Tor  0.4.8.0-alpha-dev
circuituse.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * \file circuituse.c
9  * \brief Launch the right sort of circuits and attach the right streams to
10  * them.
11  *
12  * As distinct from circuitlist.c, which manages lookups to find circuits, and
13  * circuitbuild.c, which handles the logistics of circuit construction, this
14  * module keeps track of which streams can be attached to which circuits (in
15  * circuit_get_best()), and attaches streams to circuits (with
16  * circuit_try_attaching_streams(), connection_ap_handshake_attach_circuit(),
17  * and connection_ap_handshake_attach_chosen_circuit() ).
18  *
19  * This module also makes sure that we are building circuits for all of the
20  * predicted ports, using circuit_remove_handled_ports(),
21  * circuit_stream_is_being_handled(), and circuit_build_needed_cirs(). It
22  * handles launching circuits for specific targets using
23  * circuit_launch_by_extend_info().
24  *
25  * This is also where we handle expiring circuits that have been around for
26  * too long without actually completing, along with the circuit_build_timeout
27  * logic in circuitstats.c.
28  **/
29 
30 #include "core/or/or.h"
31 #include "app/config/config.h"
33 #include "core/or/channel.h"
34 #include "core/or/circuitbuild.h"
35 #include "core/or/circuitlist.h"
36 #include "core/or/circuitstats.h"
37 #include "core/or/circuituse.h"
38 #include "core/or/circuitpadding.h"
40 #include "core/or/extendinfo.h"
41 #include "core/or/policies.h"
42 #include "core/or/trace_probes_circuit.h"
44 #include "feature/client/bridges.h"
45 #include "feature/client/circpathbias.h"
50 #include "feature/hs/hs_circuit.h"
51 #include "feature/hs/hs_client.h"
52 #include "feature/hs/hs_common.h"
53 #include "feature/hs/hs_ident.h"
54 #include "feature/hs/hs_metrics.h"
55 #include "feature/hs/hs_stats.h"
61 #include "feature/relay/selftest.h"
63 #include "lib/math/fp.h"
64 #include "lib/time/tvdiff.h"
65 #include "lib/trace/events.h"
66 
70 #include "core/or/extend_info_st.h"
71 #include "core/or/or_circuit_st.h"
74 
76 static void circuit_increment_failure_count(void);
77 
78 /** Check whether the hidden service destination of the stream at
79  * <b>edge_conn</b> is the same as the destination of the circuit at
80  * <b>origin_circ</b>. */
81 static int
83  const origin_circuit_t *origin_circ)
84 {
85  /* Check if this is a v3 rendezvous circ/stream */
86  if ((edge_conn->hs_ident && !origin_circ->hs_ident) ||
87  (!edge_conn->hs_ident && origin_circ->hs_ident) ||
88  (edge_conn->hs_ident && origin_circ->hs_ident &&
89  !ed25519_pubkey_eq(&edge_conn->hs_ident->identity_pk,
90  &origin_circ->hs_ident->identity_pk))) {
91  /* this circ is not for this conn */
92  return 0;
93  }
94 
95  return 1;
96 }
97 
98 /** Return 1 if <b>circ</b> could be returned by circuit_get_best().
99  * Else return 0.
100  */
101 static int
103  const entry_connection_t *conn,
104  int must_be_open, uint8_t purpose,
105  int need_uptime, int need_internal,
106  time_t now)
107 {
108  const circuit_t *circ = TO_CIRCUIT(origin_circ);
109  const node_t *exitnode;
110  cpath_build_state_t *build_state;
111  tor_assert(circ);
112  tor_assert(conn);
113  tor_assert(conn->socks_request);
114 
115  if (must_be_open && (circ->state != CIRCUIT_STATE_OPEN || !circ->n_chan))
116  return 0; /* ignore non-open circs */
117  if (circ->marked_for_close)
118  return 0;
119 
120  /* if this circ isn't our purpose, skip. */
121  if (purpose == CIRCUIT_PURPOSE_C_REND_JOINED && !must_be_open) {
126  return 0;
127  } else if (purpose == CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT &&
128  !must_be_open) {
129  if (circ->purpose != CIRCUIT_PURPOSE_C_INTRODUCING &&
131  return 0;
132  } else {
133  if (purpose != circ->purpose)
134  return 0;
135  }
136 
137  if (purpose == CIRCUIT_PURPOSE_C_GENERAL ||
138  purpose == CIRCUIT_PURPOSE_C_HSDIR_GET ||
139  purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
140  purpose == CIRCUIT_PURPOSE_HS_VANGUARDS ||
141  purpose == CIRCUIT_PURPOSE_C_REND_JOINED) {
142  if (circ->timestamp_dirty &&
143  circ->timestamp_dirty+get_options()->MaxCircuitDirtiness <= now)
144  return 0;
145  }
146 
147  if (origin_circ->unusable_for_new_conns)
148  return 0;
149 
150  /* decide if this circ is suitable for this conn */
151 
152  /* for rend circs, circ->cpath->prev is not the last router in the
153  * circuit, it's the magical extra service hop. so just check the nickname
154  * of the one we meant to finish at.
155  */
156  build_state = origin_circ->build_state;
157  exitnode = build_state_get_exit_node(build_state);
158 
159  if (need_uptime && !build_state->need_uptime)
160  return 0;
161  if (need_internal != build_state->is_internal)
162  return 0;
163 
164  if (purpose == CIRCUIT_PURPOSE_C_GENERAL ||
165  purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
166  purpose == CIRCUIT_PURPOSE_C_HSDIR_GET) {
167  tor_addr_t addr;
168  if (!exitnode && !build_state->onehop_tunnel) {
169  log_debug(LD_CIRC,"Not considering circuit with unknown router.");
170  return 0; /* this circuit is screwed and doesn't know it yet,
171  * or is a rendezvous circuit. */
172  }
173  if (build_state->onehop_tunnel) {
174  if (!conn->want_onehop) {
175  log_debug(LD_CIRC,"Skipping one-hop circuit.");
176  return 0;
177  }
179  if (build_state->chosen_exit) {
180  char digest[DIGEST_LEN];
181  if (hexdigest_to_digest(conn->chosen_exit_name, digest) < 0)
182  return 0; /* broken digest, we don't want it */
183  if (tor_memneq(digest, build_state->chosen_exit->identity_digest,
184  DIGEST_LEN))
185  return 0; /* this is a circuit to somewhere else */
186  if (tor_digest_is_zero(digest)) {
187  /* we don't know the digest; have to compare addr:port */
188  const int family = tor_addr_parse(&addr,
189  conn->socks_request->address);
190  if (family < 0 ||
191  !extend_info_has_orport(build_state->chosen_exit, &addr,
192  conn->socks_request->port))
193  return 0;
194  }
195  }
196  } else {
197  if (conn->want_onehop) {
198  /* don't use three-hop circuits -- that could hurt our anonymity. */
199  return 0;
200  }
201  }
202  if (origin_circ->prepend_policy) {
203  if (tor_addr_parse(&addr, conn->socks_request->address) != -1) {
204  int r = compare_tor_addr_to_addr_policy(&addr,
205  conn->socks_request->port,
206  origin_circ->prepend_policy);
207  if (r == ADDR_POLICY_REJECTED)
208  return 0;
209  }
210  }
211  if (exitnode && !connection_ap_can_use_exit(conn, exitnode)) {
212  /* can't exit from this router */
213  return 0;
214  }
215  } else { /* not general: this might be a rend circuit */
216  const edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(conn);
217  if (!circuit_matches_with_rend_stream(edge_conn, origin_circ)) {
218  return 0;
219  }
220  }
221 
222  if (!connection_edge_compatible_with_circuit(conn, origin_circ)) {
223  /* conn needs to be isolated from other conns that have already used
224  * origin_circ */
225  return 0;
226  }
227 
228  return 1;
229 }
230 
231 /** Return 1 if circuit <b>a</b> is better than circuit <b>b</b> for
232  * <b>conn</b>, and return 0 otherwise. Used by circuit_get_best.
233  */
234 static int
236  const entry_connection_t *conn)
237 {
238  const circuit_t *a = TO_CIRCUIT(oa);
239  const circuit_t *b = TO_CIRCUIT(ob);
240  const uint8_t purpose = ENTRY_TO_CONN(conn)->purpose;
241  int a_bits, b_bits;
242 
243  /* If one of the circuits was allowed to live due to relaxing its timeout,
244  * it is definitely worse (it's probably a much slower path). */
245  if (oa->relaxed_timeout && !ob->relaxed_timeout)
246  return 0; /* ob is better. It's not relaxed. */
247  if (!oa->relaxed_timeout && ob->relaxed_timeout)
248  return 1; /* oa is better. It's not relaxed. */
249 
250  switch (purpose) {
254  /* if it's used but less dirty it's best;
255  * else if it's more recently created it's best
256  */
257  if (b->timestamp_dirty) {
258  if (a->timestamp_dirty &&
260  return 1;
261  } else {
262  if (a->timestamp_dirty ||
263  timercmp(&a->timestamp_began, &b->timestamp_began, OP_GT))
264  return 1;
265  if (ob->build_state->is_internal)
266  /* XXXX++ what the heck is this internal thing doing here. I
267  * think we can get rid of it. circuit_is_acceptable() already
268  * makes sure that is_internal is exactly what we need it to
269  * be. -RD */
270  return 1;
271  }
272  break;
274  /* the closer it is to ack_wait the better it is */
275  if (a->purpose > b->purpose)
276  return 1;
277  break;
279  /* the closer it is to rend_joined the better it is */
280  if (a->purpose > b->purpose)
281  return 1;
282  break;
283  }
284 
285  /* XXXX Maybe this check should get a higher priority to avoid
286  * using up circuits too rapidly. */
287 
289  (origin_circuit_t*)oa, 1);
291  (origin_circuit_t*)ob, 1);
292  /* if x_bits < 0, then we have not used x for anything; better not to dirty
293  * a connection if we can help it. */
294  if (a_bits < 0) {
295  return 0;
296  } else if (b_bits < 0) {
297  return 1;
298  }
299  a_bits &= ~ oa->isolation_flags_mixed;
300  a_bits &= ~ ob->isolation_flags_mixed;
301  if (n_bits_set_u8(a_bits) < n_bits_set_u8(b_bits)) {
302  /* The fewer new restrictions we need to make on a circuit for stream
303  * isolation, the better. */
304  return 1;
305  }
306 
307  return 0;
308 }
309 
310 /** Find the best circ that conn can use, preferably one which is
311  * dirty. Circ must not be too old.
312  *
313  * Conn must be defined.
314  *
315  * If must_be_open, ignore circs not in CIRCUIT_STATE_OPEN.
316  *
317  * circ_purpose specifies what sort of circuit we must have.
318  * It can be C_GENERAL, C_INTRODUCE_ACK_WAIT, or C_REND_JOINED.
319  *
320  * If it's REND_JOINED and must_be_open==0, then return the closest
321  * rendezvous-purposed circuit that you can find.
322  *
323  * If it's INTRODUCE_ACK_WAIT and must_be_open==0, then return the
324  * closest introduce-purposed circuit that you can find.
325  */
326 static origin_circuit_t *
328  int must_be_open, uint8_t purpose,
329  int need_uptime, int need_internal)
330 {
331  origin_circuit_t *best=NULL;
332  struct timeval now;
333 
334  tor_assert(conn);
335 
337  purpose == CIRCUIT_PURPOSE_HS_VANGUARDS ||
338  purpose == CIRCUIT_PURPOSE_C_HSDIR_GET ||
339  purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
341  purpose == CIRCUIT_PURPOSE_C_REND_JOINED);
342 
343  tor_gettimeofday(&now);
344 
346  origin_circuit_t *origin_circ;
347  if (!CIRCUIT_IS_ORIGIN(circ))
348  continue;
349  origin_circ = TO_ORIGIN_CIRCUIT(circ);
350 
351  if (!circuit_is_acceptable(origin_circ,conn,must_be_open,purpose,
352  need_uptime,need_internal, (time_t)now.tv_sec))
353  continue;
354 
355  /* now this is an acceptable circ to hand back. but that doesn't
356  * mean it's the *best* circ to hand back. try to decide.
357  */
358  if (!best || circuit_is_better(origin_circ,best,conn))
359  best = origin_circ;
360  }
361  SMARTLIST_FOREACH_END(circ);
362 
363  return best;
364 }
365 
366 /** Return the number of not-yet-open general-purpose origin circuits. */
367 static int
369 {
370  int count = 0;
371 
373  if (circ->marked_for_close ||
374  circ->state == CIRCUIT_STATE_OPEN ||
376  !CIRCUIT_IS_ORIGIN(circ))
377  continue;
378 
379  ++count;
380  }
381  SMARTLIST_FOREACH_END(circ);
382 
383  return count;
384 }
385 
386 #if 0
387 /** Check whether, according to the policies in <b>options</b>, the
388  * circuit <b>circ</b> makes sense. */
389 /* XXXX currently only checks Exclude{Exit}Nodes; it should check more.
390  * Also, it doesn't have the right definition of an exit circuit. Also,
391  * it's never called. */
392 int
393 circuit_conforms_to_options(const origin_circuit_t *circ,
394  const or_options_t *options)
395 {
396  const crypt_path_t *cpath, *cpath_next = NULL;
397 
398  /* first check if it includes any excluded nodes */
399  for (cpath = circ->cpath; cpath_next != circ->cpath; cpath = cpath_next) {
400  cpath_next = cpath->next;
402  cpath->extend_info))
403  return 0;
404  }
405 
406  /* then consider the final hop */
408  circ->cpath->prev->extend_info))
409  return 0;
410 
411  return 1;
412 }
413 #endif /* 0 */
414 
415 /**
416  * Close all circuits that start at us, aren't open, and were born
417  * at least CircuitBuildTimeout seconds ago.
418  *
419  * TODO: This function is now partially redundant to
420  * circuit_build_times_handle_completed_hop(), but that function only
421  * covers circuits up to and including 3 hops that are still actually
422  * completing hops. However, circuit_expire_building() also handles longer
423  * circuits, as well as circuits that are completely stalled.
424  * In the future (after prop247/other path selection revamping), we probably
425  * want to eliminate this rats nest in favor of a simpler approach.
426  */
427 void
429 {
430  /* circ_times.timeout_ms and circ_times.close_ms are from
431  * circuit_build_times_get_initial_timeout() if we haven't computed
432  * custom timeouts yet */
433  struct timeval general_cutoff, begindir_cutoff, fourhop_cutoff,
434  close_cutoff, extremely_old_cutoff,
435  cannibalized_cutoff, c_intro_cutoff, s_intro_cutoff, stream_cutoff,
436  c_rend_ready_cutoff;
437  const or_options_t *options = get_options();
438  struct timeval now;
439  cpath_build_state_t *build_state;
440  int any_opened_circs = 0;
441 
442  tor_gettimeofday(&now);
443 
444  /* Check to see if we have any opened circuits. If we don't,
445  * we want to be more lenient with timeouts, in case the
446  * user has relocated and/or changed network connections.
447  * See bug #3443. */
448  any_opened_circs = circuit_any_opened_circuits();
449 
450 #define SET_CUTOFF(target, msec) do { \
451  long ms = tor_lround(msec); \
452  struct timeval diff; \
453  diff.tv_sec = ms / 1000; \
454  diff.tv_usec = (int)((ms % 1000) * 1000); \
455  timersub(&now, &diff, &target); \
456  } while (0)
457 
458  /**
459  * Because circuit build timeout is calculated only based on 3 hop
460  * general purpose circuit construction, we need to scale the timeout
461  * to make it properly apply to longer circuits, and circuits of
462  * certain usage types. The following diagram illustrates how we
463  * derive the scaling below. In short, we calculate the number
464  * of times our telescoping-based circuit construction causes cells
465  * to traverse each link for the circuit purpose types in question,
466  * and then assume each link is equivalent.
467  *
468  * OP --a--> A --b--> B --c--> C
469  * OP --a--> A --b--> B --c--> C --d--> D
470  *
471  * Let h = a = b = c = d
472  *
473  * Three hops (general_cutoff)
474  * RTTs = 3a + 2b + c
475  * RTTs = 6h
476  * Cannibalized:
477  * RTTs = a+b+c+d
478  * RTTs = 4h
479  * Four hops:
480  * RTTs = 4a + 3b + 2c + d
481  * RTTs = 10h
482  * Client INTRODUCE1+ACK: // XXX: correct?
483  * RTTs = 5a + 4b + 3c + 2d
484  * RTTs = 14h
485  * Server intro:
486  * RTTs = 4a + 3b + 2c
487  * RTTs = 9h
488  */
489  SET_CUTOFF(general_cutoff, get_circuit_build_timeout_ms());
490  SET_CUTOFF(begindir_cutoff, get_circuit_build_timeout_ms());
491 
492  // TODO: We should probably use route_len_for_purpose() here instead,
493  // except that does not count the extra round trip for things like server
494  // intros and rends.
495 
496  /* > 3hop circs seem to have a 1.0 second delay on their cannibalized
497  * 4th hop. */
498  SET_CUTOFF(fourhop_cutoff, get_circuit_build_timeout_ms() * (10/6.0) + 1000);
499 
500  /* CIRCUIT_PURPOSE_C_ESTABLISH_REND behaves more like a RELAY cell.
501  * Use the stream cutoff (more or less). */
502  SET_CUTOFF(stream_cutoff, MAX(options->CircuitStreamTimeout,15)*1000 + 1000);
503 
504  /* Be lenient with cannibalized circs. They already survived the official
505  * CBT, and they're usually not performance-critical. */
506  SET_CUTOFF(cannibalized_cutoff,
508  options->CircuitStreamTimeout * 1000) + 1000);
509 
510  /* Intro circs have an extra round trip (and are also 4 hops long) */
511  SET_CUTOFF(c_intro_cutoff, get_circuit_build_timeout_ms() * (14/6.0) + 1000);
512 
513  /* Server intro circs have an extra round trip */
514  SET_CUTOFF(s_intro_cutoff, get_circuit_build_timeout_ms() * (9/6.0) + 1000);
515 
516  /* For circuit purpose set to: CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED.
517  *
518  * The cutoff of such circuit is very high because we end up in this state if
519  * once the INTRODUCE_ACK is received which could be before the service
520  * receives the INTRODUCE2 cell. The worst case is a full 3-hop latency
521  * (intro -> service), 4-hop circuit creation latency (service -> RP), and
522  * finally a 7-hop latency for the RENDEZVOUS2 cell to arrive (service ->
523  * client). */
524  SET_CUTOFF(c_rend_ready_cutoff, get_circuit_build_timeout_ms() * 3 + 1000);
525 
526  SET_CUTOFF(close_cutoff, get_circuit_build_close_time_ms());
527  SET_CUTOFF(extremely_old_cutoff, get_circuit_build_close_time_ms()*2 + 1000);
528 
529  bool fixed_time = circuit_build_times_disabled(get_options());
530 
532  struct timeval cutoff;
533 
534  if (!CIRCUIT_IS_ORIGIN(victim) || /* didn't originate here */
535  victim->marked_for_close) /* don't mess with marked circs */
536  continue;
537 
538  /* If we haven't yet started the first hop, it means we don't have
539  * any orconns available, and thus have not started counting time yet
540  * for this circuit. See circuit_deliver_create_cell() and uses of
541  * timestamp_began.
542  *
543  * Continue to wait in this case. The ORConn should timeout
544  * independently and kill us then.
545  */
546  if (TO_ORIGIN_CIRCUIT(victim)->cpath->state == CPATH_STATE_CLOSED) {
547  continue;
548  }
549 
550  build_state = TO_ORIGIN_CIRCUIT(victim)->build_state;
551  if (build_state && build_state->onehop_tunnel)
552  cutoff = begindir_cutoff;
553  else if (victim->purpose == CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT)
554  cutoff = close_cutoff;
555  else if (victim->purpose == CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT)
556  cutoff = c_intro_cutoff;
557  else if (victim->purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO)
558  cutoff = s_intro_cutoff;
559  else if (victim->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) {
560  /* Service connecting to a rendezvous point is a four hop circuit. We set
561  * it explicitly here because this function is a clusterf***. */
562  cutoff = fourhop_cutoff;
563  } else if (victim->purpose == CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED)
564  cutoff = c_rend_ready_cutoff;
565  else if (victim->purpose == CIRCUIT_PURPOSE_PATH_BIAS_TESTING)
566  cutoff = close_cutoff;
567  else if (TO_ORIGIN_CIRCUIT(victim)->has_opened &&
568  victim->state != CIRCUIT_STATE_OPEN)
569  cutoff = cannibalized_cutoff;
570  else if (build_state && build_state->desired_path_len >= 4)
571  cutoff = fourhop_cutoff;
572  else
573  cutoff = general_cutoff;
574 
575  if (timercmp(&victim->timestamp_began, &cutoff, OP_GT))
576  continue; /* it's still young, leave it alone */
577 
578  /* We need to double-check the opened state here because
579  * we don't want to consider opened 1-hop dircon circuits for
580  * deciding when to relax the timeout, but we *do* want to relax
581  * those circuits too if nothing else is opened *and* they still
582  * aren't either. */
583  if (!any_opened_circs && victim->state != CIRCUIT_STATE_OPEN) {
584  /* It's still young enough that we wouldn't close it, right? */
585  if (timercmp(&victim->timestamp_began, &close_cutoff, OP_GT)) {
586  if (!TO_ORIGIN_CIRCUIT(victim)->relaxed_timeout) {
587  int first_hop_succeeded = TO_ORIGIN_CIRCUIT(victim)->cpath->state
588  == CPATH_STATE_OPEN;
589  if (!fixed_time) {
590  log_info(LD_CIRC,
591  "No circuits are opened. Relaxing timeout for circuit %d "
592  "(a %s %d-hop circuit in state %s with channel state %s).",
593  TO_ORIGIN_CIRCUIT(victim)->global_identifier,
594  circuit_purpose_to_string(victim->purpose),
595  TO_ORIGIN_CIRCUIT(victim)->build_state ?
596  TO_ORIGIN_CIRCUIT(victim)->build_state->desired_path_len :
597  -1,
598  circuit_state_to_string(victim->state),
599  victim->n_chan ?
600  channel_state_to_string(victim->n_chan->state) : "none");
601  }
602 
603  /* We count the timeout here for CBT, because technically this
604  * was a timeout, and the timeout value needs to reset if we
605  * see enough of them. Note this means we also need to avoid
606  * double-counting below, too. */
608  first_hop_succeeded);
609  TO_ORIGIN_CIRCUIT(victim)->relaxed_timeout = 1;
610  }
611  continue;
612  } else {
613  static ratelim_t relax_timeout_limit = RATELIM_INIT(3600);
614  const double build_close_ms = get_circuit_build_close_time_ms();
615  if (!fixed_time) {
616  log_fn_ratelim(&relax_timeout_limit, LOG_NOTICE, LD_CIRC,
617  "No circuits are opened. Relaxed timeout for circuit %d "
618  "(a %s %d-hop circuit in state %s with channel state %s) to "
619  "%ldms. However, it appears the circuit has timed out "
620  "anyway.",
621  TO_ORIGIN_CIRCUIT(victim)->global_identifier,
622  circuit_purpose_to_string(victim->purpose),
623  TO_ORIGIN_CIRCUIT(victim)->build_state ?
624  TO_ORIGIN_CIRCUIT(victim)->build_state->desired_path_len :
625  -1,
626  circuit_state_to_string(victim->state),
627  victim->n_chan ?
628  channel_state_to_string(victim->n_chan->state) : "none",
629  (long)build_close_ms);
630  }
631  }
632  }
633 
634 #if 0
635  /* some debug logs, to help track bugs */
636  if (victim->purpose >= CIRCUIT_PURPOSE_C_INTRODUCING &&
637  victim->purpose <= CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED) {
638  if (!victim->timestamp_dirty)
639  log_fn(LOG_DEBUG,"Considering %sopen purpose %d to %s (circid %d)."
640  "(clean).",
641  victim->state == CIRCUIT_STATE_OPEN ? "" : "non",
642  victim->purpose, victim->build_state->chosen_exit_name,
643  victim->n_circ_id);
644  else
645  log_fn(LOG_DEBUG,"Considering %sopen purpose %d to %s (circid %d). "
646  "%d secs since dirty.",
647  victim->state == CIRCUIT_STATE_OPEN ? "" : "non",
648  victim->purpose, victim->build_state->chosen_exit_name,
649  victim->n_circ_id,
650  (int)(now - victim->timestamp_dirty));
651  }
652 #endif /* 0 */
653 
654  /* if circ is !open, or if it's open but purpose is a non-finished
655  * intro or rend, then mark it for close */
656  if (victim->state == CIRCUIT_STATE_OPEN) {
657  switch (victim->purpose) {
658  default: /* most open circuits can be left alone. */
659  continue; /* yes, continue inside a switch refers to the nearest
660  * enclosing loop. C is smart. */
662  break; /* too old, need to die */
664  /* it's a rend_ready circ -- has it already picked a query? */
665  /* c_rend_ready circs measure age since timestamp_dirty,
666  * because that's set when they switch purposes
667  */
668  if (TO_ORIGIN_CIRCUIT(victim)->hs_ident ||
669  victim->timestamp_dirty > cutoff.tv_sec)
670  continue;
671  break;
673  /* Open path bias testing circuits are given a long
674  * time to complete the test, but not forever */
676  break;
678  /* That purpose means that the intro point circuit has been opened
679  * successfully but the INTRODUCE1 cell hasn't been sent yet because
680  * the client is waiting for the rendezvous point circuit to open.
681  * Keep this circuit open while waiting for the rendezvous circuit.
682  * We let the circuit idle timeout take care of cleaning this
683  * circuit if it never used. */
684  continue;
688  /* rend and intro circs become dirty each time they
689  * make an introduction attempt. so timestamp_dirty
690  * will reflect the time since the last attempt.
691  */
692  if (victim->timestamp_dirty > cutoff.tv_sec)
693  continue;
694  break;
695  }
696  } else { /* circuit not open, consider recording failure as timeout */
697  int first_hop_succeeded = TO_ORIGIN_CIRCUIT(victim)->cpath &&
698  TO_ORIGIN_CIRCUIT(victim)->cpath->state == CPATH_STATE_OPEN;
699 
700  if (TO_ORIGIN_CIRCUIT(victim)->p_streams != NULL) {
701  log_warn(LD_BUG, "Circuit %d (purpose %d, %s) has timed out, "
702  "yet has attached streams!",
703  TO_ORIGIN_CIRCUIT(victim)->global_identifier,
704  victim->purpose,
705  circuit_purpose_to_string(victim->purpose));
707  continue;
708  }
709 
712 
713  log_info(LD_CIRC,
714  "Deciding to count the timeout for circuit %"PRIu32,
715  TO_ORIGIN_CIRCUIT(victim)->global_identifier);
716 
717  /* Circuits are allowed to last longer for measurement.
718  * Switch their purpose and wait. */
719  if (victim->purpose != CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT) {
721  victim));
722  continue;
723  }
724 
725  /*
726  * If the circuit build time is much greater than we would have cut
727  * it off at, we probably had a suspend event along this codepath,
728  * and we should discard the value.
729  */
730  if (timercmp(&victim->timestamp_began, &extremely_old_cutoff, OP_LT)) {
731  log_notice(LD_CIRC,
732  "Extremely large value for circuit build timeout: %lds. "
733  "Assuming clock jump. Purpose %d (%s)",
734  (long)(now.tv_sec - victim->timestamp_began.tv_sec),
735  victim->purpose,
736  circuit_purpose_to_string(victim->purpose));
739  first_hop_succeeded,
740  (time_t)victim->timestamp_created.tv_sec)) {
742  }
743  }
744  }
745 
746  /* Special checks for onion service circuits. */
747  switch (victim->purpose) {
749  /* We only want to spare a rend circ iff it has been specified in an
750  * INTRODUCE1 cell sent to a hidden service. */
751  if (hs_circ_is_rend_sent_in_intro1(CONST_TO_ORIGIN_CIRCUIT(victim))) {
752  continue;
753  }
754  break;
756  /* The connection to the rendezvous point has timed out, close it and
757  * retry if possible. */
758  log_info(LD_CIRC,"Rendezvous circ %u (state %d:%s, purpose %d) "
759  "as timed-out, closing it. Relaunching rendezvous attempt.",
760  (unsigned)victim->n_circ_id,
761  victim->state, circuit_state_to_string(victim->state),
762  victim->purpose);
763  /* We'll close as a timeout the victim circuit. The rendezvous point
764  * won't keep both circuits, it only keeps the newest (for the same
765  * cookie). */
766  break;
767  default:
768  break;
769  }
770 
771  if (victim->n_chan)
772  log_info(LD_CIRC,
773  "Abandoning circ %u %s:%u (state %d,%d:%s, purpose %d, "
774  "len %d)", TO_ORIGIN_CIRCUIT(victim)->global_identifier,
775  channel_describe_peer(victim->n_chan),
776  (unsigned)victim->n_circ_id,
777  TO_ORIGIN_CIRCUIT(victim)->has_opened,
778  victim->state, circuit_state_to_string(victim->state),
779  victim->purpose,
780  TO_ORIGIN_CIRCUIT(victim)->build_state ?
781  TO_ORIGIN_CIRCUIT(victim)->build_state->desired_path_len :
782  -1);
783  else
784  log_info(LD_CIRC,
785  "Abandoning circ %u %u (state %d,%d:%s, purpose %d, len %d)",
786  TO_ORIGIN_CIRCUIT(victim)->global_identifier,
787  (unsigned)victim->n_circ_id,
788  TO_ORIGIN_CIRCUIT(victim)->has_opened,
789  victim->state,
790  circuit_state_to_string(victim->state), victim->purpose,
791  TO_ORIGIN_CIRCUIT(victim)->build_state ?
792  TO_ORIGIN_CIRCUIT(victim)->build_state->desired_path_len :
793  -1);
794 
796  tor_trace(TR_SUBSYS(circuit), TR_EV(timeout), TO_ORIGIN_CIRCUIT(victim));
797  if (victim->purpose == CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT)
798  circuit_mark_for_close(victim, END_CIRC_REASON_MEASUREMENT_EXPIRED);
799  else
800  circuit_mark_for_close(victim, END_CIRC_REASON_TIMEOUT);
801 
803  } SMARTLIST_FOREACH_END(victim);
804 }
805 
806 /**
807  * Mark for close all circuits that start here, that were built through a
808  * guard we weren't sure if we wanted to use, and that have been waiting
809  * around for way too long.
810  */
811 void
813 {
815  origin_circuit_t *, circ) {
816  if (TO_CIRCUIT(circ)->marked_for_close)
817  continue;
818  if (circ->guard_state == NULL)
819  continue;
821  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_NONE);
822  } SMARTLIST_FOREACH_END(circ);
823 }
824 
825 /** For debugging #8387: track when we last called
826  * circuit_expire_old_circuits_clientside. */
828 
829 /**
830  * As a diagnostic for bug 8387, log information about how many one-hop
831  * circuits we have around that have been there for at least <b>age</b>
832  * seconds. Log a few of them. Ignores Single Onion Service intro, it is
833  * expected to be long-term one-hop circuits.
834  */
835 void
837 {
838 #define MAX_ANCIENT_ONEHOP_CIRCUITS_TO_LOG 10
839  time_t now = time(NULL);
840  time_t cutoff = now - age;
841  int n_found = 0;
842  smartlist_t *log_these = smartlist_new();
843  const or_options_t *options = get_options();
844 
846  const origin_circuit_t *ocirc;
847  if (! CIRCUIT_IS_ORIGIN(circ))
848  continue;
849  if (circ->timestamp_created.tv_sec >= cutoff)
850  continue;
851  /* Single Onion Services deliberately make long term one-hop intro
852  * and rendezvous connections. Don't log the established ones. */
853  if (hs_service_allow_non_anonymous_connection(options) &&
854  (circ->purpose == CIRCUIT_PURPOSE_S_INTRO ||
855  circ->purpose == CIRCUIT_PURPOSE_S_REND_JOINED))
856  continue;
857  ocirc = CONST_TO_ORIGIN_CIRCUIT(circ);
858 
859  if (ocirc->build_state && ocirc->build_state->onehop_tunnel) {
860  ++n_found;
861 
862  if (smartlist_len(log_these) < MAX_ANCIENT_ONEHOP_CIRCUITS_TO_LOG)
863  smartlist_add(log_these, (origin_circuit_t*) ocirc);
864  }
865  }
866  SMARTLIST_FOREACH_END(circ);
867 
868  if (n_found == 0)
869  goto done;
870 
871  log_notice(LD_HEARTBEAT,
872  "Diagnostic for issue 8387: Found %d one-hop circuits more "
873  "than %d seconds old! Logging %d...",
874  n_found, age, smartlist_len(log_these));
875 
876  SMARTLIST_FOREACH_BEGIN(log_these, const origin_circuit_t *, ocirc) {
877  char created[ISO_TIME_LEN+1];
878  int stream_num;
879  const edge_connection_t *conn;
880  char *dirty = NULL;
881  const circuit_t *circ = TO_CIRCUIT(ocirc);
882 
883  format_local_iso_time(created,
884  (time_t)circ->timestamp_created.tv_sec);
885 
886  if (circ->timestamp_dirty) {
887  char dirty_since[ISO_TIME_LEN+1];
888  format_local_iso_time(dirty_since, circ->timestamp_dirty);
889 
890  tor_asprintf(&dirty, "Dirty since %s (%ld seconds vs %ld-second cutoff)",
891  dirty_since, (long)(now - circ->timestamp_dirty),
892  (long) options->MaxCircuitDirtiness);
893  } else {
894  dirty = tor_strdup("Not marked dirty");
895  }
896 
897  log_notice(LD_HEARTBEAT, " #%d created at %s. %s, %s. %s for close. "
898  "Package window: %d. "
899  "%s for new conns. %s.",
900  ocirc_sl_idx,
901  created,
904  circ->marked_for_close ? "Marked" : "Not marked",
905  circ->package_window,
906  ocirc->unusable_for_new_conns ? "Not usable" : "usable",
907  dirty);
908  tor_free(dirty);
909 
910  stream_num = 0;
911  for (conn = ocirc->p_streams; conn; conn = conn->next_stream) {
912  const connection_t *c = TO_CONN(conn);
913  char stream_created[ISO_TIME_LEN+1];
914  if (++stream_num >= 5)
915  break;
916 
917  format_local_iso_time(stream_created, c->timestamp_created);
918 
919  log_notice(LD_HEARTBEAT, " Stream#%d created at %s. "
920  "%s conn in state %s. "
921  "It is %slinked and %sreading from a linked connection %p. "
922  "Package window %d. "
923  "%s for close (%s:%d). Hold-open is %sset. "
924  "Has %ssent RELAY_END. %s on circuit.",
925  stream_num,
926  stream_created,
929  c->linked ? "" : "not ",
930  c->reading_from_linked_conn ? "": "not",
931  c->linked_conn,
932  conn->package_window,
933  c->marked_for_close ? "Marked" : "Not marked",
935  c->marked_for_close,
936  c->hold_open_until_flushed ? "" : "not ",
937  conn->edge_has_sent_end ? "" : "not ",
938  conn->edge_blocked_on_circ ? "Blocked" : "Not blocked");
939  if (! c->linked_conn)
940  continue;
941 
942  c = c->linked_conn;
943 
944  log_notice(LD_HEARTBEAT, " Linked to %s connection in state %s "
945  "(Purpose %d). %s for close (%s:%d). Hold-open is %sset. ",
948  c->purpose,
949  c->marked_for_close ? "Marked" : "Not marked",
951  c->marked_for_close,
952  c->hold_open_until_flushed ? "" : "not ");
953  }
954  } SMARTLIST_FOREACH_END(ocirc);
955 
956  log_notice(LD_HEARTBEAT, "It has been %ld seconds since I last called "
957  "circuit_expire_old_circuits_clientside().",
958  (long)(now - last_expired_clientside_circuits));
959 
960  done:
961  smartlist_free(log_these);
962 }
963 
964 /** Remove any elements in <b>needed_ports</b> that are handled by an
965  * open or in-progress circuit.
966  */
967 void
969 {
970  int i;
971  uint16_t *port;
972 
973  for (i = 0; i < smartlist_len(needed_ports); ++i) {
974  port = smartlist_get(needed_ports, i);
975  tor_assert(*port);
976  if (circuit_stream_is_being_handled(NULL, *port,
978  log_debug(LD_CIRC,"Port %d is already being handled; removing.", *port);
979  smartlist_del(needed_ports, i--);
980  tor_free(port);
981  } else {
982  log_debug(LD_CIRC,"Port %d is not handled.", *port);
983  }
984  }
985 }
986 
987 /** Return 1 if at least <b>min</b> general-purpose non-internal circuits
988  * will have an acceptable exit node for exit stream <b>conn</b> if it
989  * is defined, else for "*:port".
990  * Else return 0.
991  */
992 int
994  uint16_t port, int min)
995 {
996  const node_t *exitnode;
997  int num=0;
998  time_t now = time(NULL);
999  int need_uptime = smartlist_contains_int_as_string(
1000  get_options()->LongLivedPorts,
1001  conn ? conn->socks_request->port : port);
1002 
1004  if (CIRCUIT_IS_ORIGIN(circ) &&
1005  !circ->marked_for_close &&
1006  circ->purpose == CIRCUIT_PURPOSE_C_GENERAL &&
1007  (!circ->timestamp_dirty ||
1008  circ->timestamp_dirty + get_options()->MaxCircuitDirtiness > now)) {
1009  origin_circuit_t *origin_circ = TO_ORIGIN_CIRCUIT(circ);
1010  cpath_build_state_t *build_state = origin_circ->build_state;
1011  if (build_state->is_internal || build_state->onehop_tunnel)
1012  continue;
1013  if (origin_circ->unusable_for_new_conns)
1014  continue;
1015  if (origin_circ->isolation_values_set &&
1016  (conn == NULL ||
1017  !connection_edge_compatible_with_circuit(conn, origin_circ)))
1018  continue;
1019 
1020  exitnode = build_state_get_exit_node(build_state);
1021  if (exitnode && (!need_uptime || build_state->need_uptime)) {
1022  int ok;
1023  if (conn) {
1024  ok = connection_ap_can_use_exit(conn, exitnode);
1025  } else {
1027  r = compare_tor_addr_to_node_policy(NULL, port, exitnode);
1029  }
1030  if (ok) {
1031  if (++num >= min)
1032  return 1;
1033  }
1034  }
1035  }
1036  }
1037  SMARTLIST_FOREACH_END(circ);
1038  return 0;
1039 }
1040 
1041 /** Don't keep more than this many unused open circuits around. */
1042 #define MAX_UNUSED_OPEN_CIRCUITS 14
1043 
1044 /* Return true if a circuit is available for use, meaning that it is open,
1045  * clean, usable for new multi-hop connections, and a general purpose origin
1046  * circuit.
1047  * Accept any kind of circuit, return false if the above conditions are not
1048  * met. */
1049 STATIC int
1050 circuit_is_available_for_use(const circuit_t *circ)
1051 {
1052  const origin_circuit_t *origin_circ;
1053  cpath_build_state_t *build_state;
1054 
1055  if (!CIRCUIT_IS_ORIGIN(circ))
1056  return 0; /* We first filter out only origin circuits before doing the
1057  following checks. */
1058  if (circ->marked_for_close)
1059  return 0; /* Don't mess with marked circs */
1060  if (circ->timestamp_dirty)
1061  return 0; /* Only count clean circs */
1062  if (circ->purpose != CIRCUIT_PURPOSE_C_GENERAL &&
1064  return 0; /* We only pay attention to general purpose circuits.
1065  General purpose circuits are always origin circuits. */
1066 
1067  origin_circ = CONST_TO_ORIGIN_CIRCUIT(circ);
1068  if (origin_circ->unusable_for_new_conns)
1069  return 0;
1070 
1071  build_state = origin_circ->build_state;
1072  if (build_state->onehop_tunnel)
1073  return 0;
1074 
1075  return 1;
1076 }
1077 
1078 /* Return true if we need any more exit circuits.
1079  * needs_uptime and needs_capacity are set only if we need more exit circuits.
1080  * Check if we know of a port that's been requested recently and no circuit
1081  * is currently available that can handle it. */
1082 STATIC int
1083 needs_exit_circuits(time_t now, int *needs_uptime, int *needs_capacity)
1084 {
1085  return (!circuit_all_predicted_ports_handled(now, needs_uptime,
1086  needs_capacity) &&
1087  router_have_consensus_path() == CONSENSUS_PATH_EXIT);
1088 }
1089 
1090 /* Hidden services need at least this many internal circuits */
1091 #define SUFFICIENT_UPTIME_INTERNAL_HS_SERVERS 3
1092 
1093 /* Return true if we need any more hidden service server circuits.
1094  * HS servers only need an internal circuit. */
1095 STATIC int
1096 needs_hs_server_circuits(time_t now, int num_uptime_internal)
1097 {
1098  if (!hs_service_get_num_services()) {
1099  /* No services, we don't need anything. */
1100  goto no_need;
1101  }
1102 
1103  if (num_uptime_internal >= SUFFICIENT_UPTIME_INTERNAL_HS_SERVERS) {
1104  /* We have sufficient amount of internal circuit. */
1105  goto no_need;
1106  }
1107 
1108  if (router_have_consensus_path() == CONSENSUS_PATH_UNKNOWN) {
1109  /* Consensus hasn't been checked or might be invalid so requesting
1110  * internal circuits is not wise. */
1111  goto no_need;
1112  }
1113 
1114  /* At this point, we need a certain amount of circuits and we will most
1115  * likely use them for rendezvous so we note down the use of internal
1116  * circuit for our prediction for circuit needing uptime and capacity. */
1117  rep_hist_note_used_internal(now, 1, 1);
1118 
1119  return 1;
1120  no_need:
1121  return 0;
1122 }
1123 
1124 /* We need at least this many internal circuits for hidden service clients */
1125 #define SUFFICIENT_INTERNAL_HS_CLIENTS 3
1126 
1127 /* We need at least this much uptime for internal circuits for hidden service
1128  * clients */
1129 #define SUFFICIENT_UPTIME_INTERNAL_HS_CLIENTS 2
1130 
1131 /* Return true if we need any more hidden service client circuits.
1132  * HS clients only need an internal circuit. */
1133 STATIC int
1134 needs_hs_client_circuits(time_t now, int *needs_uptime, int *needs_capacity,
1135  int num_internal, int num_uptime_internal)
1136 {
1137  int used_internal_recently = rep_hist_get_predicted_internal(now,
1138  needs_uptime,
1139  needs_capacity);
1140  int requires_uptime = num_uptime_internal <
1141  SUFFICIENT_UPTIME_INTERNAL_HS_CLIENTS &&
1142  needs_uptime;
1143 
1144  return (used_internal_recently &&
1145  (requires_uptime || num_internal < SUFFICIENT_INTERNAL_HS_CLIENTS) &&
1146  router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN);
1147 }
1148 
1149 /* This is how many circuits can be opened concurrently during the cbt learning
1150  * phase. This number cannot exceed the tor-wide MAX_UNUSED_OPEN_CIRCUITS. */
1151 #define DFLT_CBT_UNUSED_OPEN_CIRCS (10)
1152 #define MIN_CBT_UNUSED_OPEN_CIRCS 0
1153 #define MAX_CBT_UNUSED_OPEN_CIRCS MAX_UNUSED_OPEN_CIRCUITS
1154 
1155 /* Return true if we need more circuits for a good build timeout.
1156  * XXXX make the assumption that build timeout streams should be
1157  * created whenever we can build internal circuits. */
1158 STATIC int
1159 needs_circuits_for_build(int num)
1160 {
1161  if (router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN) {
1162  if (num < networkstatus_get_param(NULL, "cbtmaxopencircs",
1163  DFLT_CBT_UNUSED_OPEN_CIRCS,
1164  MIN_CBT_UNUSED_OPEN_CIRCS,
1165  MAX_CBT_UNUSED_OPEN_CIRCS) &&
1168  return 1;
1169  }
1170  }
1171  return 0;
1172 }
1173 
1174 /** Determine how many circuits we have open that are clean,
1175  * Make sure it's enough for all the upcoming behaviors we predict we'll have.
1176  * But put an upper bound on the total number of circuits.
1177  */
1178 static void
1180 {
1181  int num=0, num_internal=0, num_uptime_internal=0;
1182  int hidserv_needs_uptime=0, hidserv_needs_capacity=1;
1183  int port_needs_uptime=0, port_needs_capacity=1;
1184  time_t now = time(NULL);
1185  int flags = 0;
1186 
1187  /* Count how many of each type of circuit we currently have. */
1189  if (!circuit_is_available_for_use(circ))
1190  continue;
1191 
1192  num++;
1193 
1194  cpath_build_state_t *build_state = TO_ORIGIN_CIRCUIT(circ)->build_state;
1195  if (build_state->is_internal)
1196  num_internal++;
1197  if (build_state->need_uptime && build_state->is_internal)
1198  num_uptime_internal++;
1199  }
1200  SMARTLIST_FOREACH_END(circ);
1201 
1202  /* If that's enough, then stop now. */
1203  if (num >= MAX_UNUSED_OPEN_CIRCUITS)
1204  return;
1205 
1206  if (needs_exit_circuits(now, &port_needs_uptime, &port_needs_capacity)) {
1207  if (port_needs_uptime)
1208  flags |= CIRCLAUNCH_NEED_UPTIME;
1209  if (port_needs_capacity)
1210  flags |= CIRCLAUNCH_NEED_CAPACITY;
1211 
1212  log_info(LD_CIRC,
1213  "Have %d clean circs (%d internal), need another exit circ.",
1214  num, num_internal);
1216  return;
1217  }
1218 
1219  if (needs_hs_server_circuits(now, num_uptime_internal)) {
1222 
1223  log_info(LD_CIRC,
1224  "Have %d clean circs (%d internal), need another internal "
1225  "circ for my hidden service.",
1226  num, num_internal);
1228  return;
1229  }
1230 
1231  if (needs_hs_client_circuits(now, &hidserv_needs_uptime,
1232  &hidserv_needs_capacity,
1233  num_internal, num_uptime_internal))
1234  {
1235  if (hidserv_needs_uptime)
1236  flags |= CIRCLAUNCH_NEED_UPTIME;
1237  if (hidserv_needs_capacity)
1238  flags |= CIRCLAUNCH_NEED_CAPACITY;
1239  flags |= CIRCLAUNCH_IS_INTERNAL;
1240 
1241  log_info(LD_CIRC,
1242  "Have %d clean circs (%d uptime-internal, %d internal), need"
1243  " another hidden service circ.",
1244  num, num_uptime_internal, num_internal);
1245 
1246  /* Always launch vanguards purpose circuits for HS clients,
1247  * for vanguards-lite. This prevents us from cannibalizing
1248  * to build these circuits (and thus not use vanguards). */
1250  return;
1251  }
1252 
1253  if (needs_circuits_for_build(num)) {
1254  flags = CIRCLAUNCH_NEED_CAPACITY;
1255  /* if there are no exits in the consensus, make timeout
1256  * circuits internal */
1257  if (router_have_consensus_path() == CONSENSUS_PATH_INTERNAL)
1258  flags |= CIRCLAUNCH_IS_INTERNAL;
1259 
1260  log_info(LD_CIRC,
1261  "Have %d clean circs need another buildtime test circ.", num);
1263  return;
1264  }
1265 }
1266 
1267 /** Build a new test circuit every 5 minutes */
1268 #define TESTING_CIRCUIT_INTERVAL 300
1269 
1270 /** This function is called once a second, if router_have_minimum_dir_info()
1271  * is true. Its job is to make sure all services we offer have enough circuits
1272  * available. Some services just want enough circuits for current tasks,
1273  * whereas others want a minimum set of idle circuits hanging around.
1274  */
1275 void
1277 {
1278  const or_options_t *options = get_options();
1279 
1280  /* launch a new circ for any pending streams that need one
1281  * XXXX make the assumption that (some) AP streams (i.e. HS clients)
1282  * don't require an exit circuit, review in #13814.
1283  * This allows HSs to function in a consensus without exits. */
1284  if (router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN)
1286 
1288 
1289  if (!options->DisablePredictedCircuits)
1291 }
1292 
1293 /**
1294  * Called once a second either directly or from
1295  * circuit_build_needed_circs(). As appropriate (once per NewCircuitPeriod)
1296  * resets failure counts and expires old circuits.
1297  */
1298 void
1300 {
1301  static time_t time_to_expire_and_reset = 0;
1302 
1303  if (time_to_expire_and_reset < now) {
1305  time_to_expire_and_reset = now + get_options()->NewCircuitPeriod;
1306  if (proxy_mode(get_options()))
1307  addressmap_clean(now);
1309 
1310 #if 0 /* disable for now, until predict-and-launch-new can cull leftovers */
1311 
1312  /* If we ever re-enable, this has to move into
1313  * circuit_build_needed_circs */
1314 
1315  circ = circuit_get_youngest_clean_open(CIRCUIT_PURPOSE_C_GENERAL);
1316  if (get_options()->RunTesting &&
1317  circ &&
1318  circ->timestamp_began.tv_sec + TESTING_CIRCUIT_INTERVAL < now) {
1319  log_fn(LOG_INFO,"Creating a new testing circuit.");
1321  }
1322 #endif /* 0 */
1323  }
1324 }
1325 
1326 /** If the stream <b>conn</b> is a member of any of the linked
1327  * lists of <b>circ</b>, then remove it from the list.
1328  */
1329 void
1331 {
1332  edge_connection_t *prevconn;
1333 
1334  tor_assert(circ);
1335  tor_assert(conn);
1336 
1337  if (conn->base_.type == CONN_TYPE_AP) {
1338  entry_connection_t *entry_conn = EDGE_TO_ENTRY_CONN(conn);
1339  entry_conn->may_use_optimistic_data = 0;
1340  }
1341  conn->cpath_layer = NULL; /* don't keep a stale pointer */
1342  conn->on_circuit = NULL;
1343 
1344  if (CIRCUIT_IS_ORIGIN(circ)) {
1345  origin_circuit_t *origin_circ = TO_ORIGIN_CIRCUIT(circ);
1346  int removed = 0;
1347  if (conn == origin_circ->p_streams) {
1348  origin_circ->p_streams = conn->next_stream;
1349  removed = 1;
1350  } else {
1351  for (prevconn = origin_circ->p_streams;
1352  prevconn && prevconn->next_stream && prevconn->next_stream != conn;
1353  prevconn = prevconn->next_stream)
1354  ;
1355  if (prevconn && prevconn->next_stream) {
1356  prevconn->next_stream = conn->next_stream;
1357  removed = 1;
1358  }
1359  }
1360  if (removed) {
1361  log_debug(LD_APP, "Removing stream %d from circ %u",
1362  conn->stream_id, (unsigned)circ->n_circ_id);
1363 
1364  /* If the stream was removed, and it was a rend stream, decrement the
1365  * number of streams on the circuit associated with the rend service.
1366  */
1367  if (circ->purpose == CIRCUIT_PURPOSE_S_REND_JOINED) {
1368  hs_dec_rdv_stream_counter(origin_circ);
1369  }
1370 
1371  /* If there are no more streams on this circ, tell circpad */
1372  if (!origin_circ->p_streams)
1374 
1375  return;
1376  }
1377  } else {
1378  or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
1379  if (conn == or_circ->n_streams) {
1380  or_circ->n_streams = conn->next_stream;
1381  return;
1382  }
1383  if (conn == or_circ->resolving_streams) {
1384  or_circ->resolving_streams = conn->next_stream;
1385  return;
1386  }
1387 
1388  for (prevconn = or_circ->n_streams;
1389  prevconn && prevconn->next_stream && prevconn->next_stream != conn;
1390  prevconn = prevconn->next_stream)
1391  ;
1392  if (prevconn && prevconn->next_stream) {
1393  prevconn->next_stream = conn->next_stream;
1394  return;
1395  }
1396 
1397  for (prevconn = or_circ->resolving_streams;
1398  prevconn && prevconn->next_stream && prevconn->next_stream != conn;
1399  prevconn = prevconn->next_stream)
1400  ;
1401  if (prevconn && prevconn->next_stream) {
1402  prevconn->next_stream = conn->next_stream;
1403  return;
1404  }
1405  }
1406 
1407  log_warn(LD_BUG,"Edge connection not in circuit's list.");
1408  /* Don't give an error here; it's harmless. */
1410 }
1411 
1412 /** Find each circuit that has been unused for too long, or dirty
1413  * for too long and has no streams on it: mark it for close.
1414  */
1415 STATIC void
1417 {
1418  struct timeval cutoff, now;
1419 
1420  tor_gettimeofday(&now);
1421  last_expired_clientside_circuits = now.tv_sec;
1422 
1424  if (circ->marked_for_close || !CIRCUIT_IS_ORIGIN(circ))
1425  continue;
1426 
1427  cutoff = now;
1428  cutoff.tv_sec -= TO_ORIGIN_CIRCUIT(circ)->circuit_idle_timeout;
1429 
1430  /* If the circuit has been dirty for too long, and there are no streams
1431  * on it, mark it for close.
1432  */
1433  if (circ->timestamp_dirty &&
1434  circ->timestamp_dirty + get_options()->MaxCircuitDirtiness <
1435  now.tv_sec &&
1436  !TO_ORIGIN_CIRCUIT(circ)->p_streams /* nothing attached */ ) {
1437  log_debug(LD_CIRC, "Closing n_circ_id %u (dirty %ld sec ago, "
1438  "purpose %d)",
1439  (unsigned)circ->n_circ_id,
1440  (long)(now.tv_sec - circ->timestamp_dirty),
1441  circ->purpose);
1442  /* Don't do this magic for testing circuits. Their death is governed
1443  * by circuit_expire_building */
1444  if (circ->purpose != CIRCUIT_PURPOSE_PATH_BIAS_TESTING) {
1445  tor_trace(TR_SUBSYS(circuit), TR_EV(idle_timeout),
1446  TO_ORIGIN_CIRCUIT(circ));
1447  circuit_mark_for_close(circ, END_CIRC_REASON_FINISHED);
1448  }
1449  } else if (!circ->timestamp_dirty && circ->state == CIRCUIT_STATE_OPEN) {
1450  if (timercmp(&circ->timestamp_began, &cutoff, OP_LT)) {
1451  if (circ->purpose == CIRCUIT_PURPOSE_C_GENERAL ||
1452  circ->purpose == CIRCUIT_PURPOSE_C_HSDIR_GET ||
1453  circ->purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
1454  circ->purpose == CIRCUIT_PURPOSE_HS_VANGUARDS ||
1455  circ->purpose == CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT ||
1456  circ->purpose == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO ||
1457  circ->purpose == CIRCUIT_PURPOSE_TESTING ||
1458  circ->purpose == CIRCUIT_PURPOSE_C_CIRCUIT_PADDING ||
1459  (circ->purpose >= CIRCUIT_PURPOSE_C_INTRODUCING &&
1460  circ->purpose <= CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED) ||
1461  circ->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) {
1462  log_info(LD_CIRC,
1463  "Closing circuit %"PRIu32
1464  " that has been unused for %ld msec.",
1465  TO_ORIGIN_CIRCUIT(circ)->global_identifier,
1466  tv_mdiff(&circ->timestamp_began, &now));
1467  tor_trace(TR_SUBSYS(circuit), TR_EV(idle_timeout),
1468  TO_ORIGIN_CIRCUIT(circ));
1469  circuit_mark_for_close(circ, END_CIRC_REASON_FINISHED);
1470  } else if (!TO_ORIGIN_CIRCUIT(circ)->is_ancient) {
1471  /* Server-side rend joined circuits can end up really old, because
1472  * they are reused by clients for longer than normal. The client
1473  * controls their lifespan. (They never become dirty, because
1474  * connection_exit_begin_conn() never marks anything as dirty.)
1475  * Similarly, server-side intro circuits last a long time. */
1476  if (circ->purpose != CIRCUIT_PURPOSE_S_REND_JOINED &&
1477  circ->purpose != CIRCUIT_PURPOSE_S_INTRO) {
1478  log_notice(LD_CIRC,
1479  "Ancient non-dirty circuit %d is still around after "
1480  "%ld milliseconds. Purpose: %d (%s)",
1481  TO_ORIGIN_CIRCUIT(circ)->global_identifier,
1482  tv_mdiff(&circ->timestamp_began, &now),
1483  circ->purpose,
1484  circuit_purpose_to_string(circ->purpose));
1485  TO_ORIGIN_CIRCUIT(circ)->is_ancient = 1;
1486  }
1487  }
1488  }
1489  }
1490  } SMARTLIST_FOREACH_END(circ);
1491 }
1492 
1493 /** How long do we wait before killing circuits with the properties
1494  * described below?
1495  *
1496  * Probably we could choose a number here as low as 5 to 10 seconds,
1497  * since these circs are used for begindir, and a) generally you either
1498  * ask another begindir question right after or you don't for a long time,
1499  * b) clients at least through 0.2.1.x choose from the whole set of
1500  * directory mirrors at each choice, and c) re-establishing a one-hop
1501  * circuit via create-fast is a light operation assuming the TLS conn is
1502  * still there.
1503  *
1504  * I expect "b" to go away one day when we move to using directory
1505  * guards, but I think "a" and "c" are good enough reasons that a low
1506  * number is safe even then.
1507  */
1508 #define IDLE_ONE_HOP_CIRC_TIMEOUT 60
1509 
1510 /** Find each non-origin circuit that has been unused for too long,
1511  * has no streams on it, came from a client, and ends here: mark it
1512  * for close.
1513  */
1514 void
1516 {
1517  or_circuit_t *or_circ;
1518  time_t cutoff = now - IDLE_ONE_HOP_CIRC_TIMEOUT;
1519 
1521  if (circ->marked_for_close || CIRCUIT_IS_ORIGIN(circ))
1522  continue;
1523  or_circ = TO_OR_CIRCUIT(circ);
1524  /* If the circuit has been idle for too long, and there are no streams
1525  * on it, and it ends here, and it used a create_fast, mark it for close.
1526  *
1527  * Also if there is a rend_splice on it, it's a single onion service
1528  * circuit and we should not close it.
1529  */
1530  if (or_circ->p_chan && channel_is_client(or_circ->p_chan) &&
1531  !circ->n_chan &&
1532  !or_circ->n_streams && !or_circ->resolving_streams &&
1533  !or_circ->rend_splice &&
1534  channel_when_last_xmit(or_circ->p_chan) <= cutoff) {
1535  log_info(LD_CIRC, "Closing circ_id %u (empty %d secs ago)",
1536  (unsigned)or_circ->p_circ_id,
1537  (int)(now - channel_when_last_xmit(or_circ->p_chan)));
1538  circuit_mark_for_close(circ, END_CIRC_REASON_FINISHED);
1539  }
1540  }
1541  SMARTLIST_FOREACH_END(circ);
1542 }
1543 
1544 /** Number of testing circuits we want open before testing our bandwidth. */
1545 #define NUM_PARALLEL_TESTING_CIRCS 4
1546 
1547 /** True iff we've ever had enough testing circuits open to test our
1548  * bandwidth. */
1550 
1551 /** Reset have_performed_bandwidth_test, so we'll start building
1552  * testing circuits again so we can exercise our bandwidth. */
1553 void
1555 {
1557 }
1558 
1559 /** Return 1 if we've already exercised our bandwidth, or if we
1560  * have fewer than NUM_PARALLEL_TESTING_CIRCS testing circuits
1561  * established or on the way. Else return 0.
1562  */
1563 int
1565 {
1566  int num = 0;
1567 
1569  return 1;
1570 
1572  if (!circ->marked_for_close && CIRCUIT_IS_ORIGIN(circ) &&
1573  circ->purpose == CIRCUIT_PURPOSE_TESTING &&
1574  circ->state == CIRCUIT_STATE_OPEN)
1575  num++;
1576  }
1577  SMARTLIST_FOREACH_END(circ);
1578  return num >= NUM_PARALLEL_TESTING_CIRCS;
1579 }
1580 
1581 /** A testing circuit has completed. Take whatever stats we want.
1582  * Noticing reachability is taken care of in onionskin_answer(),
1583  * so there's no need to record anything here. But if we still want
1584  * to do the bandwidth test, and we now have enough testing circuits
1585  * open, do it.
1586  */
1587 static void
1589 {
1592  /* either we've already done everything we want with testing circuits,
1593  * OR this IPv4 testing circuit became open due to a fluke, e.g. we picked
1594  * a last hop where we already had the connection open due to a
1595  * outgoing local circuit, OR this is an IPv6 self-test circuit, not
1596  * a bandwidth test circuit. */
1597  circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_AT_ORIGIN);
1598  } else if (circuit_enough_testing_circs()) {
1601  } else {
1603  }
1604 }
1605 
1606 /** A testing circuit has failed to build. Take whatever stats we want. */
1607 static void
1609 {
1610  const or_options_t *options = get_options();
1611  if (server_mode(options) &&
1612  router_all_orports_seem_reachable(options))
1613  return;
1614 
1615  log_info(LD_GENERAL,
1616  "Our testing circuit (to see if your ORPort is reachable) "
1617  "has failed. I'll try again later.");
1618 
1619  /* These aren't used yet. */
1620  (void)circ;
1621  (void)at_last_hop;
1622 }
1623 
1624 /** The circuit <b>circ</b> has just become open. Take the next
1625  * step: for rendezvous circuits, we pass circ to the appropriate
1626  * function in rendclient or rendservice. For general circuits, we
1627  * call connection_ap_attach_pending, which looks for pending streams
1628  * that could use circ.
1629  */
1630 void
1632 {
1633  tor_trace(TR_SUBSYS(circuit), TR_EV(opened), circ);
1634  circuit_event_status(circ, CIRC_EVENT_BUILT, 0);
1635 
1636  /* Remember that this circuit has finished building. Now if we start
1637  * it building again later (e.g. by extending it), we will know not
1638  * to consider its build time. */
1639  circ->has_opened = 1;
1640 
1641  switch (TO_CIRCUIT(circ)->purpose) {
1644  /* Start building an intro circ if we don't have one yet. */
1646  /* This isn't a call to circuit_try_attaching_streams because a
1647  * circuit in _C_ESTABLISH_REND state isn't connected to its
1648  * hidden service yet, thus we can't attach streams to it yet,
1649  * thus circuit_try_attaching_streams would always clear the
1650  * circuit's isolation state. circuit_try_attaching_streams is
1651  * called later, when the rend circ enters _C_REND_JOINED
1652  * state. */
1653  break;
1656  break;
1660  /* Tell any AP connections that have been waiting for a new
1661  * circuit that one is ready. */
1663  break;
1665  /* at the service, waiting for introductions */
1667  break;
1669  /* at the service, connecting to rend point */
1671  break;
1673  circuit_testing_opened(circ);
1674  break;
1675  /* default:
1676  * This won't happen in normal operation, but might happen if the
1677  * controller did it. Just let it slide. */
1678  }
1679 }
1680 
1681 /** If the stream-isolation state of <b>circ</b> can be cleared, clear
1682  * it. Return non-zero iff <b>circ</b>'s isolation state was cleared. */
1683 static int
1685 {
1686  if (/* The circuit may have become non-open if it was cannibalized.*/
1687  circ->base_.state == CIRCUIT_STATE_OPEN &&
1688  /* If !isolation_values_set, there is nothing to clear. */
1689  circ->isolation_values_set &&
1690  /* It's not legal to clear a circuit's isolation info if it's ever had
1691  * streams attached */
1693  /* If we have any isolation information set on this circuit, and
1694  * we didn't manage to attach any streams to it, then we can
1695  * and should clear it and try again. */
1697  return 1;
1698  } else {
1699  return 0;
1700  }
1701 }
1702 
1703 /** Called when a circuit becomes ready for streams to be attached to
1704  * it. */
1705 void
1707 {
1708  /* Attach streams to this circuit if we can. */
1710 
1711  /* The call to circuit_try_clearing_isolation_state here will do
1712  * nothing and return 0 if we didn't attach any streams to circ
1713  * above. */
1715  /* Maybe *now* we can attach some streams to this circuit. */
1717  }
1718 }
1719 
1720 /** Called whenever a circuit could not be successfully built.
1721  */
1722 void
1724 {
1725  channel_t *n_chan = NULL;
1726  /* we should examine circ and see if it failed because of
1727  * the last hop or an earlier hop. then use this info below.
1728  */
1729  int failed_at_last_hop = 0;
1730 
1731  /* First, check to see if this was a path failure, rather than build
1732  * failure.
1733  *
1734  * Note that we deliberately use circuit_get_cpath_len() (and not
1735  * circuit_get_cpath_opened_len()) because we only want to ensure
1736  * that a full path is *chosen*. This is different than a full path
1737  * being *built*. We only want to count *build* failures below.
1738  *
1739  * Path selection failures can happen spuriously for a number
1740  * of reasons (such as aggressive/invalid user-specified path
1741  * restrictions in the torrc, insufficient microdescriptors, and
1742  * non-user reasons like exitpolicy issues), and so should not be
1743  * counted as failures below.
1744  */
1745  if (circuit_get_cpath_len(circ) < circ->build_state->desired_path_len) {
1746  static ratelim_t pathfail_limit = RATELIM_INIT(3600);
1747  log_fn_ratelim(&pathfail_limit, LOG_NOTICE, LD_CIRC,
1748  "Our circuit %u (id: %" PRIu32 ") died due to an invalid "
1749  "selected path, purpose %s. This may be a torrc "
1750  "configuration issue, or a bug.",
1751  TO_CIRCUIT(circ)->n_circ_id, circ->global_identifier,
1752  circuit_purpose_to_string(TO_CIRCUIT(circ)->purpose));
1753 
1754  /* If the path failed on an RP, retry it. */
1755  if (TO_CIRCUIT(circ)->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) {
1757  HS_METRICS_ERR_RDV_PATH);
1759  }
1760 
1761  /* In all other cases, just bail. The rest is just failure accounting
1762  * that we don't want to do */
1763  return;
1764  }
1765 
1766  /* If the last hop isn't open, and the second-to-last is, we failed
1767  * at the last hop. */
1768  if (circ->cpath &&
1769  circ->cpath->prev->state != CPATH_STATE_OPEN &&
1770  circ->cpath->prev->prev->state == CPATH_STATE_OPEN) {
1771  failed_at_last_hop = 1;
1772  }
1773 
1774  /* Check if we failed at first hop */
1775  if (circ->cpath &&
1776  circ->cpath->state != CPATH_STATE_OPEN &&
1777  ! circ->base_.received_destroy) {
1778  /* We failed at the first hop for some reason other than a DESTROY cell.
1779  * If there's an OR connection to blame, blame it. Also, avoid this relay
1780  * for a while, and fail any one-hop directory fetches destined for it. */
1781  const char *n_chan_ident = circ->cpath->extend_info->identity_digest;
1782  tor_assert(n_chan_ident);
1783  int already_marked = 0;
1784  if (circ->base_.n_chan) {
1785  n_chan = circ->base_.n_chan;
1786 
1787  if (n_chan->is_bad_for_new_circs) {
1788  /* We only want to blame this router when a fresh healthy
1789  * connection fails. So don't mark this router as newly failed,
1790  * since maybe this was just an old circuit attempt that's
1791  * finally timing out now. Also, there's no need to blow away
1792  * circuits/streams/etc, since the failure of an unhealthy conn
1793  * doesn't tell us much about whether a healthy conn would
1794  * succeed. */
1795  already_marked = 1;
1796  }
1797  log_info(LD_OR,
1798  "Our circuit %u (id: %" PRIu32 ") failed to get a response "
1799  "from the first hop (%s). I'm going to try to rotate to a "
1800  "better connection.",
1801  TO_CIRCUIT(circ)->n_circ_id, circ->global_identifier,
1802  channel_describe_peer(n_chan));
1803  n_chan->is_bad_for_new_circs = 1;
1804  } else {
1805  log_info(LD_OR,
1806  "Our circuit %u (id: %" PRIu32 ") died before the first hop "
1807  "with no connection",
1808  TO_CIRCUIT(circ)->n_circ_id, circ->global_identifier);
1809  }
1810  if (!already_marked) {
1811  /*
1812  * If we have guard state (new guard API) and our path selection
1813  * code actually chose a full path, then blame the failure of this
1814  * circuit on the guard.
1815  */
1816  if (circ->guard_state)
1818  /* if there are any one-hop streams waiting on this circuit, fail
1819  * them now so they can retry elsewhere. */
1820  connection_ap_fail_onehop(n_chan_ident, circ->build_state);
1821  }
1822  }
1823 
1824  switch (circ->base_.purpose) {
1828  /* If we never built the circuit, note it as a failure. */
1830  if (failed_at_last_hop) {
1831  /* Make sure any streams that demand our last hop as their exit
1832  * know that it's unlikely to happen. */
1834  }
1835  break;
1837  circuit_testing_failed(circ, failed_at_last_hop);
1838  break;
1840  /* at the service, waiting for introductions */
1841  if (circ->base_.state != CIRCUIT_STATE_OPEN) {
1843  }
1844  /* no need to care here, because the service will rebuild intro
1845  * points periodically. */
1846  break;
1848  /* at the client, connecting to intro point */
1849  /* Don't increment failure count, since the service may have picked
1850  * the introduction point maliciously */
1851  /* The client will pick a new intro point when this one dies, if
1852  * the stream in question still cares. No need to act here. */
1853  break;
1855  /* at the client, waiting for the service */
1857  /* the client will pick a new rend point when this one dies, if
1858  * the stream in question still cares. No need to act here. */
1859  break;
1861  /* at the service, connecting to rend point */
1862  /* Don't increment failure count, since the client may have picked
1863  * the rendezvous point maliciously */
1864  log_info(LD_REND,
1865  "Couldn't connect to the client's chosen rend point %s "
1866  "(%s hop failed).",
1868  failed_at_last_hop?"last":"non-last");
1869 
1871  HS_METRICS_ERR_RDV_RP_CONN_FAILURE);
1873  break;
1874  /* default:
1875  * This won't happen in normal operation, but might happen if the
1876  * controller did it. Just let it slide. */
1877  }
1878 }
1879 
1880 /** Number of consecutive failures so far; should only be touched by
1881  * circuit_launch_new and circuit_*_failure_count.
1882  */
1883 static int n_circuit_failures = 0;
1884 /** Before the last time we called circuit_reset_failure_count(), were
1885  * there a lot of failures? */
1887 
1888 /** Don't retry launching a new circuit if we try this many times with no
1889  * success. */
1890 #define MAX_CIRCUIT_FAILURES 5
1891 
1892 /** Launch a new circuit; see circuit_launch_by_extend_info() for
1893  * details on arguments. */
1895 circuit_launch(uint8_t purpose, int flags)
1896 {
1897  return circuit_launch_by_extend_info(purpose, NULL, flags);
1898 }
1899 
1900 /* Do we have enough descriptors to build paths?
1901  * If need_exit is true, return 1 if we can build exit paths.
1902  * (We need at least one Exit in the consensus to build exit paths.)
1903  * If need_exit is false, return 1 if we can build internal paths.
1904  */
1905 static int
1906 have_enough_path_info(int need_exit)
1907 {
1908  if (need_exit)
1909  return router_have_consensus_path() == CONSENSUS_PATH_EXIT;
1910  else
1911  return router_have_consensus_path() != CONSENSUS_PATH_UNKNOWN;
1912 }
1913 
1914 /**
1915  * Tell us if a circuit is a hidden service circuit.
1916  */
1917 int
1919 {
1920  /* HS Vanguard purpose. */
1921  if (circuit_purpose_is_hs_vanguards(purpose)) {
1922  return 1;
1923  }
1924 
1925  /* Client-side purpose */
1926  if (circuit_purpose_is_hs_client(purpose)) {
1927  return 1;
1928  }
1929 
1930  /* Service-side purpose */
1931  if (circuit_purpose_is_hs_service(purpose)) {
1932  return 1;
1933  }
1934 
1935  return 0;
1936 }
1937 
1938 /** Return true iff the given circuit is an HS client circuit. */
1939 bool
1940 circuit_purpose_is_hs_client(const uint8_t purpose)
1941 {
1942  return (purpose >= CIRCUIT_PURPOSE_C_HS_MIN_ &&
1943  purpose <= CIRCUIT_PURPOSE_C_HS_MAX_);
1944 }
1945 
1946 /** Return true iff the given circuit is an HS service circuit. */
1947 bool
1948 circuit_purpose_is_hs_service(const uint8_t purpose)
1949 {
1950  return (purpose >= CIRCUIT_PURPOSE_S_HS_MIN_ &&
1951  purpose <= CIRCUIT_PURPOSE_S_HS_MAX_);
1952 }
1953 
1954 /** Return true iff the given circuit is an HS Vanguards circuit. */
1955 bool
1956 circuit_purpose_is_hs_vanguards(const uint8_t purpose)
1957 {
1958  return (purpose == CIRCUIT_PURPOSE_HS_VANGUARDS);
1959 }
1960 
1961 /** Return true iff the given circuit is an HS v3 circuit. */
1962 bool
1964 {
1965  return (CIRCUIT_IS_ORIGIN(circ) &&
1966  (CONST_TO_ORIGIN_CIRCUIT(circ)->hs_ident != NULL));
1967 }
1968 
1969 /**
1970  * Return true if this circuit purpose should use vanguards
1971  * or pinned Layer2 or Layer3 guards.
1972  *
1973  * This function takes both the circuit purpose and the
1974  * torrc options for pinned middles/vanguards into account
1975  * (ie: the circuit must be a hidden service circuit and
1976  * vanguards/pinned middles must be enabled for it to return
1977  * true).
1978  */
1979 int
1981 {
1982  /* All hidden service circuits use either vanguards or
1983  * vanguards-lite. */
1984  if (circuit_purpose_is_hidden_service(purpose))
1985  return 1;
1986 
1987  /* Everything else is a normal circuit */
1988  return 0;
1989 }
1990 
1991 /**
1992  * Return true for the set of conditions for which it is OK to use
1993  * a cannibalized circuit.
1994  *
1995  * Don't cannibalize for onehops, or certain purposes.
1996  */
1997 static int
1998 circuit_should_cannibalize_to_build(uint8_t purpose_to_build,
1999  int has_extend_info,
2000  int onehop_tunnel)
2001 {
2002 
2003  /* Do not try to cannibalize if this is a one hop circuit. */
2004  if (onehop_tunnel) {
2005  return 0;
2006  }
2007 
2008  /* Don't try to cannibalize for general purpose circuits that do not
2009  * specify a custom exit. */
2010  if (purpose_to_build == CIRCUIT_PURPOSE_C_GENERAL && !has_extend_info) {
2011  return 0;
2012  }
2013 
2014  /* Don't cannibalize for testing circuits. We want to see if they
2015  * complete normally. Also don't cannibalize for vanguard-purpose
2016  * circuits, since those are specially pre-built for later
2017  * cannibalization by the actual specific circuit types that need
2018  * vanguards.
2019  */
2020  if (purpose_to_build == CIRCUIT_PURPOSE_TESTING ||
2021  purpose_to_build == CIRCUIT_PURPOSE_HS_VANGUARDS) {
2022  return 0;
2023  }
2024 
2025  /* The server-side intro circ is not cannibalized because it only
2026  * needs a 3 hop circuit. It is also long-lived, so it is more
2027  * important that it have lower latency than get built fast.
2028  */
2029  if (purpose_to_build == CIRCUIT_PURPOSE_S_ESTABLISH_INTRO) {
2030  return 0;
2031  }
2032 
2033  return 1;
2034 }
2035 
2036 /** Launch a new circuit with purpose <b>purpose</b> and exit node
2037  * <b>extend_info</b> (or NULL to select a random exit node).
2038  *
2039  * If flags contains:
2040  * - CIRCLAUNCH_ONEHOP_TUNNEL: the circuit will have only one hop;
2041  * - CIRCLAUNCH_NEED_UPTIME: choose routers with high uptime;
2042  * - CIRCLAUNCH_NEED_CAPACITY: choose routers with high bandwidth;
2043  * - CIRCLAUNCH_IS_IPV6_SELFTEST: the second-last hop must support IPv6
2044  * extends;
2045  * - CIRCLAUNCH_IS_INTERNAL: the last hop need not be an exit node;
2046  * - CIRCLAUNCH_IS_V3_RP: the last hop must support v3 onion service
2047  * rendezvous.
2048  *
2049  * Return the newly allocated circuit on success, or NULL on failure. */
2052  extend_info_t *extend_info,
2053  int flags)
2054 {
2055  origin_circuit_t *circ;
2056  int onehop_tunnel = (flags & CIRCLAUNCH_ONEHOP_TUNNEL) != 0;
2057  int have_path = have_enough_path_info(! (flags & CIRCLAUNCH_IS_INTERNAL) );
2058 
2059  /* Keep some stats about our attempts to launch HS rendezvous circuits */
2060  if (purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) {
2062  }
2063 
2064  if (!onehop_tunnel && (!router_have_minimum_dir_info() || !have_path)) {
2065  log_debug(LD_CIRC,"Haven't %s yet; canceling "
2066  "circuit launch.",
2068  "fetched enough directory info" :
2069  "received a consensus with exits");
2070  return NULL;
2071  }
2072 
2073  /* If we can/should cannibalize another circuit to build this one,
2074  * then do so. */
2076  extend_info != NULL,
2077  onehop_tunnel)) {
2078  /* see if there are appropriate circs available to cannibalize. */
2079  /* XXX if we're planning to add a hop, perhaps we want to look for
2080  * internal circs rather than exit circs? -RD */
2081  circ = circuit_find_to_cannibalize(purpose, extend_info, flags);
2082  if (circ) {
2083  uint8_t old_purpose = circ->base_.purpose;
2084  struct timeval old_timestamp_began = circ->base_.timestamp_began;
2085 
2086  log_info(LD_CIRC, "Cannibalizing circ %u (id: %" PRIu32 ") for "
2087  "purpose %d (%s)",
2088  TO_CIRCUIT(circ)->n_circ_id, circ->global_identifier, purpose,
2089  circuit_purpose_to_string(purpose));
2090 
2091  if ((purpose == CIRCUIT_PURPOSE_S_CONNECT_REND ||
2092  purpose == CIRCUIT_PURPOSE_C_INTRODUCING) &&
2094  /* Path bias: Cannibalized rends pre-emptively count as a
2095  * successfully built but unused closed circuit. We don't
2096  * wait until the extend (or the close) because the rend
2097  * point could be malicious.
2098  *
2099  * Same deal goes for client side introductions. Clients
2100  * can be manipulated to connect repeatedly to them
2101  * (especially web clients).
2102  *
2103  * If we decide to probe the initial portion of these circs,
2104  * (up to the adversary's final hop), we need to remove this,
2105  * or somehow mark the circuit with a special path state.
2106  */
2107 
2108  /* This must be called before the purpose change */
2109  pathbias_check_close(circ, END_CIRC_REASON_FINISHED);
2110  }
2111 
2112  circuit_change_purpose(TO_CIRCUIT(circ), purpose);
2113  /* Reset the start date of this circ, else expire_building
2114  * will see it and think it's been trying to build since it
2115  * began.
2116  *
2117  * Technically, the code should reset this when the
2118  * create cell is finally sent, but we're close enough
2119  * here. */
2120  tor_gettimeofday(&circ->base_.timestamp_began);
2121 
2122  control_event_circuit_cannibalized(circ, old_purpose,
2123  &old_timestamp_began);
2124 
2125  switch (purpose) {
2127  /* it's ready right now */
2128  break;
2135  /* need to add a new hop */
2136  tor_assert(extend_info);
2137  if (circuit_extend_to_new_exit(circ, extend_info) < 0)
2138  return NULL;
2139  break;
2140  default:
2141  log_warn(LD_BUG,
2142  "unexpected purpose %d when cannibalizing a circ.",
2143  purpose);
2145  return NULL;
2146  }
2147 
2148  tor_trace(TR_SUBSYS(circuit), TR_EV(cannibalized), circ);
2149  return circ;
2150  }
2151  }
2152 
2155  /* too many failed circs in a row. don't try. */
2156 // log_fn(LOG_INFO,"%d failures so far, not trying.",n_circuit_failures);
2157  return NULL;
2158  }
2159 
2160  /* try a circ. if it fails, circuit_mark_for_close will increment
2161  * n_circuit_failures */
2162  return circuit_establish_circuit(purpose, extend_info, flags);
2163 }
2164 
2165 /** Record another failure at opening a general circuit. When we have
2166  * too many, we'll stop trying for the remainder of this minute.
2167  */
2168 static void
2170 {
2172  log_debug(LD_CIRC,"n_circuit_failures now %d.",n_circuit_failures);
2173 }
2174 
2175 /** Reset the failure count for opening general circuits. This means
2176  * we will try MAX_CIRCUIT_FAILURES times more (if necessary) before
2177  * stopping again.
2178  */
2179 void
2181 {
2184  else
2186  n_circuit_failures = 0;
2187 }
2188 
2189 /** Find an open circ that we're happy to use for <b>conn</b> and return 1. If
2190  * there isn't one, and there isn't one on the way, launch one and return
2191  * 0. If it will never work, return -1.
2192  *
2193  * Write the found or in-progress or launched circ into *circp.
2194  */
2195 static int
2197  uint8_t desired_circuit_purpose,
2198  origin_circuit_t **circp)
2199 {
2200  origin_circuit_t *circ;
2201  int check_exit_policy;
2202  int need_uptime, need_internal;
2203  int want_onehop;
2204  const or_options_t *options = get_options();
2205 
2206  tor_assert(conn);
2207  tor_assert(circp);
2208  if (ENTRY_TO_CONN(conn)->state != AP_CONN_STATE_CIRCUIT_WAIT) {
2209  connection_t *c = ENTRY_TO_CONN(conn);
2210  log_err(LD_BUG, "Connection state mismatch: wanted "
2211  "AP_CONN_STATE_CIRCUIT_WAIT, but got %d (%s)",
2212  c->state, conn_state_to_string(c->type, c->state));
2213  }
2215 
2216  /* Will the exit policy of the exit node apply to this stream? */
2217  check_exit_policy =
2219  !conn->use_begindir &&
2221 
2222  /* Does this connection want a one-hop circuit? */
2223  want_onehop = conn->want_onehop;
2224 
2225  /* Do we need a high-uptime circuit? */
2226  need_uptime = !conn->want_onehop && !conn->use_begindir &&
2228  conn->socks_request->port);
2229 
2230  /* Do we need an "internal" circuit? */
2231  if (desired_circuit_purpose != CIRCUIT_PURPOSE_C_GENERAL)
2232  need_internal = 1;
2233  else if (conn->use_begindir || conn->want_onehop)
2234  need_internal = 1;
2235  else
2236  need_internal = 0;
2237 
2238  /* We now know what kind of circuit we need. See if there is an
2239  * open circuit that we can use for this stream */
2240  circ = circuit_get_best(conn, 1 /* Insist on open circuits */,
2241  desired_circuit_purpose,
2242  need_uptime, need_internal);
2243 
2244  if (circ) {
2245  /* We got a circuit that will work for this stream! We can return it. */
2246  *circp = circ;
2247  return 1; /* we're happy */
2248  }
2249 
2250  /* Okay, there's no circuit open that will work for this stream. Let's
2251  * see if there's an in-progress circuit or if we have to launch one */
2252 
2253  /* Do we know enough directory info to build circuits at all? */
2254  int have_path = have_enough_path_info(!need_internal);
2255 
2256  if (!want_onehop && (!router_have_minimum_dir_info() || !have_path)) {
2257  /* If we don't have enough directory information, we can't build
2258  * multihop circuits.
2259  */
2261  int severity = LOG_NOTICE;
2262  /* Retry some stuff that might help the connection work. */
2263  /* If we are configured with EntryNodes or UseBridges */
2264  if (entry_list_is_constrained(options)) {
2265  /* Retry all our guards / bridges.
2266  * guards_retry_optimistic() always returns true here. */
2267  int rv = guards_retry_optimistic(options);
2268  tor_assert_nonfatal_once(rv);
2269  log_fn(severity, LD_APP|LD_DIR,
2270  "Application request when we haven't %s. "
2271  "Optimistically trying known %s again.",
2273  "used client functionality lately" :
2274  "received a consensus with exits",
2275  options->UseBridges ? "bridges" : "entrynodes");
2276  } else {
2277  /* Getting directory documents doesn't help much if we have a limited
2278  * number of guards */
2279  tor_assert_nonfatal(!options->UseBridges);
2280  tor_assert_nonfatal(!options->EntryNodes);
2281  /* Retry our directory fetches, so we have a fresh set of guard info */
2282  log_fn(severity, LD_APP|LD_DIR,
2283  "Application request when we haven't %s. "
2284  "Optimistically trying directory fetches again.",
2286  "used client functionality lately" :
2287  "received a consensus with exits");
2289  }
2290  }
2291  /* Since we didn't have enough directory info, we can't attach now. The
2292  * stream will be dealt with when router_have_minimum_dir_info becomes 1,
2293  * or when all directory attempts fail and directory_all_unreachable()
2294  * kills it.
2295  */
2296  return 0;
2297  }
2298 
2299  /* Check whether the exit policy of the chosen exit, or the exit policies
2300  * of _all_ nodes, would forbid this node. */
2301  if (check_exit_policy) {
2302  if (!conn->chosen_exit_name) {
2303  struct in_addr in;
2304  tor_addr_t addr, *addrp=NULL;
2305  if (tor_inet_aton(conn->socks_request->address, &in)) {
2306  tor_addr_from_in(&addr, &in);
2307  addrp = &addr;
2308  }
2310  conn->socks_request->port,
2311  need_uptime)) {
2312  log_notice(LD_APP,
2313  "No Tor server allows exit to %s:%d. Rejecting.",
2314  safe_str_client(conn->socks_request->address),
2315  conn->socks_request->port);
2316  return -1;
2317  }
2318  } else {
2319  /* XXXX Duplicates checks in connection_ap_handshake_attach_circuit:
2320  * refactor into a single function. */
2321  const node_t *node = node_get_by_nickname(conn->chosen_exit_name, 0);
2322  int opt = conn->chosen_exit_optional;
2323  if (node && !connection_ap_can_use_exit(conn, node)) {
2324  log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP,
2325  "Requested exit point '%s' is excluded or "
2326  "would refuse request. %s.",
2327  conn->chosen_exit_name, opt ? "Trying others" : "Closing");
2328  if (opt) {
2329  conn->chosen_exit_optional = 0;
2330  tor_free(conn->chosen_exit_name);
2331  /* Try again. */
2332  return circuit_get_open_circ_or_launch(conn,
2333  desired_circuit_purpose,
2334  circp);
2335  }
2336  return -1;
2337  }
2338  }
2339  }
2340 
2341  /* Now, check whether there already a circuit on the way that could handle
2342  * this stream. This check matches the one above, but this time we
2343  * do not require that the circuit will work. */
2344  circ = circuit_get_best(conn, 0 /* don't insist on open circuits */,
2345  desired_circuit_purpose,
2346  need_uptime, need_internal);
2347  if (circ)
2348  log_debug(LD_CIRC, "one on the way!");
2349 
2350  if (!circ) {
2351  /* No open or in-progress circuit could handle this stream! We
2352  * will have to launch one!
2353  */
2354 
2355  /* The chosen exit node, if there is one. */
2356  extend_info_t *extend_info=NULL;
2357  const int n_pending = count_pending_general_client_circuits();
2358 
2359  /* Do we have too many pending circuits? */
2360  if (n_pending >= options->MaxClientCircuitsPending) {
2361  static ratelim_t delay_limit = RATELIM_INIT(10*60);
2362  char *m;
2363  if ((m = rate_limit_log(&delay_limit, approx_time()))) {
2364  log_notice(LD_APP, "We'd like to launch a circuit to handle a "
2365  "connection, but we already have %d general-purpose client "
2366  "circuits pending. Waiting until some finish.%s",
2367  n_pending, m);
2368  tor_free(m);
2369  }
2370  return 0;
2371  }
2372 
2373  /* If this is a hidden service trying to start an introduction point,
2374  * handle that case. */
2375  if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT) {
2376  const edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(conn);
2377  /* need to pick an intro point */
2378  extend_info = hs_client_get_random_intro_from_edge(edge_conn);
2379  if (!extend_info) {
2380  log_info(LD_REND, "No intro points: re-fetching service descriptor.");
2381  hs_client_refetch_hsdesc(&edge_conn->hs_ident->identity_pk);
2383  return 0;
2384  }
2385  log_info(LD_REND,"Chose %s as intro point for service",
2386  extend_info_describe(extend_info));
2387  }
2388 
2389  /* If we have specified a particular exit node for our
2390  * connection, then be sure to open a circuit to that exit node.
2391  */
2392  if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_GENERAL ||
2393  desired_circuit_purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
2394  desired_circuit_purpose == CIRCUIT_PURPOSE_C_HSDIR_GET) {
2395  if (conn->chosen_exit_name) {
2396  const node_t *r;
2397  int opt = conn->chosen_exit_optional;
2398  r = node_get_by_nickname(conn->chosen_exit_name, 0);
2399  if (r && node_has_preferred_descriptor(r, conn->want_onehop ? 1 : 0)) {
2400  /* We might want to connect to an IPv6 bridge for loading
2401  descriptors so we use the preferred address rather than
2402  the primary. */
2403  extend_info = extend_info_from_node(r, conn->want_onehop ? 1 : 0,
2404  desired_circuit_purpose == CIRCUIT_PURPOSE_C_GENERAL);
2405  if (!extend_info) {
2406  log_warn(LD_CIRC,"Could not make a one-hop connection to %s. "
2407  "Discarding this circuit.", conn->chosen_exit_name);
2408  return -1;
2409  }
2410  } else { /* ! (r && node_has_preferred_descriptor(...)) */
2411  log_debug(LD_DIR, "considering %d, %s",
2412  want_onehop, conn->chosen_exit_name);
2413  if (want_onehop && conn->chosen_exit_name[0] == '$') {
2414  /* We're asking for a one-hop circuit to a router that
2415  * we don't have a routerinfo about. Make up an extend_info. */
2416  /* XXX prop220: we need to make chosen_exit_name able to
2417  * encode both key formats. This is not absolutely critical
2418  * since this is just for one-hop circuits, but we should
2419  * still get it done */
2420  char digest[DIGEST_LEN];
2421  char *hexdigest = conn->chosen_exit_name+1;
2422  tor_addr_t addr;
2423  if (strlen(hexdigest) < HEX_DIGEST_LEN ||
2424  base16_decode(digest,DIGEST_LEN,
2425  hexdigest,HEX_DIGEST_LEN) != DIGEST_LEN) {
2426  log_info(LD_DIR, "Broken exit digest on tunnel conn. Closing.");
2427  return -1;
2428  }
2429  if (tor_addr_parse(&addr, conn->socks_request->address) < 0) {
2430  log_info(LD_DIR, "Broken address %s on tunnel conn. Closing.",
2432  return -1;
2433  }
2434  /* XXXX prop220 add a workaround for ed25519 ID below*/
2435  extend_info = extend_info_new(conn->chosen_exit_name+1,
2436  digest,
2437  NULL, /* Ed25519 ID */
2438  NULL, NULL, /* onion keys */
2439  &addr, conn->socks_request->port,
2440  NULL,
2441  false);
2442  } else { /* ! (want_onehop && conn->chosen_exit_name[0] == '$') */
2443  /* We will need an onion key for the router, and we
2444  * don't have one. Refuse or relax requirements. */
2445  log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP,
2446  "Requested exit point '%s' is not known. %s.",
2447  conn->chosen_exit_name, opt ? "Trying others" : "Closing");
2448  if (opt) {
2449  conn->chosen_exit_optional = 0;
2450  tor_free(conn->chosen_exit_name);
2451  /* Try again with no requested exit */
2452  return circuit_get_open_circ_or_launch(conn,
2453  desired_circuit_purpose,
2454  circp);
2455  }
2456  return -1;
2457  }
2458  }
2459  }
2460  } /* Done checking for general circutis with chosen exits. */
2461 
2462  /* What purpose do we need to launch this circuit with? */
2463  uint8_t new_circ_purpose;
2464  if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_REND_JOINED)
2465  new_circ_purpose = CIRCUIT_PURPOSE_C_ESTABLISH_REND;
2466  else if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT)
2467  new_circ_purpose = CIRCUIT_PURPOSE_C_INTRODUCING;
2468  else
2469  new_circ_purpose = desired_circuit_purpose;
2470 
2471  /* Determine what kind of a circuit to launch, and actually launch it. */
2472  {
2473  int flags = CIRCLAUNCH_NEED_CAPACITY;
2474  if (want_onehop) flags |= CIRCLAUNCH_ONEHOP_TUNNEL;
2475  if (need_uptime) flags |= CIRCLAUNCH_NEED_UPTIME;
2476  if (need_internal) flags |= CIRCLAUNCH_IS_INTERNAL;
2477 
2478  /* If we are about to pick a v3 RP right now, make sure we pick a
2479  * rendezvous point that supports the v3 protocol! */
2480  if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_REND_JOINED &&
2481  new_circ_purpose == CIRCUIT_PURPOSE_C_ESTABLISH_REND &&
2482  ENTRY_TO_EDGE_CONN(conn)->hs_ident) {
2483  flags |= CIRCLAUNCH_IS_V3_RP;
2484  log_info(LD_GENERAL, "Getting rendezvous circuit to v3 service!");
2485  }
2486 
2487  circ = circuit_launch_by_extend_info(new_circ_purpose, extend_info,
2488  flags);
2489  }
2490 
2491  extend_info_free(extend_info);
2492 
2493  /* Now trigger things that need to happen when we launch circuits */
2494 
2495  if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_GENERAL ||
2496  desired_circuit_purpose == CIRCUIT_PURPOSE_C_HSDIR_GET ||
2497  desired_circuit_purpose == CIRCUIT_PURPOSE_S_HSDIR_POST) {
2498  /* We just caused a circuit to get built because of this stream.
2499  * If this stream has caused a _lot_ of circuits to be built, that's
2500  * a bad sign: we should tell the user. */
2501  if (conn->num_circuits_launched < NUM_CIRCUITS_LAUNCHED_THRESHOLD &&
2502  ++conn->num_circuits_launched == NUM_CIRCUITS_LAUNCHED_THRESHOLD)
2503  log_info(LD_CIRC, "The application request to %s:%d has launched "
2504  "%d circuits without finding one it likes.",
2506  conn->socks_request->port,
2507  conn->num_circuits_launched);
2508  } else {
2509  /* help predict this next time */
2510  rep_hist_note_used_internal(time(NULL), need_uptime, 1);
2511  if (circ) {
2512  const edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(conn);
2513  if (edge_conn->hs_ident) {
2514  circ->hs_ident =
2515  hs_ident_circuit_new(&edge_conn->hs_ident->identity_pk);
2516  }
2517  if (circ->base_.purpose == CIRCUIT_PURPOSE_C_ESTABLISH_REND &&
2518  circ->base_.state == CIRCUIT_STATE_OPEN)
2519  circuit_has_opened(circ);
2520  }
2521  }
2522  } /* endif (!circ) */
2523 
2524  /* We either found a good circuit, or launched a new circuit, or failed to
2525  * do so. Report success, and delay. */
2526 
2527  if (circ) {
2528  /* Mark the circuit with the isolation fields for this connection.
2529  * When the circuit arrives, we'll clear these flags: this is
2530  * just some internal bookkeeping to make sure that we have
2531  * launched enough circuits.
2532  */
2534  } else {
2535  log_info(LD_APP,
2536  "No safe circuit (purpose %d) ready for edge "
2537  "connection; delaying.",
2538  desired_circuit_purpose);
2539  }
2540  *circp = circ;
2541  return 0;
2542 }
2543 
2544 /** Return true iff <b>crypt_path</b> is one of the crypt_paths for
2545  * <b>circ</b>. */
2546 static int
2548 {
2549  crypt_path_t *cpath, *cpath_next = NULL;
2550  for (cpath = circ->cpath; cpath_next != circ->cpath; cpath = cpath_next) {
2551  cpath_next = cpath->next;
2552  if (crypt_path == cpath)
2553  return 1;
2554  }
2555  return 0;
2556 }
2557 
2558 /** Attach the AP stream <b>apconn</b> to circ's linked list of
2559  * p_streams. Also set apconn's cpath_layer to <b>cpath</b>, or to the last
2560  * hop in circ's cpath if <b>cpath</b> is NULL.
2561  */
2562 static void
2564  crypt_path_t *cpath)
2565 {
2566  const node_t *exitnode = NULL;
2567 
2568  /* add it into the linked list of streams on this circuit */
2569  log_debug(LD_APP|LD_CIRC, "attaching new conn to circ. n_circ_id %u.",
2570  (unsigned)circ->base_.n_circ_id);
2571 
2572  /* If this is the first stream on this circuit, tell circpad
2573  * that streams are attached */
2574  if (!circ->p_streams)
2576 
2577  /* reset it, so we can measure circ timeouts */
2578  ENTRY_TO_CONN(apconn)->timestamp_last_read_allowed = time(NULL);
2579  ENTRY_TO_EDGE_CONN(apconn)->next_stream = circ->p_streams;
2580  ENTRY_TO_EDGE_CONN(apconn)->on_circuit = TO_CIRCUIT(circ);
2581  /* assert_connection_ok(conn, time(NULL)); */
2582  circ->p_streams = ENTRY_TO_EDGE_CONN(apconn);
2583 
2585  /* We are attaching a stream to a rendezvous circuit. That means
2586  * that an attempt to connect to a hidden service just
2587  * succeeded. Tell rendclient.c. */
2589  }
2590 
2591  if (cpath) { /* we were given one; use it */
2592  tor_assert(cpath_is_on_circuit(circ, cpath));
2593  } else {
2594  /* use the last hop in the circuit */
2595  tor_assert(circ->cpath);
2596  tor_assert(circ->cpath->prev);
2597  tor_assert(circ->cpath->prev->state == CPATH_STATE_OPEN);
2598  cpath = circ->cpath->prev;
2599  }
2600  ENTRY_TO_EDGE_CONN(apconn)->cpath_layer = cpath;
2601 
2604 
2605  /* Compute the exitnode if possible, for logging below */
2606  if (cpath->extend_info)
2607  exitnode = node_get_by_id(cpath->extend_info->identity_digest);
2608 
2609  /* See if we can use optimistic data on this circuit */
2610  if (circ->base_.purpose == CIRCUIT_PURPOSE_C_GENERAL ||
2611  circ->base_.purpose == CIRCUIT_PURPOSE_C_HSDIR_GET ||
2612  circ->base_.purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
2613  circ->base_.purpose == CIRCUIT_PURPOSE_C_REND_JOINED)
2614  apconn->may_use_optimistic_data = 1;
2615  else
2616  apconn->may_use_optimistic_data = 0;
2617  log_info(LD_APP, "Looks like completed circuit to %s %s allow "
2618  "optimistic data for connection to %s",
2619  (circ->base_.purpose == CIRCUIT_PURPOSE_C_GENERAL ||
2620  circ->base_.purpose == CIRCUIT_PURPOSE_CONTROLLER) ?
2621  /* node_describe() does the right thing if exitnode is NULL */
2622  safe_str_client(node_describe(exitnode)) :
2623  "hidden service",
2624  apconn->may_use_optimistic_data ? "does" : "doesn't",
2625  safe_str_client(apconn->socks_request->address));
2626 }
2627 
2628 /** Return true iff <b>address</b> is matched by one of the entries in
2629  * TrackHostExits. */
2630 int
2631 hostname_in_track_host_exits(const or_options_t *options, const char *address)
2632 {
2633  if (!options->TrackHostExits)
2634  return 0;
2635  SMARTLIST_FOREACH_BEGIN(options->TrackHostExits, const char *, cp) {
2636  if (cp[0] == '.') { /* match end */
2637  if (cp[1] == '\0' ||
2638  !strcasecmpend(address, cp) ||
2639  !strcasecmp(address, &cp[1]))
2640  return 1;
2641  } else if (strcasecmp(cp, address) == 0) {
2642  return 1;
2643  }
2644  } SMARTLIST_FOREACH_END(cp);
2645  return 0;
2646 }
2647 
2648 /** If an exit wasn't explicitly specified for <b>conn</b>, consider saving
2649  * the exit that we *did* choose for use by future connections to
2650  * <b>conn</b>'s destination.
2651  */
2652 static void
2654  const origin_circuit_t *circ)
2655 {
2656  const or_options_t *options = get_options();
2657  char *new_address = NULL;
2658  char fp[HEX_DIGEST_LEN+1];
2659  uint64_t stream_id = 0;
2660 
2661  if (BUG(!conn)) {
2662  return;
2663  }
2664 
2665  stream_id = ENTRY_TO_CONN(conn)->global_identifier;
2666 
2667  /* Search the addressmap for this conn's destination. */
2668  /* If they're not in the address map.. */
2669  if (!options->TrackHostExits ||
2671  options->TrackHostExitsExpire))
2672  return; /* nothing to track, or already mapped */
2673 
2674  if (!hostname_in_track_host_exits(options, conn->socks_request->address) ||
2675  !circ->build_state->chosen_exit)
2676  return;
2677 
2678  /* write down the fingerprint of the chosen exit, not the nickname,
2679  * because the chosen exit might not be named. */
2680  base16_encode(fp, sizeof(fp),
2682 
2683  /* Add this exit/hostname pair to the addressmap. */
2684  tor_asprintf(&new_address, "%s.%s.exit",
2685  conn->socks_request->address, fp);
2686 
2687  addressmap_register(conn->socks_request->address, new_address,
2688  time(NULL) + options->TrackHostExitsExpire,
2689  ADDRMAPSRC_TRACKEXIT, 0, 0, stream_id);
2690 }
2691 
2692 /** Attempt to attach the connection <b>conn</b> to <b>circ</b>, and send a
2693  * begin or resolve cell as appropriate. Return values are as for
2694  * connection_ap_handshake_attach_circuit. The stream will exit from the hop
2695  * indicated by <b>cpath</b>, or from the last hop in circ's cpath if
2696  * <b>cpath</b> is NULL. */
2697 int
2699  origin_circuit_t *circ,
2700  crypt_path_t *cpath)
2701 {
2702  connection_t *base_conn = ENTRY_TO_CONN(conn);
2703  tor_assert(conn);
2705  base_conn->state == AP_CONN_STATE_CONTROLLER_WAIT);
2706  tor_assert(conn->socks_request);
2707  tor_assert(circ);
2708  tor_assert(circ->base_.state == CIRCUIT_STATE_OPEN);
2709 
2710  base_conn->state = AP_CONN_STATE_CIRCUIT_WAIT;
2711 
2712  if (!circ->base_.timestamp_dirty ||
2713  ((conn->entry_cfg.isolation_flags & ISO_SOCKSAUTH) &&
2714  (conn->entry_cfg.socks_iso_keep_alive) &&
2715  (conn->socks_request->usernamelen ||
2716  conn->socks_request->passwordlen))) {
2717  /* When stream isolation is in use and controlled by an application
2718  * we are willing to keep using the stream. */
2719  circ->base_.timestamp_dirty = approx_time();
2720  }
2721 
2723 
2724  /* Now, actually link the connection. */
2725  link_apconn_to_circ(conn, circ, cpath);
2726 
2727  tor_assert(conn->socks_request);
2729  if (!conn->use_begindir) {
2730  consider_recording_trackhost(conn, circ);
2731  }
2732  if (connection_ap_handshake_send_begin(conn) < 0)
2733  return -1;
2734  } else {
2736  return -1;
2737  }
2738 
2739  return 1;
2740 }
2741 
2742 /**
2743  * Return an appropriate circuit purpose for non-rend streams.
2744  * We don't handle rends here because a rend stream triggers two
2745  * circuit builds with different purposes, so it is handled elsewhere.
2746  *
2747  * This function just figures out what type of hsdir activity this is,
2748  * and tells us. Everything else is general.
2749  */
2750 static int
2752 {
2753  const connection_t *base_conn = ENTRY_TO_CONN(conn);
2754  tor_assert_nonfatal(!connection_edge_is_rendezvous_stream(
2755  ENTRY_TO_EDGE_CONN(conn)));
2756 
2757  if (base_conn->linked_conn &&
2758  base_conn->linked_conn->type == CONN_TYPE_DIR) {
2759  /* Set a custom purpose for hsdir activity */
2760  if (base_conn->linked_conn->purpose == DIR_PURPOSE_UPLOAD_HSDESC) {
2762  } else if (base_conn->linked_conn->purpose == DIR_PURPOSE_FETCH_HSDESC) {
2764  }
2765  }
2766 
2767  /* All other purposes are general for now */
2769 }
2770 
2771 /** Try to find a safe live circuit for stream <b>conn</b>. If we find one,
2772  * attach the stream, send appropriate cells, and return 1. Otherwise,
2773  * try to launch new circuit(s) for the stream. If we can launch
2774  * circuits, return 0. Otherwise, if we simply can't proceed with
2775  * this stream, return -1. (conn needs to die, and is maybe already marked).
2776  */
2777 /* XXXX this function should mark for close whenever it returns -1;
2778  * its callers shouldn't have to worry about that. */
2779 int
2781 {
2782  connection_t *base_conn = ENTRY_TO_CONN(conn);
2783  int retval;
2784  int conn_age;
2785  int want_onehop;
2786 
2787  tor_assert(conn);
2789  tor_assert(conn->socks_request);
2790  want_onehop = conn->want_onehop;
2791 
2792  conn_age = (int)(time(NULL) - base_conn->timestamp_created);
2793 
2794  /* Is this connection so old that we should give up on it? */
2795  if (conn_age >= get_options()->SocksTimeout) {
2796  int severity = (tor_addr_is_null(&base_conn->addr) && !base_conn->port) ?
2797  LOG_INFO : LOG_NOTICE;
2798  log_fn(severity, LD_APP,
2799  "Tried for %d seconds to get a connection to %s:%d. Giving up.",
2800  conn_age, safe_str_client(conn->socks_request->address),
2801  conn->socks_request->port);
2802  return -1;
2803  }
2804 
2805  /* We handle "general" (non-onion) connections much more straightforwardly.
2806  */
2808  /* we're a general conn */
2809  origin_circuit_t *circ=NULL;
2810 
2811  /* Are we linked to a dir conn that aims to fetch a consensus?
2812  * We check here because the conn might no longer be needed. */
2813  if (base_conn->linked_conn &&
2814  base_conn->linked_conn->type == CONN_TYPE_DIR &&
2816 
2817  /* Yes we are. Is there a consensus fetch farther along than us? */
2818  if (networkstatus_consensus_is_already_downloading(
2819  TO_DIR_CONN(base_conn->linked_conn)->requested_resource)) {
2820  /* We're doing the "multiple consensus fetch attempts" game from
2821  * proposal 210, and we're late to the party. Just close this conn.
2822  * The circuit and TLS conn that we made will time out after a while
2823  * if nothing else wants to use them. */
2824  log_info(LD_DIR, "Closing extra consensus fetch (to %s) since one "
2825  "is already downloading.", base_conn->linked_conn->address);
2826  return -1;
2827  }
2828  }
2829 
2830  /* If we have a chosen exit, we need to use a circuit that's
2831  * open to that exit. See what exit we meant, and whether we can use it.
2832  */
2833  if (conn->chosen_exit_name) {
2834  const node_t *node = node_get_by_nickname(conn->chosen_exit_name, 0);
2835  int opt = conn->chosen_exit_optional;
2836  if (!node && !want_onehop) {
2837  /* We ran into this warning when trying to extend a circuit to a
2838  * hidden service directory for which we didn't have a router
2839  * descriptor. See flyspray task 767 for more details. We should
2840  * keep this in mind when deciding to use BEGIN_DIR cells for other
2841  * directory requests as well. -KL*/
2842  log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP,
2843  "Requested exit point '%s' is not known. %s.",
2844  conn->chosen_exit_name, opt ? "Trying others" : "Closing");
2845  if (opt) {
2846  /* If we are allowed to ignore the .exit request, do so */
2847  conn->chosen_exit_optional = 0;
2848  tor_free(conn->chosen_exit_name);
2849  return 0;
2850  }
2851  return -1;
2852  }
2853  if (node && !connection_ap_can_use_exit(conn, node)) {
2854  log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP,
2855  "Requested exit point '%s' is excluded or "
2856  "would refuse request. %s.",
2857  conn->chosen_exit_name, opt ? "Trying others" : "Closing");
2858  if (opt) {
2859  /* If we are allowed to ignore the .exit request, do so */
2860  conn->chosen_exit_optional = 0;
2861  tor_free(conn->chosen_exit_name);
2862  return 0;
2863  }
2864  return -1;
2865  }
2866  }
2867 
2868  /* Find the circuit that we should use, if there is one. Otherwise
2869  * launch it
2870  */
2871  retval = circuit_get_open_circ_or_launch(conn,
2873  &circ);
2874 
2875  if (retval < 1) {
2876  /* We were either told "-1" (complete failure) or 0 (circuit in
2877  * progress); we can't attach this stream yet. */
2878  return retval;
2879  }
2880 
2881  log_debug(LD_APP|LD_CIRC,
2882  "Attaching apconn to circ %u (stream %d sec old).",
2883  (unsigned)circ->base_.n_circ_id, conn_age);
2884  /* print the circ's path, so clients can figure out which circs are
2885  * sucking. */
2887 
2888  /* We have found a suitable circuit for our conn. Hurray. Do
2889  * the attachment. */
2890  return connection_ap_handshake_attach_chosen_circuit(conn, circ, NULL);
2891 
2892  } else { /* we're a rendezvous conn */
2893  origin_circuit_t *rendcirc=NULL, *introcirc=NULL;
2894 
2895  tor_assert(!ENTRY_TO_EDGE_CONN(conn)->cpath_layer);
2896 
2897  /* start by finding a rendezvous circuit for us */
2898 
2900  conn, CIRCUIT_PURPOSE_C_REND_JOINED, &rendcirc);
2901  if (retval < 0) return -1; /* failed */
2902 
2903  if (retval > 0) {
2904  tor_assert(rendcirc);
2905  /* one is already established, attach */
2906  log_info(LD_REND,
2907  "rend joined circ %u (id: %" PRIu32 ") already here. "
2908  "Attaching. (stream %d sec old)",
2909  (unsigned) TO_CIRCUIT(rendcirc)->n_circ_id,
2910  rendcirc->global_identifier, conn_age);
2911  /* Mark rendezvous circuits as 'newly dirty' every time you use
2912  * them, since the process of rebuilding a rendezvous circ is so
2913  * expensive. There is a tradeoff between linkability and
2914  * feasibility, at this point.
2915  */
2916  rendcirc->base_.timestamp_dirty = time(NULL);
2917 
2918  /* We've also attempted to use them. If they fail, we need to
2919  * probe them for path bias */
2920  pathbias_count_use_attempt(rendcirc);
2921 
2922  link_apconn_to_circ(conn, rendcirc, NULL);
2923  if (connection_ap_handshake_send_begin(conn) < 0)
2924  return 0; /* already marked, let them fade away */
2925  return 1;
2926  }
2927 
2928  /* At this point we need to re-check the state, since it's possible that
2929  * our call to circuit_get_open_circ_or_launch() changed the connection's
2930  * state from "CIRCUIT_WAIT" to "RENDDESC_WAIT" because we decided to
2931  * re-fetch the descriptor.
2932  */
2933  if (ENTRY_TO_CONN(conn)->state != AP_CONN_STATE_CIRCUIT_WAIT) {
2934  log_info(LD_REND, "This connection is no longer ready to attach; its "
2935  "state changed."
2936  "(We probably have to re-fetch its descriptor.)");
2937  return 0;
2938  }
2939 
2940  if (rendcirc && (rendcirc->base_.purpose ==
2942  log_info(LD_REND,
2943  "pending-join circ %u (id: %" PRIu32 ") already here, with "
2944  "intro ack. Stalling. (stream %d sec old)",
2945  (unsigned) TO_CIRCUIT(rendcirc)->n_circ_id,
2946  rendcirc->global_identifier, conn_age);
2947  return 0;
2948  }
2949 
2950  /* it's on its way. find an intro circ. */
2952  conn, CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, &introcirc);
2953  if (retval < 0) return -1; /* failed */
2954 
2955  if (retval > 0) {
2956  /* one has already sent the intro. keep waiting. */
2957  tor_assert(introcirc);
2958  log_info(LD_REND, "Intro circ %u (id: %" PRIu32 ") present and "
2959  "awaiting ACK. Rend circuit %u (id: %" PRIu32 "). "
2960  "Stalling. (stream %d sec old)",
2961  (unsigned) TO_CIRCUIT(introcirc)->n_circ_id,
2962  introcirc->global_identifier,
2963  rendcirc ? (unsigned) TO_CIRCUIT(rendcirc)->n_circ_id : 0,
2964  rendcirc ? rendcirc->global_identifier : 0,
2965  conn_age);
2966  return 0;
2967  }
2968 
2969  /* now rendcirc and introcirc are each either undefined or not finished */
2970 
2971  if (rendcirc && introcirc &&
2972  rendcirc->base_.purpose == CIRCUIT_PURPOSE_C_REND_READY) {
2973  log_info(LD_REND,
2974  "ready rend circ %u (id: %" PRIu32 ") already here. No"
2975  "intro-ack yet on intro %u (id: %" PRIu32 "). "
2976  "(stream %d sec old)",
2977  (unsigned) TO_CIRCUIT(rendcirc)->n_circ_id,
2978  rendcirc->global_identifier,
2979  (unsigned) TO_CIRCUIT(introcirc)->n_circ_id,
2980  introcirc->global_identifier, conn_age);
2981 
2982  tor_assert(introcirc->base_.purpose == CIRCUIT_PURPOSE_C_INTRODUCING);
2983  if (introcirc->base_.state == CIRCUIT_STATE_OPEN) {
2984  int ret;
2985  log_info(LD_REND, "Found open intro circ %u (id: %" PRIu32 "). "
2986  "Rend circuit %u (id: %" PRIu32 "); Sending "
2987  "introduction. (stream %d sec old)",
2988  (unsigned) TO_CIRCUIT(introcirc)->n_circ_id,
2989  introcirc->global_identifier,
2990  (unsigned) TO_CIRCUIT(rendcirc)->n_circ_id,
2991  rendcirc->global_identifier, conn_age);
2992  ret = hs_client_send_introduce1(introcirc, rendcirc);
2993  switch (ret) {
2994  case 0: /* success */
2995  rendcirc->base_.timestamp_dirty = time(NULL);
2996  introcirc->base_.timestamp_dirty = time(NULL);
2997 
2998  pathbias_count_use_attempt(introcirc);
2999  pathbias_count_use_attempt(rendcirc);
3000 
3001  assert_circuit_ok(TO_CIRCUIT(rendcirc));
3002  assert_circuit_ok(TO_CIRCUIT(introcirc));
3003  return 0;
3004  case -1: /* transient error */
3005  return 0;
3006  case -2: /* permanent error */
3007  return -1;
3008  default: /* oops */
3010  return -1;
3011  }
3012  }
3013  }
3014 
3015  log_info(LD_REND, "Intro %u (id: %" PRIu32 ") and rend circuit %u "
3016  "(id: %" PRIu32 ") circuits are not both ready. "
3017  "Stalling conn. (%d sec old)",
3018  introcirc ? (unsigned) TO_CIRCUIT(introcirc)->n_circ_id : 0,
3019  introcirc ? introcirc->global_identifier : 0,
3020  rendcirc ? (unsigned) TO_CIRCUIT(rendcirc)->n_circ_id : 0,
3021  rendcirc ? rendcirc->global_identifier : 0, conn_age);
3022  return 0;
3023  }
3024 }
3025 
3026 /** Change <b>circ</b>'s purpose to <b>new_purpose</b>. */
3027 void
3028 circuit_change_purpose(circuit_t *circ, uint8_t new_purpose)
3029 {
3030  uint8_t old_purpose;
3031  /* Don't allow an OR circ to become an origin circ or vice versa. */
3032  tor_assert(!!(CIRCUIT_IS_ORIGIN(circ)) ==
3033  !!(CIRCUIT_PURPOSE_IS_ORIGIN(new_purpose)));
3034 
3035  if (circ->purpose == new_purpose) return;
3036 
3037  if (CIRCUIT_IS_ORIGIN(circ)) {
3038  char old_purpose_desc[80] = "";
3039 
3040  strncpy(old_purpose_desc, circuit_purpose_to_string(circ->purpose), 80-1);
3041  old_purpose_desc[80-1] = '\0';
3042 
3043  log_debug(LD_CIRC,
3044  "changing purpose of origin circ %d "
3045  "from \"%s\" (%d) to \"%s\" (%d)",
3046  TO_ORIGIN_CIRCUIT(circ)->global_identifier,
3047  old_purpose_desc,
3048  circ->purpose,
3049  circuit_purpose_to_string(new_purpose),
3050  new_purpose);
3051 
3052  /* Take specific actions if we are repurposing a hidden service circuit. */
3054  !circuit_purpose_is_hidden_service(new_purpose)) {
3056  }
3057  }
3058 
3059  old_purpose = circ->purpose;
3060  circ->purpose = new_purpose;
3061  tor_trace(TR_SUBSYS(circuit), TR_EV(change_purpose), circ, old_purpose,
3062  new_purpose);
3063 
3064  if (CIRCUIT_IS_ORIGIN(circ)) {
3066  old_purpose);
3067 
3069  }
3070 }
3071 
3072 /** Mark <b>circ</b> so that no more connections can be attached to it. */
3073 void
3075 {
3076  const or_options_t *options = get_options();
3077  tor_assert(circ);
3078 
3079  /* XXXX This is a kludge; we're only keeping it around in case there's
3080  * something that doesn't check unusable_for_new_conns, and to avoid
3081  * deeper refactoring of our expiration logic. */
3082  if (! circ->base_.timestamp_dirty)
3083  circ->base_.timestamp_dirty = approx_time();
3084  if (options->MaxCircuitDirtiness >= circ->base_.timestamp_dirty)
3085  circ->base_.timestamp_dirty = 1; /* prevent underflow */
3086  else
3087  circ->base_.timestamp_dirty -= options->MaxCircuitDirtiness;
3088 
3089  circ->unusable_for_new_conns = 1;
3090 }
3091 
3092 /**
3093  * Add relay_body_len and RELAY_PAYLOAD_SIZE-relay_body_len to
3094  * the valid delivered written fields and the overhead field,
3095  * respectively.
3096  */
3097 void
3098 circuit_sent_valid_data(origin_circuit_t *circ, uint16_t relay_body_len)
3099 {
3100  if (!circ) return;
3101 
3102  tor_assertf_nonfatal(relay_body_len <= RELAY_PAYLOAD_SIZE,
3103  "Wrong relay_body_len: %d (should be at most %d)",
3104  relay_body_len, RELAY_PAYLOAD_SIZE);
3105 
3107  tor_add_u32_nowrap(circ->n_delivered_written_circ_bw, relay_body_len);
3109  tor_add_u32_nowrap(circ->n_overhead_written_circ_bw,
3110  RELAY_PAYLOAD_SIZE-relay_body_len);
3111 }
3112 
3113 /**
3114  * Add relay_body_len and RELAY_PAYLOAD_SIZE-relay_body_len to
3115  * the valid delivered read field and the overhead field,
3116  * respectively.
3117  */
3118 void
3119 circuit_read_valid_data(origin_circuit_t *circ, uint16_t relay_body_len)
3120 {
3121  if (!circ) return;
3122 
3123  tor_assert_nonfatal(relay_body_len <= RELAY_PAYLOAD_SIZE);
3124 
3125  circ->n_delivered_read_circ_bw =
3126  tor_add_u32_nowrap(circ->n_delivered_read_circ_bw, relay_body_len);
3127  circ->n_overhead_read_circ_bw =
3128  tor_add_u32_nowrap(circ->n_overhead_read_circ_bw,
3129  RELAY_PAYLOAD_SIZE-relay_body_len);
3130 }
int tor_addr_parse(tor_addr_t *addr, const char *src)
Definition: address.c:1349
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:780
#define tor_addr_from_in(dest, in)
Definition: address.h:331
int addressmap_have_mapping(const char *address, int update_expiry)
Definition: addressmap.c:544
void addressmap_clean(time_t now)
Definition: addressmap.c:320
void addressmap_register(const char *address, char *new_address, time_t expires, addressmap_entry_source_t source, const int wildcard_addr, const int wildcard_new_addr, uint64_t stream_id)
Definition: addressmap.c:576
Header for addressmap.c.
time_t approx_time(void)
Definition: approx_time.c:32
int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:506
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
int n_bits_set_u8(uint8_t v)
Definition: bits.c:72
Header file for circuitbuild.c.
time_t channel_when_last_xmit(channel_t *chan)
Definition: channel.c:3275
int channel_is_client(const channel_t *chan)
Definition: channel.c:2915
const char * channel_state_to_string(channel_state_t state)
Definition: channel.c:315
const char * channel_describe_peer(channel_t *chan)
Definition: channel.c:2837
Header file for channel.c.
void pathbias_count_use_attempt(origin_circuit_t *circ)
Definition: circpathbias.c:615
int pathbias_check_close(origin_circuit_t *ocirc, int reason)
void pathbias_count_timeout(origin_circuit_t *circ)
const char * build_state_get_exit_nickname(cpath_build_state_t *state)
int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *exit_ei)
origin_circuit_t * circuit_establish_circuit(uint8_t purpose, extend_info_t *exit_ei, int flags)
Definition: circuitbuild.c:481
void circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ)
Definition: circuitbuild.c:355
const node_t * build_state_get_exit_node(cpath_build_state_t *state)
int circuit_timeout_want_to_count_circ(const origin_circuit_t *circ)
Definition: circuitbuild.c:825
int circuit_all_predicted_ports_handled(time_t now, int *need_uptime, int *need_capacity)
Header file for circuitbuild.c.
origin_circuit_t * circuit_find_to_cannibalize(uint8_t purpose_to_produce, extend_info_t *info, int flags)
Definition: circuitlist.c:1868
const char * circuit_purpose_to_string(uint8_t purpose)
Definition: circuitlist.c:914
int circuit_any_opened_circuits(void)
Definition: circuitlist.c:729
int circuit_get_cpath_len(origin_circuit_t *circ)
Definition: circuitlist.c:2006
void assert_circuit_ok(const circuit_t *c)
Definition: circuitlist.c:2764
smartlist_t * circuit_get_global_list(void)
Definition: circuitlist.c:705
origin_circuit_t * TO_ORIGIN_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:177
smartlist_t * circuit_get_global_origin_circuit_list(void)
Definition: circuitlist.c:714
int circuit_event_status(origin_circuit_t *circ, circuit_status_event_t tp, int reason_code)
Definition: circuitlist.c:510
or_circuit_t * TO_OR_CIRCUIT(circuit_t *x)
Definition: circuitlist.c:165
const char * circuit_state_to_string(int state)
Definition: circuitlist.c:773
Header file for circuitlist.c.
#define CIRCUIT_PURPOSE_S_CONNECT_REND
Definition: circuitlist.h:107
#define CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT
Definition: circuitlist.h:93
#define CIRCUIT_PURPOSE_PATH_BIAS_TESTING
Definition: circuitlist.h:123
#define CIRCUIT_STATE_OPEN
Definition: circuitlist.h:32
#define CIRCUIT_PURPOSE_IS_ORIGIN(p)
Definition: circuitlist.h:140
#define CIRCUIT_PURPOSE_C_REND_JOINED
Definition: circuitlist.h:88
#define CIRCUIT_PURPOSE_S_INTRO
Definition: circuitlist.h:104
#define CIRCUIT_PURPOSE_CONTROLLER
Definition: circuitlist.h:121
#define CIRCUIT_IS_ORIGIN(c)
Definition: circuitlist.h:147
#define CIRCUIT_PURPOSE_C_CIRCUIT_PADDING
Definition: circuitlist.h:95
#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED
Definition: circuitlist.h:86
#define CIRCUIT_PURPOSE_TESTING
Definition: circuitlist.h:118
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT
Definition: circuitlist.h:76
#define CIRCUIT_PURPOSE_S_REND_JOINED
Definition: circuitlist.h:110
#define CIRCUIT_PURPOSE_C_REND_READY
Definition: circuitlist.h:83
#define CIRCUIT_PURPOSE_S_HSDIR_POST
Definition: circuitlist.h:112
#define CIRCUIT_PURPOSE_C_HSDIR_GET
Definition: circuitlist.h:90
#define CIRCUIT_PURPOSE_C_INTRODUCING
Definition: circuitlist.h:73
#define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO
Definition: circuitlist.h:101
#define CIRCUIT_PURPOSE_C_ESTABLISH_REND
Definition: circuitlist.h:81
#define CIRCUIT_PURPOSE_C_GENERAL
Definition: circuitlist.h:70
#define CIRCUIT_PURPOSE_COUNTS_TOWARDS_MAXPENDING(p)
Definition: circuitlist.h:160
#define CIRCUIT_PURPOSE_HS_VANGUARDS
Definition: circuitlist.h:131
void circpad_machine_event_circ_purpose_changed(origin_circuit_t *circ)
void circpad_machine_event_circ_has_no_streams(origin_circuit_t *circ)
void circpad_machine_event_circ_has_streams(origin_circuit_t *circ)
Header file for circuitpadding.c.
int circuit_build_times_needs_circuits_now(const circuit_build_times_t *cbt)
void circuit_build_times_set_timeout(circuit_build_times_t *cbt)
double get_circuit_build_timeout_ms(void)
Definition: circuitstats.c:101
void circuit_build_times_count_timeout(circuit_build_times_t *cbt, int did_onehop)
const circuit_build_times_t * get_circuit_build_times(void)
Definition: circuitstats.c:78
double get_circuit_build_close_time_ms(void)
Definition: circuitstats.c:93
void circuit_build_times_mark_circ_as_measurement_only(origin_circuit_t *circ)
Definition: circuitstats.c:637
int circuit_build_times_enough_to_compute(const circuit_build_times_t *cbt)
Definition: circuitstats.c:255
int circuit_build_times_count_close(circuit_build_times_t *cbt, int did_onehop, time_t start_time)
int circuit_build_times_disabled(const or_options_t *options)
Definition: circuitstats.c:117
circuit_build_times_t * get_circuit_build_times_mutable(void)
Definition: circuitstats.c:85
Header file for circuitstats.c.
void circuit_build_failed(origin_circuit_t *circ)
Definition: circuituse.c:1723
void circuit_sent_valid_data(origin_circuit_t *circ, uint16_t relay_body_len)
Definition: circuituse.c:3098
void circuit_expire_old_circuits_serverside(time_t now)
Definition: circuituse.c:1515
bool circuit_is_hs_v3(const circuit_t *circ)
Definition: circuituse.c:1963
void circuit_detach_stream(circuit_t *circ, edge_connection_t *conn)
Definition: circuituse.c:1330
static int count_pending_general_client_circuits(void)
Definition: circuituse.c:368
static void circuit_testing_failed(origin_circuit_t *circ, int at_last_hop)
Definition: circuituse.c:1608
static void circuit_testing_opened(origin_circuit_t *circ)
Definition: circuituse.c:1588
static int circuit_matches_with_rend_stream(const edge_connection_t *edge_conn, const origin_circuit_t *origin_circ)
Definition: circuituse.c:82
static int circuit_try_clearing_isolation_state(origin_circuit_t *circ)
Definition: circuituse.c:1684
bool circuit_purpose_is_hs_service(const uint8_t purpose)
Definition: circuituse.c:1948
origin_circuit_t * circuit_launch(uint8_t purpose, int flags)
Definition: circuituse.c:1895
void circuit_read_valid_data(origin_circuit_t *circ, uint16_t relay_body_len)
Definition: circuituse.c:3119
void circuit_log_ancient_one_hop_circuits(int age)
Definition: circuituse.c:836
void circuit_change_purpose(circuit_t *circ, uint8_t new_purpose)
Definition: circuituse.c:3028
static int have_performed_bandwidth_test
Definition: circuituse.c:1549
void circuit_expire_waiting_for_better_guard(void)
Definition: circuituse.c:812
static int circuit_is_acceptable(const origin_circuit_t *origin_circ, const entry_connection_t *conn, int must_be_open, uint8_t purpose, int need_uptime, int need_internal, time_t now)
Definition: circuituse.c:102
void circuit_expire_old_circs_as_needed(time_t now)
Definition: circuituse.c:1299
static void circuit_predict_and_launch_new(void)
Definition: circuituse.c:1179
int circuit_should_use_vanguards(uint8_t purpose)
Definition: circuituse.c:1980
static origin_circuit_t * circuit_get_best(const entry_connection_t *conn, int must_be_open, uint8_t purpose, int need_uptime, int need_internal)
Definition: circuituse.c:327
void reset_bandwidth_test(void)
Definition: circuituse.c:1554
int hostname_in_track_host_exits(const or_options_t *options, const char *address)
Definition: circuituse.c:2631
static void consider_recording_trackhost(const entry_connection_t *conn, const origin_circuit_t *circ)
Definition: circuituse.c:2653
static int n_circuit_failures
Definition: circuituse.c:1883
#define MAX_CIRCUIT_FAILURES
Definition: circuituse.c:1890
void circuit_has_opened(origin_circuit_t *circ)
Definition: circuituse.c:1631
void circuit_expire_building(void)
Definition: circuituse.c:428
static int circuit_should_cannibalize_to_build(uint8_t purpose_to_build, int has_extend_info, int onehop_tunnel)
Definition: circuituse.c:1998
void circuit_build_needed_circs(time_t now)
Definition: circuituse.c:1276
static int did_circs_fail_last_period
Definition: circuituse.c:1886
bool circuit_purpose_is_hs_vanguards(const uint8_t purpose)
Definition: circuituse.c:1956
int connection_ap_handshake_attach_circuit(entry_connection_t *conn)
Definition: circuituse.c:2780
void circuit_reset_failure_count(int timeout)
Definition: circuituse.c:2180
#define IDLE_ONE_HOP_CIRC_TIMEOUT
Definition: circuituse.c:1508
STATIC void circuit_expire_old_circuits_clientside(void)
Definition: circuituse.c:1416
static int circuit_is_better(const origin_circuit_t *oa, const origin_circuit_t *ob, const entry_connection_t *conn)
Definition: circuituse.c:235
bool circuit_purpose_is_hs_client(const uint8_t purpose)
Definition: circuituse.c:1940
int connection_ap_handshake_attach_chosen_circuit(entry_connection_t *conn, origin_circuit_t *circ, crypt_path_t *cpath)
Definition: circuituse.c:2698
int circuit_stream_is_being_handled(entry_connection_t *conn, uint16_t port, int min)
Definition: circuituse.c:993
static void circuit_increment_failure_count(void)
Definition: circuituse.c:2169
static int circuit_get_open_circ_or_launch(entry_connection_t *conn, uint8_t desired_circuit_purpose, origin_circuit_t **circp)
Definition: circuituse.c:2196
#define MAX_UNUSED_OPEN_CIRCUITS
Definition: circuituse.c:1042
void circuit_remove_handled_ports(smartlist_t *needed_ports)
Definition: circuituse.c:968
int circuit_enough_testing_circs(void)
Definition: circuituse.c:1564
origin_circuit_t * circuit_launch_by_extend_info(uint8_t purpose, extend_info_t *extend_info, int flags)
Definition: circuituse.c:2051
static int connection_ap_get_nonrend_circ_purpose(const entry_connection_t *conn)
Definition: circuituse.c:2751
void mark_circuit_unusable_for_new_conns(origin_circuit_t *circ)
Definition: circuituse.c:3074
#define NUM_PARALLEL_TESTING_CIRCS
Definition: circuituse.c:1545
#define TESTING_CIRCUIT_INTERVAL
Definition: circuituse.c:1268
static time_t last_expired_clientside_circuits
Definition: circuituse.c:827
void circuit_try_attaching_streams(origin_circuit_t *circ)
Definition: circuituse.c:1706
static void link_apconn_to_circ(entry_connection_t *apconn, origin_circuit_t *circ, crypt_path_t *cpath)
Definition: circuituse.c:2563
static int cpath_is_on_circuit(origin_circuit_t *circ, crypt_path_t *crypt_path)
Definition: circuituse.c:2547
int circuit_purpose_is_hidden_service(uint8_t purpose)
Definition: circuituse.c:1918
Header file for circuituse.c.
#define CIRCLAUNCH_NEED_CAPACITY
Definition: circuituse.h:43
#define CIRCLAUNCH_ONEHOP_TUNNEL
Definition: circuituse.h:39
#define CIRCLAUNCH_IS_V3_RP
Definition: circuituse.h:49
#define CIRCLAUNCH_IS_INTERNAL
Definition: circuituse.h:46
#define CIRCLAUNCH_NEED_UPTIME
Definition: circuituse.h:41
#define MAX(a, b)
Definition: cmp.h:22
const or_options_t * get_options(void)
Definition: config.c:926
const char * escaped_safe_str_client(const char *address)
Definition: config.c:1117
Header file for config.c.
const char * conn_state_to_string(int type, int state)
Definition: connection.c:305
connection_t * connection_get_by_type(int type)
Definition: connection.c:4907
const char * conn_type_to_string(int type)
Definition: connection.c:271
Header file for connection.c.
#define CONN_TYPE_AP
Definition: connection.h:51
#define CONN_TYPE_DIR
Definition: connection.h:55
int connection_edge_compatible_with_circuit(const entry_connection_t *conn, const origin_circuit_t *circ)
void connection_ap_mark_as_waiting_for_renddesc(entry_connection_t *entry_conn)
void connection_ap_fail_onehop(const char *failed_digest, cpath_build_state_t *build_state)
void connection_ap_rescan_and_attach_pending(void)
int connection_ap_handshake_send_begin(entry_connection_t *ap_conn)
void circuit_clear_isolation(origin_circuit_t *circ)
entry_connection_t * EDGE_TO_ENTRY_CONN(edge_connection_t *c)
int connection_ap_handshake_send_resolve(entry_connection_t *ap_conn)
int connection_edge_update_circuit_isolation(const entry_connection_t *conn, origin_circuit_t *circ, int dry_run)
int connection_ap_can_use_exit(const entry_connection_t *conn, const node_t *exit_node)
void connection_ap_attach_pending(int retry)
int connection_edge_is_rendezvous_stream(const edge_connection_t *conn)
void circuit_discard_optional_exit_enclaves(extend_info_t *info)
Header file for connection_edge.c.
#define AP_CONN_STATE_CONTROLLER_WAIT
#define AP_CONN_STATE_CIRCUIT_WAIT
int control_event_circuit_purpose_changed(origin_circuit_t *circ, int old_purpose)
int control_event_circuit_cannibalized(origin_circuit_t *circ, int old_purpose, const struct timeval *old_tv_created)
Header file for control_events.c.
Circuit-build-stse structure.
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
const char * extend_info_describe(const extend_info_t *ei)
Definition: describe.c:224
const char * node_describe(const node_t *node)
Definition: describe.c:160
Header file for describe.c.
#define tor_memneq(a, b, sz)
Definition: di_ops.h:21
#define DIGEST_LEN
Definition: digest_sizes.h:20
Client/server directory connection structure.
dir_connection_t * TO_DIR_CONN(connection_t *c)
Definition: directory.c:88
Header file for directory.c.
#define DIR_PURPOSE_UPLOAD_HSDESC
Definition: directory.h:67
#define DIR_PURPOSE_FETCH_CONSENSUS
Definition: directory.h:54
#define DIR_PURPOSE_FETCH_HSDESC
Definition: directory.h:69
Entry connection structure.
#define ENTRY_TO_EDGE_CONN(c)
void entry_guard_failed(circuit_guard_state_t **guard_state_p)
Definition: entrynodes.c:2568
int entry_list_is_constrained(const or_options_t *options)
Definition: entrynodes.c:3426
int entry_guard_state_should_expire(circuit_guard_state_t *guard_state)
Definition: entrynodes.c:2836
int guards_retry_optimistic(const or_options_t *options)
Definition: entrynodes.c:3878
Header file for circuitbuild.c.
const char * escaped(const char *s)
Definition: escape.c:126
Header file for Tor tracing instrumentation definition.
#define TR_SUBSYS(name)
Definition: events.h:45
Extend-info structure.
extend_info_t * extend_info_from_node(const node_t *node, int for_direct_connect, bool for_exit)
Definition: extendinfo.c:100
bool extend_info_has_orport(const extend_info_t *ei, const tor_addr_t *addr, uint16_t port)
Definition: extendinfo.c:265
extend_info_t * extend_info_new(const char *nickname, const char *rsa_id_digest, const ed25519_public_key_t *ed_id, crypto_pk_t *onion_key, const curve25519_public_key_t *ntor_key, const tor_addr_t *addr, uint16_t port, const protover_summary_flags_t *pv, bool for_exit_use)
Definition: extendinfo.c:33
Header for core/or/extendinfo.c.
Header for fp.c.
void hs_circ_cleanup_on_repurpose(circuit_t *circ)
Definition: hs_circuit.c:1307
bool hs_circ_is_rend_sent_in_intro1(const origin_circuit_t *circ)
Definition: hs_circuit.c:1340
void hs_circ_retry_service_rendezvous_point(const origin_circuit_t *circ)
Definition: hs_circuit.c:681
Header file containing circuit data for the whole HS subsystem.
void hs_client_note_connection_attempt_succeeded(const edge_connection_t *conn)
Definition: hs_client.c:2014
int hs_client_refetch_hsdesc(const ed25519_public_key_t *identity_pk)
Definition: hs_client.c:2112
int hs_client_send_introduce1(origin_circuit_t *intro_circ, origin_circuit_t *rend_circ)
Definition: hs_client.c:2143
void hs_client_circuit_has_opened(origin_circuit_t *circ)
Definition: hs_client.c:2153
extend_info_t * hs_client_get_random_intro_from_edge(const edge_connection_t *edge_conn)
Definition: hs_client.c:2475
Header file containing client data for the HS subsystem.
void hs_dec_rdv_stream_counter(origin_circuit_t *circ)
Definition: hs_common.c:1722
Header file containing common data for the whole HS subsystem.
hs_ident_circuit_t * hs_ident_circuit_new(const ed25519_public_key_t *identity_pk)
Definition: hs_ident.c:16
Header file containing circuit and connection identifier data for the whole HS subsystem.
Header for feature/hs/hs_metrics.c.
#define hs_metrics_failed_rdv(i, reason)
Definition: hs_metrics.h:63
void hs_service_circuit_has_opened(origin_circuit_t *circ)
Definition: hs_service.c:4172
unsigned int hs_service_get_num_services(void)
Definition: hs_service.c:3963
void hs_stats_note_service_rendezvous_launch(void)
Definition: hs_stats.c:34
Header file for hs_stats.c.
int tor_inet_aton(const char *str, struct in_addr *addr)
Definition: inaddr.c:40
#define log_fn(severity, domain, args,...)
Definition: log.h:283
#define LD_REND
Definition: log.h:84
#define log_fn_ratelim(ratelim, severity, domain, args,...)
Definition: log.h:288
#define LD_APP
Definition: log.h:78
#define LOG_DEBUG
Definition: log.h:42
#define LD_OR
Definition: log.h:92
#define LD_HEARTBEAT
Definition: log.h:103
#define LD_BUG
Definition: log.h:86
#define LD_GENERAL
Definition: log.h:62
#define LD_DIR
Definition: log.h:88
#define LOG_NOTICE
Definition: log.h:50
#define LD_CIRC
Definition: log.h:82
#define LOG_WARN
Definition: log.h:53
#define LOG_INFO
Definition: log.h:45
#define tor_free(p)
Definition: malloc.h:56
int32_t networkstatus_get_param(const networkstatus_t *ns, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
Header file for networkstatus.c.
int node_has_preferred_descriptor(const node_t *node, int for_direct_connect)
Definition: nodelist.c:1500
int router_exit_policy_all_nodes_reject(const tor_addr_t *addr, uint16_t port, int need_uptime)
Definition: nodelist.c:2350
const node_t * node_get_by_nickname(const char *nickname, unsigned flags)
Definition: nodelist.c:1085
consensus_path_type_t router_have_consensus_path(void)
Definition: nodelist.c:2460
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:226
int router_have_minimum_dir_info(void)
Definition: nodelist.c:2427
Header file for nodelist.c.
Master header file for Tor-specific functionality.
#define MIN_CIRCUITS_HANDLING_STREAM
Definition: or.h:180
@ ADDRMAPSRC_TRACKEXIT
Definition: or.h:917
#define TO_CIRCUIT(x)
Definition: or.h:836
#define RELAY_PAYLOAD_SIZE
Definition: or.h:485
#define ISO_SOCKSAUTH
Definition: or.h:849
#define END_CIRC_REASON_MEASUREMENT_EXPIRED
Definition: or.h:304
#define TO_CONN(c)
Definition: or.h:603
#define END_CIRC_AT_ORIGIN
Definition: or.h:309
#define ENTRY_TO_CONN(c)
Definition: or.h:606
Origin circuit structure.
@ PATH_STATE_USE_FAILED
@ PATH_STATE_BUILD_SUCCEEDED
addr_policy_result_t compare_tor_addr_to_addr_policy(const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)
Definition: policies.c:1536
addr_policy_result_t compare_tor_addr_to_node_policy(const tor_addr_t *addr, uint16_t port, const node_t *node)
Definition: policies.c:2907
Header file for policies.c.
addr_policy_result_t
Definition: policies.h:38
@ ADDR_POLICY_PROBABLY_REJECTED
Definition: policies.h:48
@ ADDR_POLICY_REJECTED
Definition: policies.h:42
void rep_hist_note_used_internal(time_t now, int need_uptime, int need_capacity)
int rep_hist_get_predicted_internal(time_t now, int *need_uptime, int *need_capacity)
Header file for predict_ports.c.
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
int proxy_mode(const or_options_t *options)
Definition: proxymode.c:21
Header file for proxymode.c.
char * rate_limit_log(ratelim_t *lim, time_t now)
Definition: ratelim.c:42
void routerlist_retry_directory_downloads(time_t now)
Definition: routerlist.c:2342
int hexdigest_to_digest(const char *hexdigest, char *digest)
Definition: routerlist.c:747
Header file for routerlist.c.
int server_mode(const or_options_t *options)
Definition: routermode.c:34
Header file for routermode.c.
int routerset_contains_extendinfo(const routerset_t *set, const extend_info_t *ei)
Definition: routerset.c:308
int router_orport_seems_reachable(const or_options_t *options, int family)
Definition: selftest.c:101
void router_do_reachability_checks(void)
Definition: selftest.c:292
void router_perform_bandwidth_test(int num_circs, time_t now)
Definition: selftest.c:425
Header file for selftest.c.
int smartlist_contains_int_as_string(const smartlist_t *sl, int num)
Definition: smartlist.c:147
smartlist_t * smartlist_new(void)
void smartlist_add(smartlist_t *sl, void *element)
void smartlist_del(smartlist_t *sl, int idx)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
Client request structure.
#define SOCKS_COMMAND_CONNECT
unsigned int is_bad_for_new_circs
Definition: channel.h:419
uint8_t state
Definition: circuit_st.h:111
time_t timestamp_dirty
Definition: circuit_st.h:188
unsigned int received_destroy
Definition: circuit_st.h:105
uint16_t marked_for_close
Definition: circuit_st.h:190
uint8_t purpose
Definition: circuit_st.h:112
struct timeval timestamp_began
Definition: circuit_st.h:166
int package_window
Definition: circuit_st.h:117
struct timeval timestamp_created
Definition: circuit_st.h:169
channel_t * n_chan
Definition: circuit_st.h:70
circid_t n_circ_id
Definition: circuit_st.h:79
uint8_t state
Definition: connection_st.h:49
struct connection_t * linked_conn
unsigned int hold_open_until_flushed
Definition: connection_st.h:61
unsigned int reading_from_linked_conn
Definition: connection_st.h:81
unsigned int type
Definition: connection_st.h:50
unsigned int linked
Definition: connection_st.h:78
uint16_t marked_for_close
uint16_t port
const char * marked_for_close_file
unsigned int purpose
Definition: connection_st.h:51
time_t timestamp_created
tor_addr_t addr
extend_info_t * chosen_exit
struct crypt_path_t * prev
Definition: crypt_path_st.h:80
uint8_t state
Definition: crypt_path_st.h:73
struct crypt_path_t * next
Definition: crypt_path_st.h:77
extend_info_t * extend_info
Definition: crypt_path_st.h:66
struct crypt_path_t * cpath_layer
struct edge_connection_t * next_stream
unsigned int edge_has_sent_end
unsigned int edge_blocked_on_circ
struct circuit_t * on_circuit
socks_request_t * socks_request
unsigned int num_circuits_launched
unsigned int chosen_exit_optional
unsigned int may_use_optimistic_data
unsigned int socks_iso_keep_alive
char identity_digest[DIGEST_LEN]
ed25519_public_key_t identity_pk
Definition: hs_ident.h:45
ed25519_public_key_t identity_pk
Definition: hs_ident.h:106
Definition: node_st.h:34
edge_connection_t * resolving_streams
Definition: or_circuit_st.h:42
channel_t * p_chan
Definition: or_circuit_st.h:37
circid_t p_circ_id
Definition: or_circuit_st.h:33
struct or_circuit_t * rend_splice
Definition: or_circuit_st.h:50
edge_connection_t * n_streams
Definition: or_circuit_st.h:39
int TrackHostExitsExpire
int MaxCircuitDirtiness
struct routerset_t * ExcludeExitNodes
struct smartlist_t * TrackHostExits
struct routerset_t * EntryNodes
struct routerset_t * ExcludeNodes
int MaxClientCircuitsPending
int DisablePredictedCircuits
struct smartlist_t * LongLivedPorts
unsigned int relaxed_timeout
struct hs_ident_circuit_t * hs_ident
edge_connection_t * p_streams
unsigned int isolation_values_set
uint32_t n_overhead_written_circ_bw
unsigned int has_opened
path_state_bitfield_t path_state
unsigned int is_ancient
uint32_t n_delivered_read_circ_bw
uint32_t n_delivered_written_circ_bw
uint32_t n_overhead_read_circ_bw
smartlist_t * prepend_policy
crypt_path_t * cpath
cpath_build_state_t * build_state
unsigned int isolation_any_streams_attached
struct circuit_guard_state_t * guard_state
char address[MAX_SOCKS_ADDR_LEN]
#define STATIC
Definition: testsupport.h:32
void format_local_iso_time(char *buf, time_t t)
Definition: time_fmt.c:316
#define timercmp(tv1, tv2, op)
Definition: timeval.h:81
void tor_gettimeofday(struct timeval *timeval)
long tv_mdiff(const struct timeval *start, const struct timeval *end)
Definition: tvdiff.c:102
Header for tvdiff.c.
#define tor_assert(expr)
Definition: util_bug.h:102
#define tor_fragile_assert()
Definition: util_bug.h:270
int strcasecmpend(const char *s1, const char *s2)
Definition: util_string.c:264
int tor_digest_is_zero(const char *digest)
Definition: util_string.c:96