7rc2", "0.0.7,Tor 0.0.7rc2,Tor 0.0.8");
test_v_i_o(VS_OLD, "0.0.5.0", "0.0.5.1-cvs");
test_v_i_o(VS_NEW_IN_SERIES, "0.0.5.1-cvs", "0.0.5");
/* Not on list, but newer than any in same series. */
test_eq_vs(VS_NEW_IN_SERIES,
tor_version_is_obsolete("0.1.0.3", "Tor 0.1.0.2,Tor 0.0.9.5,Tor 0.1.1.0"));
test_v_i_o(VS_NEW_IN_SERIES, "0.1.0.3",
"Tor 0.1.0.2,Tor 0.0.9.5,Tor 0.1.1.0");
/* Series newer than any on list. */
test_eq_vs(VS_NEW,
tor_version_is_obsolete("0.1.2.3", "Tor 0.1.0.2,Tor 0.0.9.5,Tor 0.1.1.0"));
test_v_i_o(VS_NEW, "0.1.2.3", "Tor 0.1.0.2,Tor 0.0.9.5,Tor 0.1.1.0");
/* Series older than any on list. */
test_eq_vs(VS_OLD,
tor_version_is_obsolete("0.0.1.3", "Tor 0.1.0.2,Tor 0.0.9.5,Tor 0.1.1.0"));
test_v_i_o(VS_OLD, "0.0.1.3", "Tor 0.1.0.2,Tor 0.0.9.5,Tor 0.1.1.0");
/* Not on list, not newer than any on same series. */
test_eq_vs(VS_UNRECOMMENDED,
tor_version_is_obsolete("0.1.0.1", "Tor 0.1.0.2,Tor 0.0.9.5,Tor 0.1.1.0"));
test_v_i_o(VS_UNRECOMMENDED, "0.1.0.1",
"Tor 0.1.0.2,Tor 0.0.9.5,Tor 0.1.1.0");
/* On list, not newer than any on same series. */
test_eq_vs(VS_UNRECOMMENDED,
tor_version_is_obsolete("0.1.0.1", "Tor 0.1.0.2,Tor 0.0.9.5,Tor 0.1.1.0"));
test_v_i_o(VS_UNRECOMMENDED,
"0.1.0.1", "Tor 0.1.0.2,Tor 0.0.9.5,Tor 0.1.1.0");
test_eq(0, tor_version_as_new_as("Tor 0.0.5", "0.0.9pre1-cvs"));
test_eq(1, tor_version_as_new_as(
"Tor 0.0.8 on Darwin 64-121-192-100.c3-0.sfpo-ubr1.sfrn-sfpo.ca.cable.rcn.com Power Macintosh", "0.0.8rc2"));
"Tor 0.0.8 on Darwin 64-121-192-100.c3-0."
"sfpo-ubr1.sfrn-sfpo.ca.cable.rcn.com Power Macintosh",
"0.0.8rc2"));
test_eq(0, tor_version_as_new_as(
"Tor 0.0.8 on Darwin 64-121-192-100.c3-0.sfpo-ubr1.sfrn-sfpo.ca.cable.rcn.com Power Macintosh", "0.0.8.2"));
"Tor 0.0.8 on Darwin 64-121-192-100.c3-0."
"sfpo-ubr1.sfrn-sfpo.ca.cable.rcn.com Power Macintosh", "0.0.8.2"));
}
@ -1527,7 +1542,8 @@ test_rend_fns(void)
test_streq(d2->intro_points[1], d2->intro_point_extend_info[1]->nickname);
test_eq(d2->intro_point_extend_info[0]->addr, 1234);
test_eq(d2->intro_point_extend_info[0]->port, 4567);
test_assert(!crypto_pk_cmp_keys(pk1,d2->intro_point_extend_info[0]->onion_key));
test_assert(!crypto_pk_cmp_keys(pk1,
d2->intro_point_extend_info[0]->onion_key));
test_memeq(d2->intro_point_extend_info[0]->identity_digest,
d1->intro_point_extend_info[0]->identity_digest, DIGEST_LEN);
test_eq(d2->intro_point_extend_info[1]->addr, 6060842);

3
src/or/tor_main.c
View File

@ -2,7 +2,8 @@
* Copyright 2004-2005 Roger Dingledine, Nick Mathewson. */
/* See LICENSE for licensing information */
/* $Id$ */
const char tor_main_c_id[] = "$Id$";
const char tor_main_c_id[] =
"$Id$";
/**
* \file tor_main.c