Tor 0.4.9.0-alpha-dev
circuitbuild.c
Go to the documentation of this file.
1/* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2021, The Tor Project, Inc. */
5/* See LICENSE for licensing information */
6
7/**
8 * \file circuitbuild.c
9 *
10 * \brief Implements the details of building circuits (by choosing paths,
11 * constructing/sending create/extend cells, and so on).
12 *
13 * On the client side, this module handles launching circuits. Circuit
14 * launches are started from circuit_establish_circuit(), called from
15 * circuit_launch_by_extend_info()). To choose the path the circuit will
16 * take, onion_extend_cpath() calls into a maze of node selection functions.
17 *
18 * Once the circuit is ready to be launched, the first hop is treated as a
19 * special case with circuit_handle_first_hop(), since it might need to open a
20 * channel. As the channel opens, and later as CREATED and RELAY_EXTENDED
21 * cells arrive, the client will invoke circuit_send_next_onion_skin() to send
22 * CREATE or RELAY_EXTEND cells.
23 *
24 * The server side is handled in feature/relay/circuitbuild_relay.c.
25 **/
26
27#define CIRCUITBUILD_PRIVATE
28#define OCIRC_EVENT_PRIVATE
29
30#include "core/or/or.h"
31#include "app/config/config.h"
32#include "lib/confmgt/confmgt.h"
33#include "core/crypto/hs_ntor.h"
39#include "core/or/channel.h"
41#include "core/or/circuitlist.h"
43#include "core/or/circuituse.h"
45#include "core/or/command.h"
49#include "core/or/extendinfo.h"
50#include "core/or/onion.h"
51#include "core/or/ocirc_event.h"
52#include "core/or/policies.h"
53#include "core/or/relay.h"
54#include "core/or/trace_probes_circuit.h"
55#include "core/or/crypt_path.h"
57#include "feature/client/circpathbias.h"
75#include "lib/trace/events.h"
77
78#include "core/or/cell_st.h"
83#include "core/or/or_circuit_st.h"
85
86#include "trunnel/extension.h"
87#include "trunnel/congestion_control.h"
88
92 crypt_path_t *hop);
94 uint8_t purpose,
96 crypt_path_t *head,
97 int cur_len);
98
99/** This function tries to get a channel to the specified endpoint,
100 * and then calls command_setup_channel() to give it the right
101 * callbacks.
102 */
105{
106 channel_t *chan;
107
108 const tor_addr_port_t *orport = extend_info_pick_orport(ei);
109 if (!orport)
110 return NULL;
111 const char *id_digest = ei->identity_digest;
112 const ed25519_public_key_t *ed_id = &ei->ed_identity;
113
114 chan = channel_connect(&orport->addr, orport->port, id_digest, ed_id);
115 if (chan) command_setup_channel(chan);
116
117 return chan;
118}
119
120/** Search for a value for circ_id that we can use on <b>chan</b> for an
121 * outbound circuit, until we get a circ_id that is not in use by any other
122 * circuit on that conn.
123 *
124 * Return it, or 0 if can't get a unique circ_id.
125 */
128{
129/* This number is chosen somewhat arbitrarily; see comment below for more
130 * info. When the space is 80% full, it gives a one-in-a-million failure
131 * chance; when the space is 90% full, it gives a one-in-850 chance; and when
132 * the space is 95% full, it gives a one-in-26 failure chance. That seems
133 * okay, though you could make a case IMO for anything between N=32 and
134 * N=256. */
135#define MAX_CIRCID_ATTEMPTS 64
136 int in_use;
137 unsigned n_with_circ = 0, n_pending_destroy = 0, n_weird_pending_destroy = 0;
138 circid_t test_circ_id;
139 circid_t attempts=0;
140 circid_t high_bit, max_range, mask;
141 int64_t pending_destroy_time_total = 0;
142 int64_t pending_destroy_time_max = 0;
143
144 tor_assert(chan);
145
146 if (chan->circ_id_type == CIRC_ID_TYPE_NEITHER) {
147 log_warn(LD_BUG,
148 "Trying to pick a circuit ID for a connection from "
149 "a client with no identity.");
150 return 0;
151 }
152 max_range = (chan->wide_circ_ids) ? (1u<<31) : (1u<<15);
153 mask = max_range - 1;
154 high_bit = (chan->circ_id_type == CIRC_ID_TYPE_HIGHER) ? max_range : 0;
155 do {
156 if (++attempts > MAX_CIRCID_ATTEMPTS) {
157 /* Make sure we don't loop forever because all circuit IDs are used.
158 *
159 * Once, we would try until we had tried every possible circuit ID. But
160 * that's quite expensive. Instead, we try MAX_CIRCID_ATTEMPTS random
161 * circuit IDs, and then give up.
162 *
163 * This potentially causes us to give up early if our circuit ID space
164 * is nearly full. If we have N circuit IDs in use, then we will reject
165 * a new circuit with probability (N / max_range) ^ MAX_CIRCID_ATTEMPTS.
166 * This means that in practice, a few percent of our circuit ID capacity
167 * will go unused.
168 *
169 * The alternative here, though, is to do a linear search over the
170 * whole circuit ID space every time we extend a circuit, which is
171 * not so great either.
172 */
173 int64_t queued_destroys;
175 approx_time());
176 if (m == NULL)
177 return 0; /* This message has been rate-limited away. */
178 if (n_pending_destroy)
179 pending_destroy_time_total /= n_pending_destroy;
180 log_warn(LD_CIRC,"No unused circIDs found on channel %s wide "
181 "circID support, with %u inbound and %u outbound circuits. "
182 "Found %u circuit IDs in use by circuits, and %u with "
183 "pending destroy cells. (%u of those were marked bogusly.) "
184 "The ones with pending destroy cells "
185 "have been marked unusable for an average of %ld seconds "
186 "and a maximum of %ld seconds. This channel is %ld seconds "
187 "old. Failing a circuit.%s",
188 chan->wide_circ_ids ? "with" : "without",
189 chan->num_p_circuits, chan->num_n_circuits,
190 n_with_circ, n_pending_destroy, n_weird_pending_destroy,
191 (long)pending_destroy_time_total,
192 (long)pending_destroy_time_max,
193 (long)(approx_time() - chan->timestamp_created),
194 m);
195 tor_free(m);
196
197 if (!chan->cmux) {
198 /* This warning should be impossible. */
199 log_warn(LD_BUG, " This channel somehow has no cmux on it!");
200 return 0;
201 }
202
203 /* analysis so far on 12184 suggests that we're running out of circuit
204 IDs because it looks like we have too many pending destroy
205 cells. Let's see how many we really have pending.
206 */
207 queued_destroys = circuitmux_count_queued_destroy_cells(chan,
208 chan->cmux);
209
210 log_warn(LD_CIRC, " Circuitmux on this channel has %u circuits, "
211 "of which %u are active. It says it has %"PRId64
212 " destroy cells queued.",
215 (queued_destroys));
216
217 /* Change this into "if (1)" in order to get more information about
218 * possible failure modes here. You'll need to know how to use gdb with
219 * Tor: this will make Tor exit with an assertion failure if the cmux is
220 * corrupt. */
221 if (0)
222 circuitmux_assert_okay(chan->cmux);
223
225
226 return 0;
227 }
228
229 do {
230 crypto_rand((char*) &test_circ_id, sizeof(test_circ_id));
231 test_circ_id &= mask;
232 } while (test_circ_id == 0);
233
234 test_circ_id |= high_bit;
235
236 in_use = circuit_id_in_use_on_channel(test_circ_id, chan);
237 if (in_use == 1)
238 ++n_with_circ;
239 else if (in_use == 2) {
240 time_t since_when;
241 ++n_pending_destroy;
242 since_when =
244 if (since_when) {
245 time_t waiting = approx_time() - since_when;
246 pending_destroy_time_total += waiting;
247 if (waiting > pending_destroy_time_max)
248 pending_destroy_time_max = waiting;
249 } else {
250 ++n_weird_pending_destroy;
251 }
252 }
253 } while (in_use);
254 return test_circ_id;
255}
256
257/** If <b>verbose</b> is false, allocate and return a comma-separated list of
258 * the currently built elements of <b>circ</b>. If <b>verbose</b> is true, also
259 * list information about link status in a more verbose format using spaces.
260 * If <b>verbose_names</b> is false, give hex digests; if <b>verbose_names</b>
261 * is true, use $DIGEST=Name style names.
262 */
263static char *
264circuit_list_path_impl(origin_circuit_t *circ, int verbose, int verbose_names)
265{
266 crypt_path_t *hop;
267 smartlist_t *elements;
268 const char *states[] = {"closed", "waiting for keys", "open"};
269 char *s;
270
271 elements = smartlist_new();
272
273 if (verbose) {
274 const char *nickname = build_state_get_exit_nickname(circ->build_state);
275 smartlist_add_asprintf(elements, "%s%s circ (length %d%s%s):",
276 circ->build_state->is_internal ? "internal" : "exit",
277 circ->build_state->need_uptime ? " (high-uptime)" : "",
279 circ->base_.state == CIRCUIT_STATE_OPEN ? "" : ", last hop ",
280 circ->base_.state == CIRCUIT_STATE_OPEN ? "" :
281 (nickname?nickname:"*unnamed*"));
282 }
283
284 hop = circ->cpath;
285 do {
286 char *elt;
287 const char *id;
288 const node_t *node;
289 if (!hop)
290 break;
291 if (!verbose && hop->state != CPATH_STATE_OPEN)
292 break;
293 if (!hop->extend_info)
294 break;
295 id = hop->extend_info->identity_digest;
296 if (verbose_names) {
297 elt = tor_malloc(MAX_VERBOSE_NICKNAME_LEN+1);
298 if ((node = node_get_by_id(id))) {
299 node_get_verbose_nickname(node, elt);
300 } else if (is_legal_nickname(hop->extend_info->nickname)) {
301 elt[0] = '$';
303 elt[HEX_DIGEST_LEN+1]= '~';
304 strlcpy(elt+HEX_DIGEST_LEN+2,
306 } else {
307 elt[0] = '$';
309 }
310 } else { /* ! verbose_names */
311 elt = tor_malloc(HEX_DIGEST_LEN+2);
312 elt[0] = '$';
314 }
315 tor_assert(elt);
316 if (verbose) {
317 tor_assert(hop->state <= 2);
318 smartlist_add_asprintf(elements,"%s(%s)",elt,states[hop->state]);
319 tor_free(elt);
320 } else {
321 smartlist_add(elements, elt);
322 }
323 hop = hop->next;
324 } while (hop != circ->cpath);
325
326 s = smartlist_join_strings(elements, verbose?" ":",", 0, NULL);
327 SMARTLIST_FOREACH(elements, char*, cp, tor_free(cp));
328 smartlist_free(elements);
329 return s;
330}
331
332/** If <b>verbose</b> is false, allocate and return a comma-separated
333 * list of the currently built elements of <b>circ</b>. If
334 * <b>verbose</b> is true, also list information about link status in
335 * a more verbose format using spaces.
336 */
337char *
339{
340 return circuit_list_path_impl(circ, verbose, 0);
341}
342
343/** Allocate and return a comma-separated list of the currently built elements
344 * of <b>circ</b>, giving each as a verbose nickname.
345 */
346char *
348{
349 return circuit_list_path_impl(circ, 0, 1);
350}
351
352/** Log, at severity <b>severity</b>, the nicknames of each router in
353 * <b>circ</b>'s cpath. Also log the length of the cpath, and the intended
354 * exit point.
355 */
356void
357circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ)
358{
359 char *s = circuit_list_path(circ,1);
360 tor_log(severity,domain,"%s",s);
361 tor_free(s);
362}
363
364/** Return 1 iff every node in circ's cpath definitely supports ntor. */
365static int
367{
368 crypt_path_t *head, *cpath;
369
370 cpath = head = circ->cpath;
371 do {
372 /* if the extend_info is missing, we can't tell if it supports ntor */
373 if (!cpath->extend_info) {
374 return 0;
375 }
376
377 /* if the key is blank, it definitely doesn't support ntor */
378 if (!extend_info_supports_ntor(cpath->extend_info)) {
379 return 0;
380 }
381 cpath = cpath->next;
382 } while (cpath != head);
383
384 return 1;
385}
386
387/** Pick all the entries in our cpath. Stop and return 0 when we're
388 * happy, or return -1 if an error occurs. */
389static int
391{
392 int r = 0;
393
394 /* onion_extend_cpath assumes these are non-NULL */
395 tor_assert(circ);
396 tor_assert(circ->build_state);
397
398 while (r == 0) {
399 r = onion_extend_cpath(circ);
400 if (r < 0) {
401 log_info(LD_CIRC,"Generating cpath hop failed.");
402 return -1;
403 }
404 }
405
406 /* The path is complete */
407 tor_assert(r == 1);
408
409 /* Does every node in this path support ntor? */
410 int path_supports_ntor = circuit_cpath_supports_ntor(circ);
411
412 /* We would like every path to support ntor, but we have to allow for some
413 * edge cases. */
415 if (circuit_can_use_tap(circ)) {
416 /* Circuits from clients to intro points, and hidden services to rend
417 * points do not support ntor, because the hidden service protocol does
418 * not include ntor onion keys. This is also true for Single Onion
419 * Services. */
420 return 0;
421 }
422
423 if (circuit_get_cpath_len(circ) == 1) {
424 /* Allow for bootstrapping: when we're fetching directly from a fallback,
425 * authority, or bridge, we have no way of knowing its ntor onion key
426 * before we connect to it. So instead, we try connecting, and end up using
427 * CREATE_FAST. */
428 tor_assert(circ->cpath);
430 const node_t *node = node_get_by_id(
432 /* If we don't know the node and its descriptor, we must be bootstrapping.
433 */
434 if (!node || !node_has_preferred_descriptor(node, 1)) {
435 return 0;
436 }
437 }
438
439 if (BUG(!path_supports_ntor)) {
440 /* If we're building a multi-hop path, and it's not one of the HS or
441 * bootstrapping exceptions, and it doesn't support ntor, something has
442 * gone wrong. */
443 return -1;
444 }
445
446 return 0;
447}
448
449/** Create and return a new origin circuit. Initialize its purpose and
450 * build-state based on our arguments. The <b>flags</b> argument is a
451 * bitfield of CIRCLAUNCH_* flags, see circuit_launch_by_extend_info() for
452 * more details. */
454origin_circuit_init(uint8_t purpose, int flags)
455{
456 /* sets circ->p_circ_id and circ->p_chan */
459 circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t));
461 ((flags & CIRCLAUNCH_ONEHOP_TUNNEL) ? 1 : 0);
462 circ->build_state->need_uptime =
463 ((flags & CIRCLAUNCH_NEED_UPTIME) ? 1 : 0);
465 ((flags & CIRCLAUNCH_NEED_CAPACITY) ? 1 : 0);
466 circ->build_state->is_internal =
467 ((flags & CIRCLAUNCH_IS_INTERNAL) ? 1 : 0);
469 ((flags & CIRCLAUNCH_IS_IPV6_SELFTEST) ? 1 : 0);
471 ((flags & CIRCLAUNCH_NEED_CONFLUX) ? 1 : 0);
472 circ->base_.purpose = purpose;
473 return circ;
474}
475
476/** Build a new circuit for <b>purpose</b>. If <b>exit</b> is defined, then use
477 * that as your exit router, else choose a suitable exit node. The <b>flags</b>
478 * argument is a bitfield of CIRCLAUNCH_* flags, see
479 * circuit_launch_by_extend_info() for more details.
480 *
481 * Also launch a connection to the first OR in the chosen path, if
482 * it's not open already.
483 */
485circuit_establish_circuit(uint8_t purpose, extend_info_t *exit_ei, int flags)
486{
487 origin_circuit_t *circ;
488 int err_reason = 0;
489 int is_hs_v3_rp_circuit = 0;
490
491 if (flags & CIRCLAUNCH_IS_V3_RP) {
492 is_hs_v3_rp_circuit = 1;
493 }
494
495 circ = origin_circuit_init(purpose, flags);
496
497 if (onion_pick_cpath_exit(circ, exit_ei, is_hs_v3_rp_circuit) < 0 ||
498 onion_populate_cpath(circ) < 0) {
499 circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_NOPATH);
500 return NULL;
501 }
502
503 circuit_event_status(circ, CIRC_EVENT_LAUNCHED, 0);
504
505 if ((err_reason = circuit_handle_first_hop(circ)) < 0) {
506 circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
507 return NULL;
508 }
509
510 tor_trace(TR_SUBSYS(circuit), TR_EV(establish), circ);
511 return circ;
512}
513
514/**
515 * Build a new conflux circuit for <b>purpose</b>. If <b>exit</b> is defined,
516 * then use that as your exit router, else choose a suitable exit node.
517 * The <b>flags</b> argument is a bitfield of CIRCLAUNCH_* flags, see
518 * circuit_launch_by_extend_info() for more details.
519 *
520 * Also launch a connection to the first OR in the chosen path, if
521 * it's not open already.
522 */
524circuit_establish_circuit_conflux,(const uint8_t *conflux_nonce,
525 uint8_t purpose, extend_info_t *exit_ei,
526 int flags))
527{
528 origin_circuit_t *circ;
529 int err_reason = 0;
530
531 /* Right now, only conflux client circuits use this function */
533
534 circ = origin_circuit_init(purpose, flags);
535 TO_CIRCUIT(circ)->conflux_pending_nonce =
536 tor_memdup(conflux_nonce, DIGEST256_LEN);
537
538 if (onion_pick_cpath_exit(circ, exit_ei, 0) < 0 ||
539 onion_populate_cpath(circ) < 0) {
540 circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_NOPATH);
541 return NULL;
542 }
543
544 circuit_event_status(circ, CIRC_EVENT_LAUNCHED, 0);
545
546 if ((err_reason = circuit_handle_first_hop(circ)) < 0) {
547 circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
548 return NULL;
549 }
550
551 tor_trace(TR_SUBSYS(circuit), TR_EV(establish), circ);
552 return circ;
553}
554
555/** Return the guard state associated with <b>circ</b>, which may be NULL. */
556circuit_guard_state_t *
558{
559 return circ->guard_state;
560}
561
562/**
563 * Helper function to publish a channel association message
564 *
565 * circuit_handle_first_hop() calls this to notify subscribers about a
566 * channel launch event, which associates a circuit with a channel.
567 * This doesn't always correspond to an assignment of the circuit's
568 * n_chan field, because that seems to be only for fully-open
569 * channels.
570 **/
571static void
573{
574 ocirc_chan_msg_t *msg = tor_malloc(sizeof(*msg));
575
576 msg->gid = circ->global_identifier;
577 msg->chan = chan->global_identifier;
578 msg->onehop = circ->build_state->onehop_tunnel;
579
580 ocirc_chan_publish(msg);
581}
582
583/** Start establishing the first hop of our circuit. Figure out what
584 * OR we should connect to, and if necessary start the connection to
585 * it. If we're already connected, then send the 'create' cell.
586 * Return 0 for ok, -reason if circ should be marked-for-close. */
587int
589{
590 crypt_path_t *firsthop;
591 channel_t *n_chan;
592 int err_reason = 0;
593 const char *msg = NULL;
594 int should_launch = 0;
595 const or_options_t *options = get_options();
596
597 firsthop = cpath_get_next_non_open_hop(circ->cpath);
598 tor_assert(firsthop);
599 tor_assert(firsthop->extend_info);
600
601 /* Some bridges are on private addresses. Others pass a dummy private
602 * address to the pluggable transport, which ignores it.
603 * Deny the connection if:
604 * - the address is internal, and
605 * - we're not connecting to a configured bridge, and
606 * - we're not configured to allow extends to private addresses. */
609 !options->ExtendAllowPrivateAddresses) {
610 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
611 "Client asked me to connect directly to a private address");
612 return -END_CIRC_REASON_TORPROTOCOL;
613 }
614
615 /* now see if we're already connected to the first OR in 'route' */
616 const tor_addr_port_t *orport4 =
617 extend_info_get_orport(firsthop->extend_info, AF_INET);
618 const tor_addr_port_t *orport6 =
619 extend_info_get_orport(firsthop->extend_info, AF_INET6);
620 n_chan = channel_get_for_extend(
621 firsthop->extend_info->identity_digest,
622 &firsthop->extend_info->ed_identity,
623 orport4 ? &orport4->addr : NULL,
624 orport6 ? &orport6->addr : NULL,
625 true,
626 &msg,
627 &should_launch);
628
629 if (!n_chan) {
630 /* not currently connected in a useful way. */
631 log_info(LD_CIRC, "Next router is %s: %s",
632 safe_str_client(extend_info_describe(firsthop->extend_info)),
633 msg?msg:"???");
634 circ->base_.n_hop = extend_info_dup(firsthop->extend_info);
635
636 if (should_launch) {
637 n_chan = channel_connect_for_circuit(firsthop->extend_info);
638 if (!n_chan) { /* connect failed, forget the whole thing */
639 log_info(LD_CIRC,"connect to firsthop failed. Closing.");
640 return -END_CIRC_REASON_CONNECTFAILED;
641 }
642 /* We didn't find a channel, but we're launching one for an origin
643 * circuit. (If we decided not to launch a channel, then we found at
644 * least one once good in-progress channel use for this circuit, and
645 * marked it in channel_get_for_extend().) */
647 circuit_chan_publish(circ, n_chan);
648 }
649
650 log_debug(LD_CIRC,"connecting in progress (or finished). Good.");
651 /* return success. The onion/circuit/etc will be taken care of
652 * automatically (may already have been) whenever n_chan reaches
653 * OR_CONN_STATE_OPEN.
654 */
655 return 0;
656 } else { /* it's already open. use it. */
657 tor_assert(!circ->base_.n_hop);
658 circ->base_.n_chan = n_chan;
659 /* We found a channel, and we're using it for an origin circuit. */
661 circuit_chan_publish(circ, n_chan);
662 log_debug(LD_CIRC,"Conn open for %s. Delivering first onion skin.",
663 safe_str_client(extend_info_describe(firsthop->extend_info)));
664 if ((err_reason = circuit_send_next_onion_skin(circ)) < 0) {
665 log_info(LD_CIRC,"circuit_send_next_onion_skin failed.");
666 circ->base_.n_chan = NULL;
667 return err_reason;
668 }
669 }
670 return 0;
671}
672
673/** Find any circuits that are waiting on <b>or_conn</b> to become
674 * open and get them to send their create cells forward.
675 *
676 * Status is 1 if connect succeeded, or 0 if connect failed.
677 *
678 * Close_origin_circuits is 1 if we should close all the origin circuits
679 * through this channel, or 0 otherwise. (This happens when we want to retry
680 * an older guard.)
681 */
682void
683circuit_n_chan_done(channel_t *chan, int status, int close_origin_circuits)
684{
685 smartlist_t *pending_circs;
686 int err_reason = 0;
687
688 tor_assert(chan);
689
690 log_debug(LD_CIRC,"chan to %s, status=%d",
691 channel_describe_peer(chan), status);
692
693 pending_circs = smartlist_new();
694 circuit_get_all_pending_on_channel(pending_circs, chan);
695
696 SMARTLIST_FOREACH_BEGIN(pending_circs, circuit_t *, circ)
697 {
698 /* These checks are redundant wrt get_all_pending_on_or_conn, but I'm
699 * leaving them in in case it's possible for the status of a circuit to
700 * change as we're going down the list. */
701 if (circ->marked_for_close || circ->n_chan || !circ->n_hop ||
702 circ->state != CIRCUIT_STATE_CHAN_WAIT)
703 continue;
704
705 const char *rsa_ident = NULL;
706 const ed25519_public_key_t *ed_ident = NULL;
707 if (! tor_digest_is_zero(circ->n_hop->identity_digest)) {
708 rsa_ident = circ->n_hop->identity_digest;
709 }
710 if (! ed25519_public_key_is_zero(&circ->n_hop->ed_identity)) {
711 ed_ident = &circ->n_hop->ed_identity;
712 }
713
714 if (rsa_ident == NULL && ed_ident == NULL) {
715 /* Look at addr/port. This is an unkeyed connection. */
716 if (!channel_matches_extend_info(chan, circ->n_hop))
717 continue;
718 } else {
719 /* We expected a key or keys. See if they matched. */
720 if (!channel_remote_identity_matches(chan, rsa_ident, ed_ident))
721 continue;
722
723 /* If the channel is canonical, great. If not, it needs to match
724 * the requested address exactly. */
725 if (! chan->is_canonical &&
726 ! channel_matches_extend_info(chan, circ->n_hop)) {
727 continue;
728 }
729 }
730 if (!status) { /* chan failed; close circ */
731 log_info(LD_CIRC,"Channel failed; closing circ.");
732 circuit_mark_for_close(circ, END_CIRC_REASON_CHANNEL_CLOSED);
733 continue;
734 }
735
736 if (close_origin_circuits && CIRCUIT_IS_ORIGIN(circ)) {
737 log_info(LD_CIRC,"Channel deprecated for origin circs; closing circ.");
738 circuit_mark_for_close(circ, END_CIRC_REASON_CHANNEL_CLOSED);
739 continue;
740 }
741 log_debug(LD_CIRC, "Found circ, sending create cell.");
742 /* circuit_deliver_create_cell will set n_circ_id and add us to
743 * chan_circuid_circuit_map, so we don't need to call
744 * set_circid_chan here. */
745 circ->n_chan = chan;
746 extend_info_free(circ->n_hop);
747 circ->n_hop = NULL;
748
749 if (CIRCUIT_IS_ORIGIN(circ)) {
750 if ((err_reason =
752 log_info(LD_CIRC,
753 "send_next_onion_skin failed; circuit marked for closing.");
754 circuit_mark_for_close(circ, -err_reason);
755 continue;
756 /* XXX could this be bad, eg if next_onion_skin failed because conn
757 * died? */
758 }
759 } else {
760 /* pull the create cell out of circ->n_chan_create_cell, and send it */
761 tor_assert(circ->n_chan_create_cell);
762 if (circuit_deliver_create_cell(circ, circ->n_chan_create_cell, 1)<0) {
763 circuit_mark_for_close(circ, END_CIRC_REASON_RESOURCELIMIT);
764 continue;
765 }
766 tor_free(circ->n_chan_create_cell);
768 }
769 }
770 SMARTLIST_FOREACH_END(circ);
771
772 smartlist_free(pending_circs);
773}
774
775/** Find a new circid that isn't currently in use on the circ->n_chan
776 * for the outgoing
777 * circuit <b>circ</b>, and deliver the cell <b>create_cell</b> to this
778 * circuit. If <b>relayed</b> is true, this is a create cell somebody
779 * gave us via an EXTEND cell, so we shouldn't worry if we don't understand
780 * it. Return -1 if we failed to find a suitable circid, else return 0.
781 */
782MOCK_IMPL(int,
784 const struct create_cell_t *create_cell,
785 int relayed))
786{
787 cell_t cell;
788 circid_t id;
789 int r;
790
791 tor_assert(circ);
792 tor_assert(circ->n_chan);
793 tor_assert(create_cell);
794 tor_assert(create_cell->cell_type == CELL_CREATE ||
795 create_cell->cell_type == CELL_CREATE_FAST ||
796 create_cell->cell_type == CELL_CREATE2);
797
799 if (!id) {
800 static ratelim_t circid_warning_limit = RATELIM_INIT(9600);
801 log_fn_ratelim(&circid_warning_limit, LOG_WARN, LD_CIRC,
802 "failed to get unique circID.");
803 goto error;
804 }
805
806 tor_assert_nonfatal_once(circ->n_chan->is_canonical);
807
808 memset(&cell, 0, sizeof(cell_t));
809 r = relayed ? create_cell_format_relayed(&cell, create_cell)
810 : create_cell_format(&cell, create_cell);
811 if (r < 0) {
812 log_warn(LD_CIRC,"Couldn't format create cell");
813 goto error;
814 }
815 log_debug(LD_CIRC,"Chosen circID %u.", (unsigned)id);
816 circuit_set_n_circid_chan(circ, id, circ->n_chan);
817 cell.circ_id = circ->n_circ_id;
818
819 append_cell_to_circuit_queue(circ, circ->n_chan, &cell,
821
822 if (CIRCUIT_IS_ORIGIN(circ)) {
823 /* Update began timestamp for circuits starting their first hop */
824 if (TO_ORIGIN_CIRCUIT(circ)->cpath->state == CPATH_STATE_CLOSED) {
825 if (!CHANNEL_IS_OPEN(circ->n_chan)) {
826 log_warn(LD_CIRC,
827 "Got first hop for a circuit without an opened channel. "
828 "State: %s.", channel_state_to_string(circ->n_chan->state));
830 }
831
833 }
834
835 /* mark it so it gets better rate limiting treatment. */
837 }
838
839 return 0;
840 error:
841 circ->n_chan = NULL;
842 return -1;
843}
844
845/** Return true iff we should send a create_fast cell to start building a
846 * given circuit */
847static inline bool
849{
850 tor_assert(circ->cpath);
852
853 return ! circuit_has_usable_onion_key(circ);
854}
855
856/**
857 * Return true if <b>circ</b> is the type of circuit we want to count
858 * timeouts from.
859 *
860 * In particular, we want to consider any circuit that plans to build
861 * at least 3 hops (but maybe more), but has 3 or fewer hops built
862 * so far.
863 *
864 * We still want to consider circuits before 3 hops, because we need
865 * to decide if we should convert them to a measurement circuit in
866 * circuit_build_times_handle_completed_hop(), rather than letting
867 * slow circuits get killed right away.
868 */
869int
871{
872 return !circ->has_opened
875}
876
877/** Decide whether to use a TAP or ntor handshake for connecting to <b>ei</b>
878 * directly, and set *<b>cell_type_out</b> and *<b>handshake_type_out</b>
879 * accordingly.
880 * Note that TAP handshakes in CREATE cells are only used for direct
881 * connections:
882 * - from Single Onions to rend points not in the service's consensus.
883 * This is checked in onion_populate_cpath. */
884static void
885circuit_pick_create_handshake(uint8_t *cell_type_out,
886 uint16_t *handshake_type_out,
887 const extend_info_t *ei)
888{
889 /* torspec says: In general, clients SHOULD use CREATE whenever they are
890 * using the TAP handshake, and CREATE2 otherwise. */
891 if (extend_info_supports_ntor(ei)) {
892 *cell_type_out = CELL_CREATE2;
893 /* Only use ntor v3 with exits that support congestion control,
894 * and only when it is enabled. */
897 *handshake_type_out = ONION_HANDSHAKE_TYPE_NTOR_V3;
898 else
899 *handshake_type_out = ONION_HANDSHAKE_TYPE_NTOR;
900 } else {
901 /* XXXX030 Remove support for deciding to use TAP and EXTEND. */
902 *cell_type_out = CELL_CREATE;
903 *handshake_type_out = ONION_HANDSHAKE_TYPE_TAP;
904 }
905}
906
907/** Decide whether to use a TAP or ntor handshake for extending to <b>ei</b>
908 * and set *<b>handshake_type_out</b> accordingly. Decide whether we should
909 * use an EXTEND2 or an EXTEND cell to do so, and set *<b>cell_type_out</b>
910 * and *<b>create_cell_type_out</b> accordingly.
911 * Note that TAP handshakes in EXTEND cells are only used:
912 * - from clients to intro points, and
913 * - from hidden services to rend points.
914 * This is checked in onion_populate_cpath.
915 */
916static void
917circuit_pick_extend_handshake(uint8_t *cell_type_out,
918 uint8_t *create_cell_type_out,
919 uint16_t *handshake_type_out,
920 const extend_info_t *ei)
921{
922 uint8_t t;
923 circuit_pick_create_handshake(&t, handshake_type_out, ei);
924
925 /* torspec says: Clients SHOULD use the EXTEND format whenever sending a TAP
926 * handshake... In other cases, clients SHOULD use EXTEND2. */
927 if (*handshake_type_out != ONION_HANDSHAKE_TYPE_TAP) {
928 *cell_type_out = RELAY_COMMAND_EXTEND2;
929 *create_cell_type_out = CELL_CREATE2;
930 } else {
931 /* XXXX030 Remove support for deciding to use TAP and EXTEND. */
932 *cell_type_out = RELAY_COMMAND_EXTEND;
933 *create_cell_type_out = CELL_CREATE;
934 }
935}
936
937/**
938 * Return true iff <b>circ</b> is allowed
939 * to have no guard configured, even if the circuit is multihop
940 * and guards are enabled.
941 */
942static int
944{
945 if (BUG(!circ))
946 return 0;
947
948 if (circ->first_hop_from_controller) {
949 /* The controller picked the first hop: that bypasses the guard system. */
950 return 1;
951 }
952
953 switch (circ->base_.purpose) {
956 /* Testing circuits may omit guards because they're measuring
957 * liveness or performance, and don't want guards to interfere. */
958 return 1;
959 default:
960 /* All other multihop circuits should use guards if guards are
961 * enabled. */
962 return 0;
963 }
964}
965
966/** This is the backbone function for building circuits.
967 *
968 * If circ's first hop is closed, then we need to build a create
969 * cell and send it forward.
970 *
971 * Otherwise, if circ's cpath still has any non-open hops, we need to
972 * build a relay extend cell and send it forward to the next non-open hop.
973 *
974 * If all hops on the cpath are open, we're done building the circuit
975 * and we should do housekeeping for the newly opened circuit.
976 *
977 * Return -reason if we want to tear down circ, else return 0.
978 */
979int
981{
982 tor_assert(circ);
983
984 if (circ->cpath->state == CPATH_STATE_CLOSED) {
985 /* Case one: we're on the first hop. */
987 }
988
989 tor_assert(circ->cpath->state == CPATH_STATE_OPEN);
991
994
996
997 if (hop) {
998 /* Case two: we're on a hop after the first. */
999 return circuit_send_intermediate_onion_skin(circ, hop);
1000 }
1001
1002 /* Case three: the circuit is finished. Do housekeeping tasks on it. */
1004 return circuit_build_no_more_hops(circ);
1005}
1006
1007/**
1008 * Called from circuit_send_next_onion_skin() when we find ourselves connected
1009 * to the first hop in <b>circ</b>: Send a CREATE or CREATE2 or CREATE_FAST
1010 * cell to that hop. Return 0 on success; -reason on failure (if the circuit
1011 * should be torn down).
1012 */
1013static int
1015{
1016 int fast;
1017 int len;
1018 const node_t *node;
1019 create_cell_t cc;
1020 memset(&cc, 0, sizeof(cc));
1021
1022 log_debug(LD_CIRC,"First skin; sending create cell.");
1023
1024 if (circ->build_state->onehop_tunnel) {
1025 control_event_bootstrap(BOOTSTRAP_STATUS_ONEHOP_CREATE, 0);
1026 } else {
1027 control_event_bootstrap(BOOTSTRAP_STATUS_CIRCUIT_CREATE, 0);
1028
1029 /* If this is not a one-hop tunnel, the channel is being used
1030 * for traffic that wants anonymity and protection from traffic
1031 * analysis (such as netflow record retention). That means we want
1032 * to pad it.
1033 */
1034 if (circ->base_.n_chan->channel_usage < CHANNEL_USED_FOR_FULL_CIRCS)
1035 circ->base_.n_chan->channel_usage = CHANNEL_USED_FOR_FULL_CIRCS;
1036 }
1037
1038 node = node_get_by_id(circ->base_.n_chan->identity_digest);
1040 if (!fast) {
1041 /* We know the right onion key: we should send a create cell. */
1043 circ->cpath->extend_info);
1044 } else {
1045 /* We don't know an onion key, so we need to fall back to CREATE_FAST. */
1046 cc.cell_type = CELL_CREATE_FAST;
1047 cc.handshake_type = ONION_HANDSHAKE_TYPE_FAST;
1048 }
1049
1051 circ->cpath->extend_info,
1052 &circ->cpath->handshake_state,
1053 cc.onionskin,
1054 sizeof(cc.onionskin));
1055 if (len < 0) {
1056 log_warn(LD_CIRC,"onion_skin_create (first hop) failed.");
1057 return - END_CIRC_REASON_INTERNAL;
1058 }
1059 cc.handshake_len = len;
1060
1061 if (circuit_deliver_create_cell(TO_CIRCUIT(circ), &cc, 0) < 0)
1062 return - END_CIRC_REASON_RESOURCELIMIT;
1063 tor_trace(TR_SUBSYS(circuit), TR_EV(first_onion_skin), circ, circ->cpath);
1064
1065 circ->cpath->state = CPATH_STATE_AWAITING_KEYS;
1067 log_info(LD_CIRC,"First hop: finished sending %s cell to '%s'",
1068 fast ? "CREATE_FAST" : "CREATE",
1069 node ? node_describe(node) : "<unnamed>");
1070 return 0;
1071}
1072
1073/**
1074 * Called from circuit_send_next_onion_skin() when we find that we have no
1075 * more hops: mark the circuit as finished, and perform the necessary
1076 * bookkeeping. Return 0 on success; -reason on failure (if the circuit
1077 * should be torn down).
1078 */
1079static int
1081{
1082 guard_usable_t r;
1083 if (! circ->guard_state) {
1084 if (circuit_get_cpath_len(circ) != 1 &&
1085 ! circuit_may_omit_guard(circ) &&
1086 get_options()->UseEntryGuards) {
1087 log_warn(LD_BUG, "%d-hop circuit %p with purpose %d has no "
1088 "guard state",
1089 circuit_get_cpath_len(circ), circ, circ->base_.purpose);
1090 }
1091 r = GUARD_USABLE_NOW;
1092 } else {
1094 }
1095 const int is_usable_for_streams = (r == GUARD_USABLE_NOW);
1096 if (r == GUARD_USABLE_NOW) {
1098 } else if (r == GUARD_MAYBE_USABLE_LATER) {
1099 // Wait till either a better guard succeeds, or till
1100 // all better guards fail.
1102 } else {
1103 tor_assert_nonfatal(r == GUARD_USABLE_NEVER);
1104 return - END_CIRC_REASON_INTERNAL;
1105 }
1106
1107 /* XXXX #21422 -- the rest of this branch needs careful thought!
1108 * Some of the things here need to happen when a circuit becomes
1109 * mechanically open; some need to happen when it is actually usable.
1110 * I think I got them right, but more checking would be wise. -NM
1111 */
1112
1113 log_info(LD_CIRC,"circuit built!");
1115
1116 if (circ->build_state->onehop_tunnel || circ->has_opened) {
1117 control_event_bootstrap(BOOTSTRAP_STATUS_REQUESTING_STATUS, 0);
1118 }
1119
1121 if (is_usable_for_streams)
1122 circuit_has_opened(circ); /* do other actions as necessary */
1123
1125 const or_options_t *options = get_options();
1127 /* FFFF Log a count of known routers here */
1128 log_info(LD_GENERAL,
1129 "Tor has successfully opened a circuit. "
1130 "Looks like client functionality is working.");
1131 control_event_bootstrap(BOOTSTRAP_STATUS_DONE, 0);
1132 control_event_client_status(LOG_NOTICE, "CIRCUIT_ESTABLISHED");
1134 if (server_mode(options) &&
1135 !router_all_orports_seem_reachable(options)) {
1137 }
1138 }
1139
1140 /* We're done with measurement circuits here. Just close them */
1141 if (circ->base_.purpose == CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT) {
1142 circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
1143 }
1144 return 0;
1145}
1146
1147/**
1148 * Called from circuit_send_next_onion_skin() when we find that we have a hop
1149 * other than the first that we need to extend to: use <b>hop</b>'s
1150 * information to extend the circuit another step. Return 0 on success;
1151 * -reason on failure (if the circuit should be torn down).
1152 */
1153static int
1155 crypt_path_t *hop)
1156{
1157 int len;
1158 extend_cell_t ec;
1159 /* Relays and bridges can send IPv6 extends. But for clients, it's an
1160 * obvious version distinguisher. */
1161 const bool include_ipv6 = server_mode(get_options());
1162 memset(&ec, 0, sizeof(ec));
1165
1166 log_debug(LD_CIRC,"starting to send subsequent skin.");
1167
1171 hop->extend_info);
1172
1173 const tor_addr_port_t *orport4 =
1174 extend_info_get_orport(hop->extend_info, AF_INET);
1175 const tor_addr_port_t *orport6 =
1176 extend_info_get_orport(hop->extend_info, AF_INET6);
1177 int n_addrs_set = 0;
1178 if (orport4) {
1179 tor_addr_copy(&ec.orport_ipv4.addr, &orport4->addr);
1180 ec.orport_ipv4.port = orport4->port;
1181 ++n_addrs_set;
1182 }
1183 if (orport6 && include_ipv6) {
1184 tor_addr_copy(&ec.orport_ipv6.addr, &orport6->addr);
1185 ec.orport_ipv6.port = orport6->port;
1186 ++n_addrs_set;
1187 }
1188
1189 if (n_addrs_set == 0) {
1190 log_warn(LD_BUG, "No supported address family found in extend_info.");
1191 return - END_CIRC_REASON_INTERNAL;
1192 }
1193 memcpy(ec.node_id, hop->extend_info->identity_digest, DIGEST_LEN);
1194 /* Set the ED25519 identity too -- it will only get included
1195 * in the extend2 cell if we're configured to use it, though. */
1197
1199 hop->extend_info,
1200 &hop->handshake_state,
1202 sizeof(ec.create_cell.onionskin));
1203 if (len < 0) {
1204 log_warn(LD_CIRC,"onion_skin_create failed.");
1205 return - END_CIRC_REASON_INTERNAL;
1206 }
1207 ec.create_cell.handshake_len = len;
1208
1209 log_info(LD_CIRC,"Sending extend relay cell.");
1210 {
1211 uint8_t command = 0;
1212 uint16_t payload_len=0;
1213 uint8_t payload[RELAY_PAYLOAD_SIZE];
1214 if (extend_cell_format(&command, &payload_len, payload, &ec)<0) {
1215 log_warn(LD_CIRC,"Couldn't format extend cell");
1216 return -END_CIRC_REASON_INTERNAL;
1217 }
1218
1219 /* send it to hop->prev, because that relay will transfer
1220 * it to a create cell and then send to hop */
1221 if (relay_send_command_from_edge(0, TO_CIRCUIT(circ),
1222 command,
1223 (char*)payload, payload_len,
1224 hop->prev) < 0)
1225 return 0; /* circuit is closed */
1226 }
1227 hop->state = CPATH_STATE_AWAITING_KEYS;
1228 tor_trace(TR_SUBSYS(circuit), TR_EV(intermediate_onion_skin), circ, hop);
1229 return 0;
1230}
1231
1232/** Our clock just jumped by <b>seconds_elapsed</b>. If <b>was_idle</b> is
1233 * true, then the monotonic time matches; otherwise it doesn't. Assume
1234 * something has also gone wrong with our network: notify the user, and
1235 * abandon all not-yet-used circuits. */
1236void
1237circuit_note_clock_jumped(int64_t seconds_elapsed, bool was_idle)
1238{
1239 int severity = server_mode(get_options()) ? LOG_WARN : LOG_NOTICE;
1240 if (was_idle) {
1241 tor_log(severity, LD_GENERAL, "Tor has been idle for %"PRId64
1242 " seconds; assuming established circuits no longer work.",
1243 (seconds_elapsed));
1244 } else {
1245 tor_log(severity, LD_GENERAL,
1246 "Your system clock just jumped %"PRId64" seconds %s; "
1247 "assuming established circuits no longer work.",
1248 (
1249 seconds_elapsed >=0 ? seconds_elapsed : -seconds_elapsed),
1250 seconds_elapsed >=0 ? "forward" : "backward");
1251 }
1252 control_event_general_status(LOG_WARN, "CLOCK_JUMPED TIME=%"PRId64
1253 " IDLE=%d",
1254 (seconds_elapsed), was_idle?1:0);
1255 /* so we log when it works again */
1257 control_event_client_status(severity, "CIRCUIT_NOT_ESTABLISHED REASON=%s",
1258 "CLOCK_JUMPED");
1261 if (seconds_elapsed < 0) {
1262 /* Restart all the timers in case we jumped a long way into the past. */
1264 }
1265}
1266
1267/** A "created" cell <b>reply</b> came back to us on circuit <b>circ</b>.
1268 * (The body of <b>reply</b> varies depending on what sort of handshake
1269 * this is.)
1270 *
1271 * Calculate the appropriate keys and digests, make sure KH is
1272 * correct, and initialize this hop of the cpath.
1273 *
1274 * Return - reason if we want to mark circ for close, else return 0.
1275 */
1276int
1278 const created_cell_t *reply)
1279{
1280 char keys[CPATH_KEY_MATERIAL_LEN];
1281 crypt_path_t *hop;
1282 int rv;
1283
1284 if ((rv = pathbias_count_build_attempt(circ)) < 0) {
1285 log_warn(LD_CIRC, "pathbias_count_build_attempt failed: %d", rv);
1286 return rv;
1287 }
1288
1289 if (circ->cpath->state == CPATH_STATE_AWAITING_KEYS) {
1290 hop = circ->cpath;
1291 } else {
1293 if (!hop) { /* got an extended when we're all done? */
1294 log_warn(LD_PROTOCOL,"got extended when circ already built? Closing.");
1295 return - END_CIRC_REASON_TORPROTOCOL;
1296 }
1297 }
1298 tor_assert(hop->state == CPATH_STATE_AWAITING_KEYS);
1299
1300 circuit_params_t params;
1301 {
1302 const char *msg = NULL;
1304 &hop->handshake_state,
1305 reply->reply, reply->handshake_len,
1306 (uint8_t*)keys, sizeof(keys),
1307 (uint8_t*)hop->rend_circ_nonce,
1308 &params,
1309 &msg) < 0) {
1310 if (msg)
1311 log_warn(LD_CIRC,"onion_skin_client_handshake failed: %s", msg);
1312 return -END_CIRC_REASON_TORPROTOCOL;
1313 }
1314 }
1315
1317
1318 if (cpath_init_circuit_crypto(hop, keys, sizeof(keys), 0, 0)<0) {
1319 return -END_CIRC_REASON_TORPROTOCOL;
1320 }
1321
1322 if (params.cc_enabled) {
1323 int circ_len = circuit_get_cpath_len(circ);
1324
1325 if (circ_len == DEFAULT_ROUTE_LEN &&
1327 hop->ccontrol = congestion_control_new(&params, CC_PATH_EXIT);
1328 } else if (circ_len == SBWS_ROUTE_LEN &&
1329 circuit_get_cpath_hop(circ, SBWS_ROUTE_LEN) == hop) {
1330 hop->ccontrol = congestion_control_new(&params, CC_PATH_SBWS);
1331 } else {
1332 if (circ_len > DEFAULT_ROUTE_LEN) {
1333 /* This can happen for unknown reasons; cannibalization codepaths
1334 * don't seem able to do it, so there is some magic way that hops can
1335 * still get added. Perhaps some cases of circuit pre-build that change
1336 * purpose? */
1337 log_info(LD_CIRC,
1338 "Unexpected path length %d for exit circuit %d, purpose %d",
1339 circ_len, circ->global_identifier,
1340 TO_CIRCUIT(circ)->purpose);
1341 hop->ccontrol = congestion_control_new(&params, CC_PATH_EXIT);
1342 } else {
1343 /* This is likely directory requests, which should block on orconn
1344 * before congestion control, but lets give them the lower sbws
1345 * param set anyway just in case. */
1346 log_info(LD_CIRC,
1347 "Unexpected path length %d for exit circuit %d, purpose %d",
1348 circ_len, circ->global_identifier,
1349 TO_CIRCUIT(circ)->purpose);
1350
1351 hop->ccontrol = congestion_control_new(&params, CC_PATH_SBWS);
1352 }
1353 }
1354 }
1355
1356 hop->state = CPATH_STATE_OPEN;
1357 log_info(LD_CIRC,"Finished building circuit hop:");
1359 circuit_event_status(circ, CIRC_EVENT_EXTENDED, 0);
1360
1361 return 0;
1362}
1363
1364/** We received a relay truncated cell on circ.
1365 *
1366 * Since we don't send truncates currently, getting a truncated
1367 * means that a connection broke or an extend failed. For now,
1368 * just give up: force circ to close, and return 0.
1369 */
1370int
1372{
1373// crypt_path_t *victim;
1374// connection_t *stream;
1375
1376 tor_assert(circ);
1377
1378 /* XXX Since we don't send truncates currently, getting a truncated
1379 * means that a connection broke or an extend failed. For now,
1380 * just give up.
1381 */
1382 circuit_mark_for_close(TO_CIRCUIT(circ),
1384 return 0;
1385
1386#if 0
1387 while (layer->next != circ->cpath) {
1388 /* we need to clear out layer->next */
1389 victim = layer->next;
1390 log_debug(LD_CIRC, "Killing a layer of the cpath.");
1391
1392 for (stream = circ->p_streams; stream; stream=stream->next_stream) {
1393 if (stream->cpath_layer == victim) {
1394 log_info(LD_APP, "Marking stream %d for close because of truncate.",
1395 stream->stream_id);
1396 /* no need to send 'end' relay cells,
1397 * because the other side's already dead
1398 */
1399 connection_mark_unattached_ap(stream, END_STREAM_REASON_DESTROY);
1400 }
1401 }
1402
1403 layer->next = victim->next;
1404 cpath_free(victim);
1405 }
1406
1407 log_info(LD_CIRC, "finished");
1408 return 0;
1409#endif /* 0 */
1410}
1411
1412/** Helper for new_route_len(). Choose a circuit length for purpose
1413 * <b>purpose</b>: DEFAULT_ROUTE_LEN (+ 1 if someone else chose the
1414 * exit). If someone else chose the exit, they could be colluding
1415 * with the exit, so add a randomly selected node to preserve
1416 * anonymity.
1417 *
1418 * Here, "exit node" sometimes means an OR acting as an internal
1419 * endpoint, rather than as a relay to an external endpoint. This
1420 * means there need to be at least DEFAULT_ROUTE_LEN routers between
1421 * us and the internal endpoint to preserve the same anonymity
1422 * properties that we would get when connecting to an external
1423 * endpoint. These internal endpoints can include:
1424 *
1425 * - Connections to a directory of hidden services
1426 * (CIRCUIT_PURPOSE_C_GENERAL)
1427 *
1428 * - A client connecting to an introduction point, which the hidden
1429 * service picked (CIRCUIT_PURPOSE_C_INTRODUCING, via
1430 * circuit_get_open_circ_or_launch() which rewrites it from
1431 * CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT)
1432 *
1433 * - A hidden service connecting to a rendezvous point, which the
1434 * client picked (CIRCUIT_PURPOSE_S_CONNECT_REND.
1435 *
1436 * There are currently two situations where we picked the exit node
1437 * ourselves, making DEFAULT_ROUTE_LEN a safe circuit length:
1438 *
1439 * - We are a hidden service connecting to an introduction point
1440 * (CIRCUIT_PURPOSE_S_ESTABLISH_INTRO).
1441 *
1442 * - We are a router testing its own reachabiity
1443 * (CIRCUIT_PURPOSE_TESTING, via router_do_reachability_checks())
1444 *
1445 * onion_pick_cpath_exit() bypasses us (by not calling
1446 * new_route_len()) in the one-hop tunnel case, so we don't need to
1447 * handle that.
1448 */
1449int
1450route_len_for_purpose(uint8_t purpose, extend_info_t *exit_ei)
1451{
1452 int routelen = DEFAULT_ROUTE_LEN;
1453 int known_purpose = 0;
1454
1455 /* If we're using L3 vanguards, we need longer paths for onion services */
1456 if (circuit_purpose_is_hidden_service(purpose) &&
1457 get_options()->HSLayer3Nodes) {
1458 /* Clients want an extra hop for rends to avoid linkability.
1459 * Services want it for intro points to avoid publishing their
1460 * layer3 guards. They want it for hsdir posts to use
1461 * their full layer3 guard set for those connections.
1462 * Ex: C - G - L2 - L3 - R
1463 * S - G - L2 - L3 - HSDIR
1464 * S - G - L2 - L3 - I
1465 */
1466 if (purpose == CIRCUIT_PURPOSE_C_ESTABLISH_REND ||
1467 purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
1468 purpose == CIRCUIT_PURPOSE_HS_VANGUARDS ||
1470 return routelen+1;
1471
1472 /* For connections to hsdirs, clients want two extra hops
1473 * when using layer3 guards, to avoid linkability.
1474 * Same goes for intro points. Note that the route len
1475 * includes the intro point or hsdir, hence the +2.
1476 * Ex: C - G - L2 - L3 - M - I
1477 * C - G - L2 - L3 - M - HSDIR
1478 * S - G - L2 - L3 - M - R
1479 */
1480 if (purpose == CIRCUIT_PURPOSE_S_CONNECT_REND ||
1481 purpose == CIRCUIT_PURPOSE_C_HSDIR_GET ||
1483 return routelen+2;
1484 }
1485
1486 if (!exit_ei)
1487 return routelen;
1488
1489 switch (purpose) {
1490 /* These purposes connect to a router that we chose, so DEFAULT_ROUTE_LEN
1491 * is safe: */
1494 /* router reachability testing */
1495 known_purpose = 1;
1496 break;
1497
1498 /* These purposes connect to a router that someone else
1499 * might have chosen, so add an extra hop to protect anonymity. */
1503 /* connecting to hidden service directory */
1505 /* client connecting to introduction point */
1507 /* hidden service connecting to rendezvous point */
1509 /* hidden service connecting to intro point. In this case we want an extra
1510 hop to avoid linkability attacks by the introduction point. */
1511 known_purpose = 1;
1512 routelen++;
1513 break;
1514
1515 default:
1516 /* Got a purpose not listed above along with a chosen exit.
1517 * Increase the circuit length by one anyway for safety. */
1518 routelen++;
1519 break;
1520 }
1521
1522 if (BUG(exit_ei && !known_purpose)) {
1523 log_warn(LD_BUG, "Unhandled purpose %d with a chosen exit; "
1524 "assuming routelen %d.", purpose, routelen);
1525 }
1526 return routelen;
1527}
1528
1529/** Choose a length for a circuit of purpose <b>purpose</b> and check
1530 * if enough routers are available.
1531 *
1532 * If the routerlist <b>nodes</b> doesn't have enough routers
1533 * to handle the desired path length, return -1.
1534 */
1535STATIC int
1536new_route_len(uint8_t purpose, extend_info_t *exit_ei,
1537 const smartlist_t *nodes)
1538{
1539 int routelen;
1540
1541 tor_assert(nodes);
1542
1543 routelen = route_len_for_purpose(purpose, exit_ei);
1544
1545 int num_acceptable_direct = count_acceptable_nodes(nodes, 1);
1546 int num_acceptable_indirect = count_acceptable_nodes(nodes, 0);
1547
1548 log_debug(LD_CIRC,"Chosen route length %d (%d direct and %d indirect "
1549 "routers suitable).", routelen, num_acceptable_direct,
1550 num_acceptable_indirect);
1551
1552 if (num_acceptable_direct < 1 || num_acceptable_indirect < routelen - 1) {
1553 log_info(LD_CIRC,
1554 "Not enough acceptable routers (%d/%d direct and %d/%d "
1555 "indirect routers suitable). Discarding this circuit.",
1556 num_acceptable_direct, routelen,
1557 num_acceptable_indirect, routelen);
1558 return -1;
1559 }
1560
1561 return routelen;
1562}
1563
1564/** Return a newly allocated list of uint16_t * for each predicted port not
1565 * handled by a current circuit. */
1566static smartlist_t *
1568{
1571 return dest;
1572}
1573
1574/** Return 1 if we already have circuits present or on the way for
1575 * all anticipated ports. Return 0 if we should make more.
1576 *
1577 * If we're returning 0, set need_uptime and need_capacity to
1578 * indicate any requirements that the unhandled ports have.
1579 */
1580MOCK_IMPL(int,
1581circuit_all_predicted_ports_handled, (time_t now, int *need_uptime,
1582 int *need_capacity))
1583{
1584 int i, enough;
1585 uint16_t *port;
1587 smartlist_t *LongLivedServices = get_options()->LongLivedPorts;
1588 tor_assert(need_uptime);
1589 tor_assert(need_capacity);
1590 // Always predict need_capacity
1591 *need_capacity = 1;
1592 enough = (smartlist_len(sl) == 0);
1593 for (i = 0; i < smartlist_len(sl); ++i) {
1594 port = smartlist_get(sl, i);
1595 if (smartlist_contains_int_as_string(LongLivedServices, *port))
1596 *need_uptime = 1;
1597 tor_free(port);
1598 }
1599 smartlist_free(sl);
1600 return enough;
1601}
1602
1603/** Return 1 if <b>node</b> can handle one or more of the ports in
1604 * <b>needed_ports</b>, else return 0.
1605 */
1606static int
1607node_handles_some_port(const node_t *node, smartlist_t *needed_ports)
1608{ /* XXXX MOVE */
1609 int i;
1610 uint16_t port;
1611
1612 for (i = 0; i < smartlist_len(needed_ports); ++i) {
1614 /* alignment issues aren't a worry for this dereference, since
1615 needed_ports is explicitly a smartlist of uint16_t's */
1616 port = *(uint16_t *)smartlist_get(needed_ports, i);
1617 tor_assert(port);
1618 if (node)
1619 r = compare_tor_addr_to_node_policy(NULL, port, node);
1620 else
1621 continue;
1623 return 1;
1624 }
1625 return 0;
1626}
1627
1628/** Return true iff <b>conn</b> needs another general circuit to be
1629 * built. */
1630static int
1632{
1633 entry_connection_t *entry;
1634 if (conn->type != CONN_TYPE_AP)
1635 return 0;
1636 entry = TO_ENTRY_CONN(conn);
1637
1638 if (conn->state == AP_CONN_STATE_CIRCUIT_WAIT &&
1639 !conn->marked_for_close &&
1640 !(entry->want_onehop) && /* ignore one-hop streams */
1641 !(entry->use_begindir) && /* ignore targeted dir fetches */
1642 !(entry->chosen_exit_name) && /* ignore defined streams */
1646 return 1;
1647 return 0;
1648}
1649
1650/** Return a pointer to a suitable router to be the exit node for the
1651 * general-purpose circuit we're about to build.
1652 *
1653 * Look through the connection array, and choose a router that maximizes
1654 * the number of pending streams that can exit from this router.
1655 *
1656 * Return NULL if we can't find any suitable routers.
1657 */
1658static const node_t *
1660{
1661 int *n_supported;
1662 int n_pending_connections = 0;
1663 smartlist_t *connections;
1664 int best_support = -1;
1665 int n_best_support=0;
1666 const or_options_t *options = get_options();
1667 const smartlist_t *the_nodes;
1668 const node_t *selected_node=NULL;
1669 const int need_uptime = (flags & CRN_NEED_UPTIME) != 0;
1670 const int need_capacity = (flags & CRN_NEED_CAPACITY) != 0;
1671
1672 /* We should not require guard flags on exits. */
1673 IF_BUG_ONCE(flags & CRN_NEED_GUARD)
1674 return NULL;
1675
1676 /* We reject single-hop exits for all node positions. */
1677 IF_BUG_ONCE(flags & CRN_DIRECT_CONN)
1678 return NULL;
1679
1680 /* This isn't the function for picking rendezvous nodes. */
1681 IF_BUG_ONCE(flags & CRN_RENDEZVOUS_V3)
1682 return NULL;
1683
1684 /* We only want exits to extend if we cannibalize the circuit.
1685 * But we don't require IPv6 extends yet. */
1686 IF_BUG_ONCE(flags & CRN_INITIATE_IPV6_EXTEND)
1687 return NULL;
1688
1689 connections = get_connection_array();
1690
1691 /* Count how many connections are waiting for a circuit to be built.
1692 * We use this for log messages now, but in the future we may depend on it.
1693 */
1694 SMARTLIST_FOREACH(connections, connection_t *, conn,
1695 {
1697 ++n_pending_connections;
1698 });
1699// log_fn(LOG_DEBUG, "Choosing exit node; %d connections are pending",
1700// n_pending_connections);
1701 /* Now we count, for each of the routers in the directory, how many
1702 * of the pending connections could possibly exit from that
1703 * router (n_supported[i]). (We can't be sure about cases where we
1704 * don't know the IP address of the pending connection.)
1705 *
1706 * -1 means "Don't use this router at all."
1707 */
1708 the_nodes = nodelist_get_list();
1709 n_supported = tor_calloc(smartlist_len(the_nodes), sizeof(int));
1710 SMARTLIST_FOREACH_BEGIN(the_nodes, const node_t *, node) {
1711 const int i = node_sl_idx;
1712 if (router_digest_is_me(node->identity)) {
1713 n_supported[i] = -1;
1714// log_fn(LOG_DEBUG,"Skipping node %s -- it's me.", router->nickname);
1715 /* XXX there's probably a reverse predecessor attack here, but
1716 * it's slow. should we take this out? -RD
1717 */
1718 continue;
1719 }
1720 if (!router_can_choose_node(node, flags)) {
1721 n_supported[i] = -1;
1722 continue;
1723 }
1724 if (node->is_bad_exit) {
1725 n_supported[i] = -1;
1726 continue; /* skip routers that are known to be down or bad exits */
1727 }
1728 if (routerset_contains_node(options->ExcludeExitNodesUnion_, node)) {
1729 n_supported[i] = -1;
1730 continue; /* user asked us not to use it, no matter what */
1731 }
1732 if (options->ExitNodes &&
1733 !routerset_contains_node(options->ExitNodes, node)) {
1734 n_supported[i] = -1;
1735 continue; /* not one of our chosen exit nodes */
1736 }
1737 if (node_exit_policy_rejects_all(node)) {
1738 n_supported[i] = -1;
1739// log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- it rejects all.",
1740// router->nickname, i);
1741 continue; /* skip routers that reject all */
1742 }
1743 n_supported[i] = 0;
1744 /* iterate over connections */
1745 SMARTLIST_FOREACH_BEGIN(connections, connection_t *, conn) {
1747 continue; /* Skip everything but APs in CIRCUIT_WAIT */
1748 if (connection_ap_can_use_exit(TO_ENTRY_CONN(conn), node)) {
1749 ++n_supported[i];
1750// log_fn(LOG_DEBUG,"%s is supported. n_supported[%d] now %d.",
1751// router->nickname, i, n_supported[i]);
1752 } else {
1753// log_fn(LOG_DEBUG,"%s (index %d) would reject this stream.",
1754// router->nickname, i);
1755 }
1756 } SMARTLIST_FOREACH_END(conn);
1757 if (n_pending_connections > 0 && n_supported[i] == 0) {
1758 /* Leave best_support at -1 if that's where it is, so we can
1759 * distinguish it later. */
1760 continue;
1761 }
1762 if (n_supported[i] > best_support) {
1763 /* If this router is better than previous ones, remember its index
1764 * and goodness, and start counting how many routers are this good. */
1765 best_support = n_supported[i]; n_best_support=1;
1766// log_fn(LOG_DEBUG,"%s is new best supported option so far.",
1767// router->nickname);
1768 } else if (n_supported[i] == best_support) {
1769 /* If this router is _as good_ as the best one, just increment the
1770 * count of equally good routers.*/
1771 ++n_best_support;
1772 }
1773 } SMARTLIST_FOREACH_END(node);
1774 log_info(LD_CIRC,
1775 "Found %d servers that might support %d/%d pending connections.",
1776 n_best_support, best_support >= 0 ? best_support : 0,
1777 n_pending_connections);
1778
1779 /* If any routers definitely support any pending connections, choose one
1780 * at random. */
1781 if (best_support > 0) {
1782 smartlist_t *supporting = smartlist_new();
1783
1784 SMARTLIST_FOREACH(the_nodes, const node_t *, node, {
1785 if (n_supported[node_sl_idx] == best_support)
1786 smartlist_add(supporting, (void*)node);
1787 });
1788
1789 selected_node = node_sl_choose_by_bandwidth(supporting, WEIGHT_FOR_EXIT);
1790 smartlist_free(supporting);
1791 } else {
1792 /* Either there are no pending connections, or no routers even seem to
1793 * possibly support any of them. Choose a router at random that satisfies
1794 * at least one predicted exit port. */
1795
1796 int attempt;
1797 smartlist_t *needed_ports, *supporting;
1798
1799 if (best_support == -1) {
1800 if (need_uptime || need_capacity) {
1801 log_info(LD_CIRC,
1802 "We couldn't find any live%s%s routers; falling back "
1803 "to list of all routers.",
1804 need_capacity?", fast":"",
1805 need_uptime?", stable":"");
1806 tor_free(n_supported);
1807 flags &= ~(CRN_NEED_UPTIME|CRN_NEED_CAPACITY);
1808 return choose_good_exit_server_general(flags);
1809 }
1810 log_notice(LD_CIRC, "All routers are down or won't exit%s -- "
1811 "choosing a doomed exit at random.",
1812 options->ExcludeExitNodesUnion_ ? " or are Excluded" : "");
1813 }
1814 supporting = smartlist_new();
1815 needed_ports = circuit_get_unhandled_ports(time(NULL));
1816 for (attempt = 0; attempt < 2; attempt++) {
1817 /* try once to pick only from routers that satisfy a needed port,
1818 * then if there are none, pick from any that support exiting. */
1819 SMARTLIST_FOREACH_BEGIN(the_nodes, const node_t *, node) {
1820 if (n_supported[node_sl_idx] != -1 &&
1821 (attempt || node_handles_some_port(node, needed_ports))) {
1822// log_fn(LOG_DEBUG,"Try %d: '%s' is a possibility.",
1823// try, router->nickname);
1824 smartlist_add(supporting, (void*)node);
1825 }
1826 } SMARTLIST_FOREACH_END(node);
1827
1828 selected_node = node_sl_choose_by_bandwidth(supporting, WEIGHT_FOR_EXIT);
1829 if (selected_node)
1830 break;
1831 smartlist_clear(supporting);
1832 /* If we reach this point, we can't actually support any unhandled
1833 * predicted ports, so clear all the remaining ones. */
1834 if (smartlist_len(needed_ports))
1835 rep_hist_remove_predicted_ports(needed_ports);
1836 }
1837 SMARTLIST_FOREACH(needed_ports, uint16_t *, cp, tor_free(cp));
1838 smartlist_free(needed_ports);
1839 smartlist_free(supporting);
1840 }
1841
1842 tor_free(n_supported);
1843 if (selected_node) {
1844 log_info(LD_CIRC, "Chose exit server '%s'", node_describe(selected_node));
1845 return selected_node;
1846 }
1847 if (options->ExitNodes) {
1848 log_warn(LD_CIRC,
1849 "No exits in ExitNodes%s seem to be running: "
1850 "can't choose an exit.",
1851 options->ExcludeExitNodesUnion_ ?
1852 ", except possibly those excluded by your configuration, " : "");
1853 }
1854 return NULL;
1855}
1856
1857/* Pick a Rendezvous Point for our HS circuits according to <b>flags</b>. */
1858static const node_t *
1859pick_rendezvous_node(router_crn_flags_t flags)
1860{
1861 const or_options_t *options = get_options();
1862 return router_choose_random_node(NULL, options->ExcludeNodes, flags);
1863}
1864
1865/*
1866 * Helper function to pick a configured restricted middle node
1867 * (either HSLayer2Nodes or HSLayer3Nodes).
1868 *
1869 * Make sure that the node we chose is alive, and not excluded,
1870 * and return it.
1871 *
1872 * The exclude_set is a routerset of nodes that the selected node
1873 * must not match, and the exclude_list is a simple list of nodes
1874 * that the selected node must not be in. Either or both may be
1875 * NULL.
1876 *
1877 * Return NULL if no usable nodes could be found. */
1878static const node_t *
1880 const routerset_t *pick_from,
1881 const routerset_t *exclude_set,
1882 const smartlist_t *exclude_list,
1883 int position_hint)
1884{
1885 const node_t *middle_node = NULL;
1886
1887 smartlist_t *allowlisted_live_middles = smartlist_new();
1888 smartlist_t *all_live_nodes = smartlist_new();
1889
1890 tor_assert(pick_from);
1891
1892 /* Add all running nodes to all_live_nodes */
1893 router_add_running_nodes_to_smartlist(all_live_nodes, flags);
1894
1895 /* Filter all_live_nodes to only add live *and* allowlisted middles
1896 * to the list allowlisted_live_middles. */
1897 SMARTLIST_FOREACH_BEGIN(all_live_nodes, node_t *, live_node) {
1898 if (routerset_contains_node(pick_from, live_node)) {
1899 smartlist_add(allowlisted_live_middles, live_node);
1900 }
1901 } SMARTLIST_FOREACH_END(live_node);
1902
1903 /* Honor ExcludeNodes */
1904 if (exclude_set) {
1905 routerset_subtract_nodes(allowlisted_live_middles, exclude_set);
1906 }
1907
1908 if (exclude_list) {
1909 smartlist_subtract(allowlisted_live_middles, exclude_list);
1910 }
1911
1912 /**
1913 * Max number of restricted nodes before we alert the user and try
1914 * to load balance for them.
1915 *
1916 * The most aggressive vanguard design had 16 nodes at layer3.
1917 * Let's give a small ceiling above that. */
1918#define MAX_SANE_RESTRICTED_NODES 20
1919 /* If the user (or associated tor controller) selected only a few nodes,
1920 * assume they took load balancing into account and don't do it for them.
1921 *
1922 * If there are a lot of nodes in here, assume they did not load balance
1923 * and do it for them, but also warn them that they may be Doing It Wrong.
1924 */
1925 if (smartlist_len(allowlisted_live_middles) <=
1926 MAX_SANE_RESTRICTED_NODES) {
1927 middle_node = smartlist_choose(allowlisted_live_middles);
1928 } else {
1929 static ratelim_t pinned_notice_limit = RATELIM_INIT(24*3600);
1930 log_fn_ratelim(&pinned_notice_limit, LOG_NOTICE, LD_CIRC,
1931 "Your _HSLayer%dNodes setting has resulted "
1932 "in %d total nodes. This is a lot of nodes. "
1933 "You may want to consider using a Tor controller "
1934 "to select and update a smaller set of nodes instead.",
1935 position_hint, smartlist_len(allowlisted_live_middles));
1936
1937 /* NO_WEIGHTING here just means don't take node flags into account
1938 * (ie: use consensus measurement only). This is done so that
1939 * we don't further surprise the user by not using Exits that they
1940 * specified at all */
1941 middle_node = node_sl_choose_by_bandwidth(allowlisted_live_middles,
1942 NO_WEIGHTING);
1943 }
1944
1945 smartlist_free(allowlisted_live_middles);
1946 smartlist_free(all_live_nodes);
1947
1948 return middle_node;
1949}
1950
1951/** Return a pointer to a suitable router to be the exit node for the
1952 * circuit of purpose <b>purpose</b> that we're about to build (or NULL
1953 * if no router is suitable).
1954 *
1955 * For general-purpose circuits, pass it off to
1956 * choose_good_exit_server_general()
1957 *
1958 * For client-side rendezvous circuits, choose a random node, weighted
1959 * toward the preferences in 'options'.
1960 */
1961static const node_t *
1963 router_crn_flags_t flags, int is_internal)
1964{
1965 const or_options_t *options = get_options();
1966 flags |= CRN_NEED_DESC;
1967
1968 switch (TO_CIRCUIT(circ)->purpose) {
1972 /* For these three, we want to pick the exit like a middle hop,
1973 * since it should be random. */
1974 tor_assert_nonfatal(is_internal);
1975 FALLTHROUGH;
1978 if (is_internal) /* pick it like a middle hop */
1979 return router_choose_random_node(NULL, options->ExcludeNodes, flags);
1980 else
1981 return choose_good_exit_server_general(flags);
1983 {
1984 /* Pick a new RP */
1985 const node_t *rendezvous_node = pick_rendezvous_node(flags);
1986 log_info(LD_REND, "Picked new RP: %s",
1987 safe_str_client(node_describe(rendezvous_node)));
1988 return rendezvous_node;
1989 }
1990 }
1991 log_warn(LD_BUG,"Unhandled purpose %d", TO_CIRCUIT(circ)->purpose);
1993 return NULL;
1994}
1995
1996/** Log a warning if the user specified an exit for the circuit that
1997 * has been excluded from use by ExcludeNodes or ExcludeExitNodes. */
1998static void
2000 const extend_info_t *exit_ei)
2001{
2002 const or_options_t *options = get_options();
2003 routerset_t *rs = options->ExcludeNodes;
2004 const char *description;
2005 uint8_t purpose = circ->base_.purpose;
2006
2007 if (circ->build_state->onehop_tunnel)
2008 return;
2009
2010 switch (purpose)
2011 {
2012 default:
2013 case CIRCUIT_PURPOSE_OR:
2017 log_warn(LD_BUG, "Called on non-origin circuit (purpose %d, %s)",
2018 (int)purpose,
2019 circuit_purpose_to_string(purpose));
2020 return;
2025 case CIRCUIT_PURPOSE_CONFLUX_LINKED:
2026 if (circ->build_state->is_internal)
2027 return;
2028 description = "requested exit node";
2029 rs = options->ExcludeExitNodesUnion_;
2030 break;
2038 return;
2043 description = "chosen rendezvous point";
2044 break;
2046 rs = options->ExcludeExitNodesUnion_;
2047 description = "controller-selected circuit target";
2048 break;
2049 }
2050
2051 if (routerset_contains_extendinfo(rs, exit_ei)) {
2052 /* We should never get here if StrictNodes is set to 1. */
2053 if (options->StrictNodes) {
2054 log_warn(LD_BUG, "Using %s '%s' which is listed in ExcludeNodes%s, "
2055 "even though StrictNodes is set. Please report. "
2056 "(Circuit purpose: %s)",
2057 description, extend_info_describe(exit_ei),
2058 rs==options->ExcludeNodes?"":" or ExcludeExitNodes",
2059 circuit_purpose_to_string(purpose));
2060 } else {
2061 log_warn(LD_CIRC, "Using %s '%s' which is listed in "
2062 "ExcludeNodes%s, because no better options were available. To "
2063 "prevent this (and possibly break your Tor functionality), "
2064 "set the StrictNodes configuration option. "
2065 "(Circuit purpose: %s)",
2066 description, extend_info_describe(exit_ei),
2067 rs==options->ExcludeNodes?"":" or ExcludeExitNodes",
2068 circuit_purpose_to_string(purpose));
2069 }
2071 }
2072
2073 return;
2074}
2075
2076/* Return a set of generic CRN_* flags based on <b>state</b>.
2077 *
2078 * Called for every position in the circuit. */
2079STATIC int
2080cpath_build_state_to_crn_flags(const cpath_build_state_t *state)
2081{
2082 router_crn_flags_t flags = 0;
2083 /* These flags apply to entry, middle, and exit nodes.
2084 * If a flag only applies to a specific position, it should be checked in
2085 * that function. */
2086 if (state->need_uptime)
2087 flags |= CRN_NEED_UPTIME;
2088 if (state->need_capacity)
2089 flags |= CRN_NEED_CAPACITY;
2090 return flags;
2091}
2092
2093/* Return the CRN_INITIATE_IPV6_EXTEND flag, based on <b>state</b> and
2094 * <b>cur_len</b>.
2095 *
2096 * Only called for middle nodes (for now). Must not be called on single-hop
2097 * circuits. */
2098STATIC int
2099cpath_build_state_to_crn_ipv6_extend_flag(const cpath_build_state_t *state,
2100 int cur_len)
2101{
2102 IF_BUG_ONCE(state->desired_path_len < 2)
2103 return 0;
2104
2105 /* The last node is the relay doing the self-test. So we want to extend over
2106 * IPv6 from the second-last node. */
2107 if (state->is_ipv6_selftest && cur_len == state->desired_path_len - 2)
2108 return CRN_INITIATE_IPV6_EXTEND;
2109 else
2110 return 0;
2111}
2112
2113/** Decide a suitable length for circ's cpath, and pick an exit
2114 * router (or use <b>exit_ei</b> if provided). Store these in the
2115 * cpath.
2116 *
2117 * If <b>is_hs_v3_rp_circuit</b> is set, then this exit should be suitable to
2118 * be used as an HS v3 rendezvous point.
2119 *
2120 * Return 0 if ok, -1 if circuit should be closed. */
2121STATIC int
2123 int is_hs_v3_rp_circuit)
2124{
2125 cpath_build_state_t *state = circ->build_state;
2126
2127 if (state->onehop_tunnel) {
2128 log_debug(LD_CIRC, "Launching a one-hop circuit for dir tunnel%s.",
2129 (hs_service_allow_non_anonymous_connection(get_options()) ?
2130 ", or intro or rendezvous connection" : ""));
2131 state->desired_path_len = 1;
2132 } else {
2133 int r = new_route_len(circ->base_.purpose, exit_ei, nodelist_get_list());
2134 if (r < 1) /* must be at least 1 */
2135 return -1;
2136 state->desired_path_len = r;
2137 }
2138
2139 if (exit_ei) { /* the circuit-builder pre-requested one */
2140 warn_if_last_router_excluded(circ, exit_ei);
2141 log_info(LD_CIRC,"Using requested exit node '%s'",
2142 extend_info_describe(exit_ei));
2143 exit_ei = extend_info_dup(exit_ei);
2144 } else { /* we have to decide one */
2145 router_crn_flags_t flags = CRN_NEED_DESC;
2146 flags |= cpath_build_state_to_crn_flags(state);
2147 /* Some internal exits are one hop, for example directory connections.
2148 * (Guards are always direct, middles are never direct.) */
2149 if (state->onehop_tunnel)
2150 flags |= CRN_DIRECT_CONN;
2151 if (is_hs_v3_rp_circuit)
2152 flags |= CRN_RENDEZVOUS_V3;
2153 if (state->need_conflux)
2154 flags |= CRN_CONFLUX;
2155 const node_t *node =
2156 choose_good_exit_server(circ, flags, state->is_internal);
2157 if (!node) {
2158 log_warn(LD_CIRC,"Failed to choose an exit server");
2159 return -1;
2160 }
2161 exit_ei = extend_info_from_node(node, state->onehop_tunnel,
2162 /* for_exit_use */
2163 !state->is_internal && (
2164 TO_CIRCUIT(circ)->purpose ==
2166 TO_CIRCUIT(circ)->purpose ==
2168 if (BUG(exit_ei == NULL))
2169 return -1;
2170 }
2171 state->chosen_exit = exit_ei;
2172 return 0;
2173}
2174
2175/** Give <b>circ</b> a new exit destination to <b>exit_ei</b>, and add a
2176 * hop to the cpath reflecting this. Don't send the next extend cell --
2177 * the caller will do this if it wants to.
2178 */
2179int
2181{
2182 cpath_build_state_t *state;
2183 tor_assert(exit_ei);
2184 tor_assert(circ);
2185
2186 state = circ->build_state;
2187 tor_assert(state);
2188 extend_info_free(state->chosen_exit);
2189 state->chosen_exit = extend_info_dup(exit_ei);
2190
2192 cpath_append_hop(&circ->cpath, exit_ei);
2193 return 0;
2194}
2195
2196/** Take an open <b>circ</b>, and add a new hop at the end, based on
2197 * <b>info</b>. Set its state back to CIRCUIT_STATE_BUILDING, and then
2198 * send the next extend cell to begin connecting to that hop.
2199 */
2200int
2202{
2203 int err_reason = 0;
2204 warn_if_last_router_excluded(circ, exit_ei);
2205
2206 tor_gettimeofday(&circ->base_.timestamp_began);
2207
2208 circuit_append_new_exit(circ, exit_ei);
2210 if ((err_reason = circuit_send_next_onion_skin(circ))<0) {
2211 log_warn(LD_CIRC, "Couldn't extend circuit to new point %s.",
2212 extend_info_describe(exit_ei));
2213 circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
2214 return -1;
2215 }
2216
2217 return 0;
2218}
2219
2220/** Return the number of routers in <b>nodes</b> that are currently up and
2221 * available for building circuits through.
2222 *
2223 * If <b>direct</b> is true, only count nodes that are suitable for direct
2224 * connections. Counts nodes regardless of whether their addresses are
2225 * preferred.
2226 */
2227MOCK_IMPL(STATIC int,
2228count_acceptable_nodes, (const smartlist_t *nodes, int direct))
2229{
2230 int num=0;
2231 int flags = CRN_NEED_DESC;
2232
2233 if (direct)
2234 flags |= CRN_DIRECT_CONN;
2235
2236 SMARTLIST_FOREACH_BEGIN(nodes, const node_t *, node) {
2237 // log_debug(LD_CIRC,
2238 // "Contemplating whether router %d (%s) is a new option.",
2239 // i, r->nickname);
2240 if (!router_can_choose_node(node, flags))
2241 continue;
2242 ++num;
2243 } SMARTLIST_FOREACH_END(node);
2244
2245// log_debug(LD_CIRC,"I like %d. num_acceptable_routers now %d.",i, num);
2246
2247 return num;
2248}
2249
2250/**
2251 * Build the exclude list for vanguard circuits.
2252 *
2253 * For vanguard circuits we exclude all the already chosen nodes (including the
2254 * exit) from being middle hops to prevent the creation of A - B - A subpaths.
2255 * We also allow the 4th hop to be the same as the guard node so as to not leak
2256 * guard information to RP/IP/HSDirs.
2257 *
2258 * For vanguard circuits, we don't apply any subnet or family restrictions.
2259 * This is to avoid impossible-to-build circuit paths, or just situations where
2260 * our earlier guards prevent us from using most of our later ones.
2261 *
2262 * The alternative is building the circuit in reverse. Reverse calls to
2263 * onion_extend_cpath() (ie: select outer hops first) would then have the
2264 * property that you don't gain information about inner hops by observing
2265 * outer ones. See https://bugs.torproject.org/tpo/core/tor/24487
2266 * for this.
2267 *
2268 * (Note further that we still exclude the exit to prevent A - B - A
2269 * at the end of the path. */
2270static smartlist_t *
2272 cpath_build_state_t *state,
2273 crypt_path_t *head,
2274 int cur_len)
2275{
2276 smartlist_t *excluded;
2277 const node_t *r;
2278 crypt_path_t *cpath;
2279 int i;
2280
2281 (void) purpose;
2282
2283 excluded = smartlist_new();
2284
2285 /* Add the exit to the exclude list (note that the exit/last hop is always
2286 * chosen first in circuit_establish_circuit()). */
2287 if ((r = build_state_get_exit_node(state))) {
2288 smartlist_add(excluded, (node_t*)r);
2289 }
2290
2291 /* If we are picking the 4th hop, allow that node to be the guard too.
2292 * This prevents us from avoiding the Guard for those hops, which
2293 * gives the adversary information about our guard if they control
2294 * the RP, IP, or HSDIR. We don't do this check based on purpose
2295 * because we also want to allow HS_VANGUARDS pre-build circuits
2296 * to use the guard for that last hop.
2297 */
2298 if (cur_len == DEFAULT_ROUTE_LEN+1) {
2299 /* Skip the first hop for the exclude list below */
2300 head = head->next;
2301 cur_len--;
2302 }
2303
2304 for (i = 0, cpath = head; cpath && i < cur_len; ++i, cpath=cpath->next) {
2305 if ((r = node_get_by_id(cpath->extend_info->identity_digest))) {
2306 smartlist_add(excluded, (node_t*)r);
2307 }
2308 }
2309
2310 return excluded;
2311}
2312
2313/**
2314 * Build a list of nodes to exclude from the choice of this middle
2315 * hop, based on already chosen nodes.
2316 */
2317static smartlist_t *
2319 uint8_t purpose,
2320 cpath_build_state_t *state,
2321 crypt_path_t *head,
2322 int cur_len)
2323{
2324 smartlist_t *excluded;
2325 const node_t *r;
2326 crypt_path_t *cpath;
2327 int i;
2328
2329 /** Vanguard circuits have their own path selection rules */
2330 if (circuit_should_use_vanguards(purpose)) {
2331 return build_vanguard_middle_exclude_list(purpose, state, head, cur_len);
2332 }
2333
2334 excluded = smartlist_new();
2335
2336 // Exclude other middles on pending and built conflux circs
2338
2339 /* For non-vanguard circuits, add the exit and its family to the exclude list
2340 * (note that the exit/last hop is always chosen first in
2341 * circuit_establish_circuit()). */
2342 if ((r = build_state_get_exit_node(state))) {
2343 nodelist_add_node_and_family(excluded, r);
2344 }
2345
2346 /* also exclude all other already chosen nodes and their family */
2347 for (i = 0, cpath = head; cpath && i < cur_len; ++i, cpath=cpath->next) {
2348 if ((r = node_get_by_id(cpath->extend_info->identity_digest))) {
2349 nodelist_add_node_and_family(excluded, r);
2350 }
2351 }
2352
2353 return excluded;
2354}
2355
2356/** Return true if we MUST use vanguards for picking this middle node. */
2357static int
2359 uint8_t purpose, int cur_len)
2360{
2361 /* If this is not a hidden service circuit, don't use vanguards */
2362 if (!circuit_purpose_is_hidden_service(purpose)) {
2363 return 0;
2364 }
2365
2366 /* Don't even bother if the feature is disabled */
2368 return 0;
2369 }
2370
2371 /* If we are a hidden service circuit, always use either vanguards-lite
2372 * or HSLayer2Nodes for 2nd hop. */
2373 if (cur_len == 1) {
2374 return 1;
2375 }
2376
2377 /* If we have sticky L3 nodes, and this is an L3 pick, use vanguards */
2378 if (options->HSLayer3Nodes && cur_len == 2) {
2379 return 1;
2380 }
2381
2382 return 0;
2383}
2384
2385/** Pick a sticky vanguard middle node or return NULL if not found.
2386 * See doc of pick_restricted_middle_node() for argument details. */
2387static const node_t *
2389 router_crn_flags_t flags, int cur_len,
2390 const smartlist_t *excluded)
2391{
2392 const routerset_t *vanguard_routerset = NULL;
2393 const node_t *node = NULL;
2394
2395 /* Pick the right routerset based on the current hop */
2396 if (cur_len == 1) {
2397 vanguard_routerset = options->HSLayer2Nodes ?
2398 options->HSLayer2Nodes : get_layer2_guards();
2399 } else if (cur_len == 2) {
2400 vanguard_routerset = options->HSLayer3Nodes;
2401 } else {
2402 /* guaranteed by middle_node_should_be_vanguard() */
2404 return NULL;
2405 }
2406
2407 if (BUG(!vanguard_routerset)) {
2408 return NULL;
2409 }
2410
2411 node = pick_restricted_middle_node(flags, vanguard_routerset,
2412 options->ExcludeNodes, excluded,
2413 cur_len+1);
2414
2415 if (!node) {
2416 static ratelim_t pinned_warning_limit = RATELIM_INIT(300);
2417 log_fn_ratelim(&pinned_warning_limit, LOG_WARN, LD_CIRC,
2418 "Could not find a node that matches the configured "
2419 "_HSLayer%dNodes set", cur_len+1);
2420 }
2421
2422 return node;
2423}
2424
2425/** A helper function used by onion_extend_cpath(). Use <b>purpose</b>
2426 * and <b>state</b> and the cpath <b>head</b> (currently populated only
2427 * to length <b>cur_len</b> to decide a suitable middle hop for a
2428 * circuit. In particular, make sure we don't pick the exit node or its
2429 * family, and make sure we don't duplicate any previous nodes or their
2430 * families. */
2431static const node_t *
2433 uint8_t purpose,
2434 cpath_build_state_t *state,
2435 crypt_path_t *head,
2436 int cur_len)
2437{
2438 const node_t *choice;
2439 smartlist_t *excluded;
2440 const or_options_t *options = get_options();
2441 router_crn_flags_t flags = CRN_NEED_DESC;
2442 tor_assert(CIRCUIT_PURPOSE_MIN_ <= purpose &&
2443 purpose <= CIRCUIT_PURPOSE_MAX_);
2444
2445 log_debug(LD_CIRC, "Contemplating intermediate hop #%d: random choice.",
2446 cur_len+1);
2447
2448 excluded = build_middle_exclude_list(circ, purpose, state, head, cur_len);
2449
2450 flags |= cpath_build_state_to_crn_flags(state);
2451 flags |= cpath_build_state_to_crn_ipv6_extend_flag(state, cur_len);
2452
2453 /** If a hidden service circuit wants a specific middle node, pin it. */
2454 if (middle_node_must_be_vanguard(options, purpose, cur_len)) {
2455 log_debug(LD_GENERAL, "Picking a sticky node (cur_len = %d)", cur_len);
2456 choice = pick_vanguard_middle_node(options, flags, cur_len, excluded);
2457 smartlist_free(excluded);
2458 return choice;
2459 }
2460
2461 if (options->MiddleNodes) {
2462 smartlist_t *sl = smartlist_new();
2464 options->ExcludeNodes, 1);
2465
2466 smartlist_subtract(sl, excluded);
2467
2468 choice = node_sl_choose_by_bandwidth(sl, WEIGHT_FOR_MID);
2469 smartlist_free(sl);
2470 if (choice) {
2471 log_fn(LOG_INFO, LD_CIRC, "Chose fixed middle node: %s",
2472 hex_str(choice->identity, DIGEST_LEN));
2473 } else {
2474 log_fn(LOG_NOTICE, LD_CIRC, "Restricted middle not available");
2475 }
2476 } else {
2477 choice = router_choose_random_node(excluded, options->ExcludeNodes, flags);
2478 }
2479 smartlist_free(excluded);
2480 return choice;
2481}
2482
2483/** Pick a good entry server for the circuit to be built according to
2484 * <b>state</b>. Don't reuse a chosen exit (if any), don't use this
2485 * router (if we're an OR), and respect firewall settings; if we're
2486 * configured to use entry guards, return one.
2487 *
2488 * Set *<b>guard_state_out</b> to information about the guard that
2489 * we're selecting, which we'll use later to remember whether the
2490 * guard worked or not.
2491 */
2492const node_t *
2494 uint8_t purpose, cpath_build_state_t *state,
2495 circuit_guard_state_t **guard_state_out)
2496{
2497 const node_t *choice;
2498 smartlist_t *excluded;
2499 const or_options_t *options = get_options();
2500 /* If possible, choose an entry server with a preferred address,
2501 * otherwise, choose one with an allowed address */
2502 router_crn_flags_t flags = (CRN_NEED_GUARD|CRN_NEED_DESC|CRN_PREF_ADDR|
2503 CRN_DIRECT_CONN);
2504 const node_t *node;
2505
2506 /* Once we used this function to select a node to be a guard. We had
2507 * 'state == NULL' be the signal for that. But we don't do that any more.
2508 */
2509 tor_assert_nonfatal(state);
2510
2511 if (state && options->UseEntryGuards &&
2512 (purpose != CIRCUIT_PURPOSE_TESTING || options->BridgeRelay)) {
2513 /* This request is for an entry server to use for a regular circuit,
2514 * and we use entry guard nodes. Just return one of the guard nodes. */
2515 tor_assert(guard_state_out);
2516 return guards_choose_guard(circ, state, purpose, guard_state_out);
2517 }
2518
2519 excluded = smartlist_new();
2520
2521 if (state && (node = build_state_get_exit_node(state))) {
2522 /* Exclude the exit node from the state, if we have one. Also exclude its
2523 * family. */
2524 nodelist_add_node_and_family(excluded, node);
2525 }
2526
2527 if (state) {
2528 flags |= cpath_build_state_to_crn_flags(state);
2529 }
2530
2531 choice = router_choose_random_node(excluded, options->ExcludeNodes, flags);
2532 smartlist_free(excluded);
2533 return choice;
2534}
2535
2536/** Choose a suitable next hop for the circuit <b>circ</b>.
2537 * Append the hop info to circ->cpath.
2538 *
2539 * Return 1 if the path is complete, 0 if we successfully added a hop,
2540 * and -1 on error.
2541 */
2542STATIC int
2544{
2545 uint8_t purpose = circ->base_.purpose;
2546 cpath_build_state_t *state = circ->build_state;
2547 int cur_len = circuit_get_cpath_len(circ);
2548 extend_info_t *info = NULL;
2549
2550 if (cur_len >= state->desired_path_len) {
2551 log_debug(LD_CIRC, "Path is complete: %d steps long",
2552 state->desired_path_len);
2553 return 1;
2554 }
2555
2556 log_debug(LD_CIRC, "Path is %d long; we want %d", cur_len,
2557 state->desired_path_len);
2558
2559 if (cur_len == state->desired_path_len - 1) { /* Picking last node */
2560 info = extend_info_dup(state->chosen_exit);
2561 } else if (cur_len == 0) { /* picking first node */
2562 const node_t *r = choose_good_entry_server(circ, purpose, state,
2563 &circ->guard_state);
2564 if (r) {
2565 /* If we're a client, use the preferred address rather than the
2566 primary address, for potentially connecting to an IPv6 OR
2567 port. Servers always want the primary (IPv4) address. */
2568 int client = (server_mode(get_options()) == 0);
2569 info = extend_info_from_node(r, client, false);
2570 /* Clients can fail to find an allowed address */
2571 tor_assert_nonfatal(info || client);
2572 }
2573 } else {
2574 const node_t *r =
2575 choose_good_middle_server(circ, purpose, state, circ->cpath, cur_len);
2576 if (r) {
2577 info = extend_info_from_node(r, 0, false);
2578 }
2579 }
2580
2581 if (!info) {
2582 /* This can happen on first startup, possibly due to insufficient relays
2583 * downloaded to pick vanguards-lite layer2 nodes, or other ephemeral
2584 * reasons. It only happens briefly, is hard to reproduce, and then goes
2585 * away for ever. :/ */
2587 log_info(LD_CIRC,
2588 "Failed to find node for hop #%d of our path. Discarding "
2589 "this circuit.", cur_len+1);
2590 } else {
2591 log_notice(LD_CIRC,
2592 "Failed to find node for hop #%d of our path. Discarding "
2593 "this circuit.", cur_len+1);
2594 }
2595 return -1;
2596 }
2597
2598 log_debug(LD_CIRC,"Chose router %s for hop #%d (exit is %s)",
2600 cur_len+1, build_state_get_exit_nickname(state));
2601
2602 cpath_append_hop(&circ->cpath, info);
2603 extend_info_free(info);
2604 return 0;
2605}
2606
2607/** Return the node_t for the chosen exit router in <b>state</b>.
2608 * If there is no chosen exit, or if we don't know the node_t for
2609 * the chosen exit, return NULL.
2610 */
2611MOCK_IMPL(const node_t *,
2613{
2614 if (!state || !state->chosen_exit)
2615 return NULL;
2617}
2618
2619/** Return the RSA ID digest for the chosen exit router in <b>state</b>.
2620 * If there is no chosen exit, return NULL.
2621 */
2622const uint8_t *
2624{
2625 if (!state || !state->chosen_exit)
2626 return NULL;
2627 return (const uint8_t *) state->chosen_exit->identity_digest;
2628}
2629
2630/** Return the nickname for the chosen exit router in <b>state</b>. If
2631 * there is no chosen exit, or if we don't know the routerinfo_t for the
2632 * chosen exit, return NULL.
2633 */
2634const char *
2636{
2637 if (!state || !state->chosen_exit)
2638 return NULL;
2639 return state->chosen_exit->nickname;
2640}
2641
2642/* Is circuit purpose allowed to use the deprecated TAP encryption protocol?
2643 * The hidden service protocol still uses TAP for some connections, because
2644 * ntor onion keys aren't included in HS descriptors or INTRODUCE cells. */
2645static int
2646circuit_purpose_can_use_tap_impl(uint8_t purpose)
2647{
2648 return (purpose == CIRCUIT_PURPOSE_S_CONNECT_REND ||
2650}
2651
2652/* Is circ allowed to use the deprecated TAP encryption protocol?
2653 * The hidden service protocol still uses TAP for some connections, because
2654 * ntor onion keys aren't included in HS descriptors or INTRODUCE cells. */
2655int
2656circuit_can_use_tap(const origin_circuit_t *circ)
2657{
2658 tor_assert(circ);
2659 tor_assert(circ->cpath);
2661 return (circuit_purpose_can_use_tap_impl(circ->base_.purpose) &&
2662 extend_info_supports_tap(circ->cpath->extend_info));
2663}
2664
2665/* Does circ have an onion key which it's allowed to use? */
2666int
2667circuit_has_usable_onion_key(const origin_circuit_t *circ)
2668{
2669 tor_assert(circ);
2670 tor_assert(circ->cpath);
2672 return (extend_info_supports_ntor(circ->cpath->extend_info) ||
2673 circuit_can_use_tap(circ));
2674}
2675
2676/** Find the circuits that are waiting to find out whether their guards are
2677 * usable, and if any are ready to become usable, mark them open and try
2678 * attaching streams as appropriate. */
2679void
2681{
2682 smartlist_t *to_upgrade =
2684
2685 if (to_upgrade == NULL)
2686 return;
2687
2688 log_info(LD_GUARD, "Upgrading %d circuits from 'waiting for better guard' "
2689 "to 'open'.", smartlist_len(to_upgrade));
2690
2691 SMARTLIST_FOREACH_BEGIN(to_upgrade, origin_circuit_t *, circ) {
2693 circuit_has_opened(circ);
2694 } SMARTLIST_FOREACH_END(circ);
2695
2696 smartlist_free(to_upgrade);
2697}
2698
2699/**
2700 * Try to generate a circuit-negotiation message for communication with a
2701 * given relay. Assumes we are using ntor v3, or some later version that
2702 * supports parameter negotiatoin.
2703 *
2704 * On success, return 0 and pass back a message in the `out` parameters.
2705 * Otherwise, return -1.
2706 **/
2707int
2709 uint8_t **msg_out,
2710 size_t *msg_len_out)
2711{
2712 tor_assert(ei && msg_out && msg_len_out);
2713
2715 return -1;
2716 }
2717
2718 return congestion_control_build_ext_request(msg_out, msg_len_out);
2719}
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:933
void tor_addr_make_unspec(tor_addr_t *a)
Definition: address.c:225
time_t approx_time(void)
Definition: approx_time.c:32
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
int extend_info_is_a_configured_bridge(const extend_info_t *ei)
Definition: bridges.c:325
Header file for circuitbuild.c.
Fixed-size cell structure.
void channel_timestamp_client(channel_t *chan)
Definition: channel.c:3198
channel_t * channel_get_for_extend(const char *rsa_id_digest, const ed25519_public_key_t *ed_id, const tor_addr_t *target_ipv4_addr, const tor_addr_t *target_ipv6_addr, bool for_origin_circ, const char **msg_out, int *launch_out)
Definition: channel.c:2416
const char * channel_state_to_string(channel_state_t state)
Definition: channel.c:316
int channel_matches_extend_info(channel_t *chan, extend_info_t *extend_info)
Definition: channel.c:3295
int channel_remote_identity_matches(const channel_t *chan, const char *rsa_id_digest, const ed25519_public_key_t *ed_id)
Definition: channel.c:668
channel_t * channel_connect(const tor_addr_t *addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id)
Definition: channel.c:2326
const char * channel_describe_peer(channel_t *chan)
Definition: channel.c:2840
void channel_dump_statistics(channel_t *chan, int severity)
Definition: channel.c:2544
Header file for channel.c.
void channel_mark_as_used_for_origin_circuit(channel_t *chan)
Definition: channeltls.c:385
@ CIRC_ID_TYPE_NEITHER
Definition: channel.h:44
@ CIRC_ID_TYPE_HIGHER
Definition: channel.h:41
int pathbias_count_build_attempt(origin_circuit_t *circ)
Definition: circpathbias.c:446
void pathbias_count_build_success(origin_circuit_t *circ)
Definition: circpathbias.c:534
static int circuit_send_first_onion_skin(origin_circuit_t *circ)
static void circuit_pick_extend_handshake(uint8_t *cell_type_out, uint8_t *create_cell_type_out, uint16_t *handshake_type_out, const extend_info_t *ei)
Definition: circuitbuild.c:917
static int circuit_build_no_more_hops(origin_circuit_t *circ)
int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *exit_ei)
STATIC int count_acceptable_nodes(const smartlist_t *nodes, int direct)
STATIC int onion_pick_cpath_exit(origin_circuit_t *circ, extend_info_t *exit_ei, int is_hs_v3_rp_circuit)
const char * build_state_get_exit_nickname(cpath_build_state_t *state)
int circuit_handle_first_hop(origin_circuit_t *circ)
Definition: circuitbuild.c:588
static int middle_node_must_be_vanguard(const or_options_t *options, uint8_t purpose, int cur_len)
void circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ)
Definition: circuitbuild.c:357
static const node_t * pick_restricted_middle_node(router_crn_flags_t flags, const routerset_t *pick_from, const routerset_t *exclude_set, const smartlist_t *exclude_list, int position_hint)
STATIC circid_t get_unique_circ_id_by_chan(channel_t *chan)
Definition: circuitbuild.c:127
static smartlist_t * build_middle_exclude_list(const origin_circuit_t *circ, uint8_t purpose, cpath_build_state_t *state, crypt_path_t *head, int cur_len)
int route_len_for_purpose(uint8_t purpose, extend_info_t *exit_ei)
STATIC int onion_extend_cpath(origin_circuit_t *circ)
int client_circ_negotiation_message(const extend_info_t *ei, uint8_t **msg_out, size_t *msg_len_out)
static void circuit_pick_create_handshake(uint8_t *cell_type_out, uint16_t *handshake_type_out, const extend_info_t *ei)
Definition: circuitbuild.c:885
char * circuit_list_path_for_controller(origin_circuit_t *circ)
Definition: circuitbuild.c:347
STATIC int new_route_len(uint8_t purpose, extend_info_t *exit_ei, const smartlist_t *nodes)
static const node_t * choose_good_middle_server(const origin_circuit_t *, uint8_t purpose, cpath_build_state_t *state, crypt_path_t *head, int cur_len)
circuit_guard_state_t * origin_circuit_get_guard_state(origin_circuit_t *circ)
Definition: circuitbuild.c:557
static int onion_populate_cpath(origin_circuit_t *circ)
Definition: circuitbuild.c:390
int circuit_deliver_create_cell(circuit_t *circ, const struct create_cell_t *create_cell, int relayed)
Definition: circuitbuild.c:785
static int circuit_may_omit_guard(const origin_circuit_t *circ)
Definition: circuitbuild.c:943
static int ap_stream_wants_exit_attention(connection_t *conn)
const uint8_t * build_state_get_exit_rsa_id(cpath_build_state_t *state)
void circuit_n_chan_done(channel_t *chan, int status, int close_origin_circuits)
Definition: circuitbuild.c:683
static smartlist_t * build_vanguard_middle_exclude_list(uint8_t purpose, cpath_build_state_t *state, crypt_path_t *head, int cur_len)
static int circuit_cpath_supports_ntor(const origin_circuit_t *circ)
Definition: circuitbuild.c:366
int circuit_timeout_want_to_count_circ(const origin_circuit_t *circ)
Definition: circuitbuild.c:870
static smartlist_t * circuit_get_unhandled_ports(time_t now)
static const node_t * pick_vanguard_middle_node(const or_options_t *options, router_crn_flags_t flags, int cur_len, const smartlist_t *excluded)
static const node_t * choose_good_exit_server(origin_circuit_t *circ, router_crn_flags_t flags, int is_internal)
static void warn_if_last_router_excluded(origin_circuit_t *circ, const extend_info_t *exit_ei)
origin_circuit_t * circuit_establish_circuit_conflux(const uint8_t *conflux_nonce, uint8_t purpose, extend_info_t *exit_ei, int flags)
Definition: circuitbuild.c:526
channel_t * channel_connect_for_circuit(const extend_info_t *ei)
Definition: circuitbuild.c:104
char * circuit_list_path(origin_circuit_t *circ, int verbose)
Definition: circuitbuild.c:338
int circuit_all_predicted_ports_handled(time_t now, int *need_uptime, int *need_capacity)
void circuit_note_clock_jumped(int64_t seconds_elapsed, bool was_idle)
int circuit_send_next_onion_skin(origin_circuit_t *circ)
Definition: circuitbuild.c:980
int circuit_finish_handshake(origin_circuit_t *circ, const created_cell_t *reply)
static const node_t * choose_good_exit_server_general(router_crn_flags_t flags)
int circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *exit_ei)
origin_circuit_t * circuit_establish_circuit(uint8_t purpose, extend_info_t *exit_ei, int flags)
Definition: circuitbuild.c:485
int circuit_truncated(origin_circuit_t *circ, int reason)
const node_t * choose_good_entry_server(const origin_circuit_t *circ, uint8_t purpose, cpath_build_state_t *state, circuit_guard_state_t **guard_state_out)
static void circuit_chan_publish(const origin_circuit_t *circ, const channel_t *chan)
Definition: circuitbuild.c:572
static bool should_use_create_fast_for_circuit(origin_circuit_t *circ)
Definition: circuitbuild.c:848
static int circuit_send_intermediate_onion_skin(origin_circuit_t *circ, crypt_path_t *hop)
const node_t * build_state_get_exit_node(cpath_build_state_t *state)
static int node_handles_some_port(const node_t *node, smartlist_t *needed_ports)
static char * circuit_list_path_impl(origin_circuit_t *circ, int verbose, int verbose_names)
Definition: circuitbuild.c:264
void circuit_upgrade_circuits_from_guard_wait(void)
origin_circuit_t * origin_circuit_init(uint8_t purpose, int flags)
Definition: circuitbuild.c:454
Header file for circuitbuild.c.
int circuit_id_in_use_on_channel(circid_t circ_id, channel_t *chan)
Definition: circuitlist.c:1568
void circuit_set_n_circid_chan(circuit_t *circ, circid_t id, channel_t *chan)
Definition: circuitlist.c:488
void circuit_mark_all_dirty_circs_as_unusable(void)
Definition: circuitlist.c:2100
void circuit_set_state(circuit_t *circ, uint8_t state)
Definition: circuitlist.c:557
smartlist_t * circuit_find_circuits_to_upgrade_from_guard_wait(void)
Definition: circuitlist.c:2001
origin_circuit_t * origin_circuit_new(void)
Definition: circuitlist.c:1045
origin_circuit_t * TO_ORIGIN_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:180
int circuit_get_cpath_len(origin_circuit_t *circ)
Definition: circuitlist.c:2029
int circuit_get_cpath_opened_len(const origin_circuit_t *circ)
Definition: circuitlist.c:2045
void circuit_get_all_pending_on_channel(smartlist_t *out, channel_t *chan)
Definition: circuitlist.c:592
int circuit_event_status(origin_circuit_t *circ, circuit_status_event_t tp, int reason_code)
Definition: circuitlist.c:513
time_t circuit_id_when_marked_unusable_on_channel(circid_t circ_id, channel_t *chan)
Definition: circuitlist.c:1581
crypt_path_t * circuit_get_cpath_hop(origin_circuit_t *circ, int hopnum)
Definition: circuitlist.c:2065
const char * circuit_purpose_to_string(uint8_t purpose)
Definition: circuitlist.c:924
void circuit_mark_all_unused_circs(void)
Definition: circuitlist.c:2081
Header file for circuitlist.c.
#define CIRCUIT_PURPOSE_S_CONNECT_REND
Definition: circuitlist.h:107
#define CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT
Definition: circuitlist.h:93
#define CIRCUIT_PURPOSE_REND_POINT_WAITING
Definition: circuitlist.h:45
#define CIRCUIT_STATE_OPEN
Definition: circuitlist.h:32
#define CIRCUIT_STATE_BUILDING
Definition: circuitlist.h:21
#define CIRCUIT_PURPOSE_C_REND_JOINED
Definition: circuitlist.h:88
#define CIRCUIT_PURPOSE_INTRO_POINT
Definition: circuitlist.h:42
#define CIRCUIT_PURPOSE_CONTROLLER
Definition: circuitlist.h:121
#define CIRCUIT_IS_ORIGIN(c)
Definition: circuitlist.h:154
#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED
Definition: circuitlist.h:86
#define CIRCUIT_STATE_GUARD_WAIT
Definition: circuitlist.h:30
#define CIRCUIT_PURPOSE_TESTING
Definition: circuitlist.h:118
#define CIRCUIT_PURPOSE_OR
Definition: circuitlist.h:39
#define CIRCUIT_STATE_CHAN_WAIT
Definition: circuitlist.h:26
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT
Definition: circuitlist.h:76
#define CIRCUIT_PURPOSE_S_REND_JOINED
Definition: circuitlist.h:110
#define CIRCUIT_PURPOSE_C_REND_READY
Definition: circuitlist.h:83
#define CIRCUIT_PURPOSE_S_HSDIR_POST
Definition: circuitlist.h:112
#define CIRCUIT_PURPOSE_C_HSDIR_GET
Definition: circuitlist.h:90
#define CIRCUIT_PURPOSE_REND_ESTABLISHED
Definition: circuitlist.h:47
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED
Definition: circuitlist.h:79
#define CIRCUIT_PURPOSE_C_INTRODUCING
Definition: circuitlist.h:73
#define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO
Definition: circuitlist.h:101
#define CIRCUIT_PURPOSE_C_ESTABLISH_REND
Definition: circuitlist.h:81
#define CIRCUIT_PURPOSE_C_GENERAL
Definition: circuitlist.h:70
#define CIRCUIT_PURPOSE_CONFLUX_UNLINKED
Definition: circuitlist.h:137
#define CIRCUIT_PURPOSE_HS_VANGUARDS
Definition: circuitlist.h:131
unsigned int circuitmux_num_active_circuits(circuitmux_t *cmux)
Definition: circuitmux.c:702
unsigned int circuitmux_num_circuits(circuitmux_t *cmux)
Definition: circuitmux.c:714
void circpad_machine_event_circ_added_hop(origin_circuit_t *on_circ)
void circpad_machine_event_circ_built(origin_circuit_t *circ)
Header file for circuitpadding.c.
void circuit_build_times_handle_completed_hop(origin_circuit_t *circ)
Definition: circuitstats.c:679
Header file for circuitstats.c.
int circuit_should_use_vanguards(uint8_t purpose)
Definition: circuituse.c:2013
void circuit_has_opened(origin_circuit_t *circ)
Definition: circuituse.c:1659
void circuit_reset_failure_count(int timeout)
Definition: circuituse.c:2218
int circuit_stream_is_being_handled(entry_connection_t *conn, uint16_t port, int min)
Definition: circuituse.c:1009
void circuit_remove_handled_ports(smartlist_t *needed_ports)
Definition: circuituse.c:984
int circuit_purpose_is_hidden_service(uint8_t purpose)
Definition: circuituse.c:1951
Header file for circuituse.c.
#define CIRCLAUNCH_NEED_CAPACITY
Definition: circuituse.h:43
#define CIRCLAUNCH_IS_IPV6_SELFTEST
Definition: circuituse.h:54
#define CIRCLAUNCH_ONEHOP_TUNNEL
Definition: circuituse.h:39
#define CIRCLAUNCH_IS_V3_RP
Definition: circuituse.h:49
#define CIRCLAUNCH_IS_INTERNAL
Definition: circuituse.h:46
#define CIRCLAUNCH_NEED_UPTIME
Definition: circuituse.h:41
#define CIRCLAUNCH_NEED_CONFLUX
Definition: circuituse.h:56
void command_setup_channel(channel_t *chan)
Definition: command.c:697
Header file for command.c.
const or_options_t * get_options(void)
Definition: config.c:944
tor_cmdline_mode_t command
Definition: config.c:2468
Header file for config.c.
void conflux_add_middles_to_exclude_list(const origin_circuit_t *orig_circ, smartlist_t *excluded)
Header file for conflux_pool.c.
Header for confmgt.c.
congestion_control_t * congestion_control_new(const circuit_params_t *params, cc_path_t path)
int congestion_control_build_ext_request(uint8_t **msg_out, size_t *msg_len_out)
bool congestion_control_enabled(void)
Public APIs for congestion control.
#define SBWS_ROUTE_LEN
Header file for connection.c.
#define CONN_TYPE_AP
Definition: connection.h:51
int connection_ap_can_use_exit(const entry_connection_t *conn, const node_t *exit_node)
int connection_edge_is_rendezvous_stream(const edge_connection_t *conn)
entry_connection_t * TO_ENTRY_CONN(connection_t *c)
edge_connection_t * TO_EDGE_CONN(connection_t *c)
Header file for connection_edge.c.
#define AP_CONN_STATE_CIRCUIT_WAIT
void clear_broken_connection_map(int stop_recording)
Header file for connection_or.c.
void control_event_bootstrap(bootstrap_status_t status, int progress)
int control_event_general_status(int severity, const char *format,...)
int control_event_client_status(int severity, const char *format,...)
Header file for control_events.c.
Circuit-build-stse structure.
crypt_path_t * cpath_get_next_non_open_hop(crypt_path_t *cpath)
Definition: crypt_path.c:227
int cpath_append_hop(crypt_path_t **head_ptr, extend_info_t *choice)
Definition: crypt_path.c:59
int cpath_init_circuit_crypto(crypt_path_t *cpath, const char *key_data, size_t key_data_len, int reverse, int is_hs_v3)
Definition: crypt_path.c:148
void cpath_free(crypt_path_t *victim)
Definition: crypt_path.c:160
Header file for crypt_path.c.
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
void ed25519_pubkey_copy(ed25519_public_key_t *dest, const ed25519_public_key_t *src)
int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
void * smartlist_choose(const smartlist_t *sl)
Definition: crypto_rand.c:594
void crypto_rand(char *to, size_t n)
Definition: crypto_rand.c:479
Common functions for using (pseudo-)random number generators.
const char * extend_info_describe(const extend_info_t *ei)
Definition: describe.c:224
const char * node_describe(const node_t *node)
Definition: describe.c:160
Header file for describe.c.
#define DIGEST_LEN
Definition: digest_sizes.h:20
#define DIGEST256_LEN
Definition: digest_sizes.h:23
Header file for directory.c.
Entry connection structure.
const routerset_t * get_layer2_guards(void)
Definition: entrynodes.c:4249
guard_usable_t entry_guard_succeeded(circuit_guard_state_t **guard_state_p)
Definition: entrynodes.c:2544
bool vanguards_lite_is_enabled(void)
Definition: entrynodes.c:4020
const node_t * guards_choose_guard(const origin_circuit_t *circ, cpath_build_state_t *state, uint8_t purpose, circuit_guard_state_t **guard_state_out)
Definition: entrynodes.c:3807
Header file for circuitbuild.c.
Header file for Tor tracing instrumentation definition.
#define TR_SUBSYS(name)
Definition: events.h:45
Extend-info structure.
extend_info_t * extend_info_dup(extend_info_t *info)
Definition: extendinfo.c:193
extend_info_t * extend_info_from_node(const node_t *node, int for_direct_connect, bool for_exit)
Definition: extendinfo.c:100
const tor_addr_port_t * extend_info_pick_orport(const extend_info_t *ei)
Definition: extendinfo.c:300
const tor_addr_port_t * extend_info_get_orport(const extend_info_t *ei, int family)
Definition: extendinfo.c:285
bool extend_info_any_orport_addr_is_internal(const extend_info_t *ei)
Definition: extendinfo.c:340
Header for core/or/extendinfo.c.
Header for hs_ntor.c.
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:590
#define log_fn(severity, domain, args,...)
Definition: log.h:283
#define LD_REND
Definition: log.h:84
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:288
#define LD_APP
Definition: log.h:78
#define LD_PROTOCOL
Definition: log.h:72
#define LD_BUG
Definition: log.h:86
#define LD_GUARD
Definition: log.h:109
#define LD_GENERAL
Definition: log.h:62
#define LOG_NOTICE
Definition: log.h:50
#define LD_CIRC
Definition: log.h:82
#define LOG_WARN
Definition: log.h:53
#define LOG_INFO
Definition: log.h:45
void note_that_we_maybe_cant_complete_circuits(void)
Definition: mainloop.c:234
int have_completed_a_circuit(void)
Definition: mainloop.c:218
void note_that_we_completed_a_circuit(void)
Definition: mainloop.c:226
smartlist_t * get_connection_array(void)
Definition: mainloop.c:443
void reset_all_main_loop_timers(void)
Definition: mainloop.c:1466
Header file for mainloop.c.
#define tor_free(p)
Definition: malloc.h:56
Header file for microdesc.c.
Header file for networkstatus.c.
int is_legal_nickname(const char *s)
Definition: nickname.c:19
Header file for nickname.c.
const node_t * router_choose_random_node(smartlist_t *excludedsmartlist, routerset_t *excludedset, router_crn_flags_t flags)
Definition: node_select.c:979
const node_t * node_sl_choose_by_bandwidth(const smartlist_t *sl, bandwidth_weight_rule_t rule)
Definition: node_select.c:856
Header file for node_select.c.
router_crn_flags_t
Definition: node_select.h:16
Node information structure.
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:226
void nodelist_add_node_and_family(smartlist_t *sl, const node_t *node)
Definition: nodelist.c:2251
const smartlist_t * nodelist_get_list(void)
Definition: nodelist.c:1047
int node_has_preferred_descriptor(const node_t *node, int for_direct_connect)
Definition: nodelist.c:1509
void node_get_verbose_nickname(const node_t *node, char *verbose_name_out)
Definition: nodelist.c:1542
int router_have_minimum_dir_info(void)
Definition: nodelist.c:2436
int node_exit_policy_rejects_all(const node_t *node)
Definition: nodelist.c:1588
Header file for nodelist.c.
Header file for ocirc_event.c.
int extend_cell_format(uint8_t *command_out, uint16_t *len_out, uint8_t *payload_out, const extend_cell_t *cell_in)
Definition: onion.c:617
Header file for onion.c.
int onion_skin_client_handshake(int type, const onion_handshake_state_t *handshake_state, const uint8_t *reply, size_t reply_len, uint8_t *keys_out, size_t keys_out_len, uint8_t *rend_authenticator_out, circuit_params_t *params_out, const char **msg_out)
Definition: onion_crypto.c:462
int onion_skin_create(int type, const extend_info_t *node, onion_handshake_state_t *state_out, uint8_t *onion_skin_out, size_t onion_skin_out_maxlen)
Definition: onion_crypto.c:132
void onion_handshake_state_release(onion_handshake_state_t *state)
Definition: onion_crypto.c:97
Header file for onion_crypto.c.
Header file for onion_fast.c.
Header file for onion_tap.c.
Master header file for Tor-specific functionality.
#define MAX_NICKNAME_LEN
Definition: or.h:112
#define MIN_CIRCUITS_HANDLING_STREAM
Definition: or.h:180
#define DEFAULT_ROUTE_LEN
Definition: or.h:902
uint32_t circid_t
Definition: or.h:497
#define END_CIRC_REASON_NOPATH
Definition: or.h:316
#define TO_CIRCUIT(x)
Definition: or.h:848
#define MAX_VERBOSE_NICKNAME_LEN
Definition: or.h:118
#define RELAY_PAYLOAD_SIZE
Definition: or.h:494
#define END_CIRC_REASON_FLAG_REMOTE
Definition: or.h:341
@ CELL_DIRECTION_OUT
Definition: or.h:377
Origin circuit structure.
addr_policy_result_t compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port, const node_t *node)
Definition: policies.c:2907
Header file for policies.c.
addr_policy_result_t
Definition: policies.h:38
@ ADDR_POLICY_PROBABLY_REJECTED
Definition: policies.h:48
@ ADDR_POLICY_REJECTED
Definition: policies.h:42
void rep_hist_remove_predicted_ports(const smartlist_t *rmv_ports)
smartlist_t * rep_hist_get_predicted_ports(time_t now)
Header file for predict_ports.c.
char * rate_limit_log(ratelim_t *lim, time_t now)
Definition: ratelim.c:42
void append_cell_to_circuit_queue(circuit_t *circ, channel_t *chan, cell_t *cell, cell_direction_t direction, streamid_t fromstream)
Definition: relay.c:3386
Header file for relay.c.
int router_digest_is_me(const char *digest)
Definition: router.c:1744
Header file for router.c.
void router_add_running_nodes_to_smartlist(smartlist_t *sl, int flags)
Definition: routerlist.c:618
Header file for routerlist.c.
int server_mode(const or_options_t *options)
Definition: routermode.c:34
Header file for routermode.c.
int routerset_contains_node(const routerset_t *set, const node_t *node)
Definition: routerset.c:353
void routerset_get_all_nodes(smartlist_t *out, const routerset_t *routerset, const routerset_t *excludeset, int running_only)
Definition: routerset.c:379
int routerset_contains_extendinfo(const routerset_t *set, const extend_info_t *ei)
Definition: routerset.c:308
void routerset_subtract_nodes(smartlist_t *lst, const routerset_t *routerset)
Definition: routerset.c:413
Header file for routerset.c.
void router_do_reachability_checks(void)
Definition: selftest.c:292
Header file for selftest.c.
void smartlist_add_asprintf(struct smartlist_t *sl, const char *pattern,...)
Definition: smartlist.c:36
int smartlist_contains_int_as_string(const smartlist_t *sl, int num)
Definition: smartlist.c:147
void smartlist_subtract(smartlist_t *sl1, const smartlist_t *sl2)
Definition: smartlist.c:264
char * smartlist_join_strings(smartlist_t *sl, const char *join, int terminate, size_t *len_out)
Definition: smartlist.c:279
smartlist_t * smartlist_new(void)
void smartlist_add(smartlist_t *sl, void *element)
void smartlist_clear(smartlist_t *sl)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
Definition: cell_st.h:17
circid_t circ_id
Definition: cell_st.h:18
channel_state_t state
Definition: channel.h:192
int(* is_canonical)(channel_t *)
Definition: channel.h:353
unsigned int num_n_circuits
Definition: channel.h:410
circ_id_type_bitfield_t circ_id_type
Definition: channel.h:405
char identity_digest[DIGEST_LEN]
Definition: channel.h:378
uint64_t global_identifier
Definition: channel.h:197
channel_usage_info_t channel_usage
Definition: channel.h:228
time_t timestamp_created
Definition: channel.h:298
circuitmux_t * cmux
Definition: channel.h:397
ratelim_t last_warned_circ_ids_exhausted
Definition: channel.h:438
uint8_t state
Definition: circuit_st.h:111
uint8_t purpose
Definition: circuit_st.h:112
struct timeval timestamp_began
Definition: circuit_st.h:166
channel_t * n_chan
Definition: circuit_st.h:70
extend_info_t * n_hop
Definition: circuit_st.h:88
circid_t n_circ_id
Definition: circuit_st.h:79
uint8_t state
Definition: connection_st.h:49
unsigned int type
Definition: connection_st.h:50
uint16_t marked_for_close
extend_info_t * chosen_exit
uint16_t handshake_len
Definition: onion.h:30
uint16_t handshake_type
Definition: onion.h:28
uint8_t onionskin[CELL_PAYLOAD_SIZE - 4]
Definition: onion.h:32
uint8_t cell_type
Definition: onion.h:26
uint16_t handshake_len
Definition: onion.h:40
uint8_t reply[CELL_PAYLOAD_SIZE - 2]
Definition: onion.h:42
struct crypt_path_t * prev
Definition: crypt_path_st.h:80
uint8_t state
Definition: crypt_path_st.h:73
struct crypt_path_t * next
Definition: crypt_path_st.h:77
extend_info_t * extend_info
Definition: crypt_path_st.h:66
char rend_circ_nonce[DIGEST_LEN]
Definition: crypt_path_st.h:63
onion_handshake_state_t handshake_state
Definition: crypt_path_st.h:57
struct congestion_control_t * ccontrol
Definition: crypt_path_st.h:89
struct edge_connection_t * next_stream
tor_addr_port_t orport_ipv4
Definition: onion.h:50
create_cell_t create_cell
Definition: onion.h:60
struct ed25519_public_key_t ed_pubkey
Definition: onion.h:56
uint8_t node_id[DIGEST_LEN]
Definition: onion.h:54
tor_addr_port_t orport_ipv6
Definition: onion.h:52
uint8_t cell_type
Definition: onion.h:48
ed25519_public_key_t ed_identity
char identity_digest[DIGEST_LEN]
char nickname[MAX_HEX_NICKNAME_LEN+1]
bool exit_supports_congestion_control
Definition: node_st.h:34
char identity[DIGEST_LEN]
Definition: node_st.h:46
struct routerset_t * ExcludeExitNodesUnion_
struct routerset_t * ExcludeNodes
struct routerset_t * ExitNodes
struct routerset_t * HSLayer2Nodes
struct smartlist_t * LongLivedPorts
int ExtendAllowPrivateAddresses
struct routerset_t * MiddleNodes
struct routerset_t * HSLayer3Nodes
edge_connection_t * p_streams
unsigned int has_opened
crypt_path_t * cpath
cpath_build_state_t * build_state
struct circuit_guard_state_t * guard_state
unsigned first_hop_from_controller
#define STATIC
Definition: testsupport.h:32
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
void tor_gettimeofday(struct timeval *timeval)
Headers for transports.c.
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:176
#define tor_assert(expr)
Definition: util_bug.h:102
#define tor_fragile_assert()
Definition: util_bug.h:270
#define IF_BUG_ONCE(cond)
Definition: util_bug.h:246
int tor_digest_is_zero(const char *digest)
Definition: util_string.c:96