57 #define CONNECTION_PRIVATE
68 #define CHANNEL_OBJECT_PRIVATE
81 #include "core/or/dos.h"
87 #include "core/proto/proto_haproxy.h"
132 #ifdef HAVE_SYS_STAT_H
133 #include <sys/stat.h>
137 #include <sys/socket.h>
169 #define ENABLE_LISTENER_REBIND
172 const struct sockaddr *listensockaddr,
173 socklen_t listensocklen,
int type,
179 int *defer,
int *addr_in_use);
188 ssize_t *max_to_read,
211 static tor_addr_t *last_interface_ipv6 = NULL;
216 #define CASE_ANY_LISTENER_TYPE \
217 case CONN_TYPE_OR_LISTENER: \
218 case CONN_TYPE_EXT_OR_LISTENER: \
219 case CONN_TYPE_AP_LISTENER: \
220 case CONN_TYPE_DIR_LISTENER: \
221 case CONN_TYPE_CONTROL_LISTENER: \
222 case CONN_TYPE_AP_TRANS_LISTENER: \
223 case CONN_TYPE_AP_NATD_LISTENER: \
224 case CONN_TYPE_AP_DNS_LISTENER: \
225 case CONN_TYPE_AP_HTTP_CONNECT_LISTENER: \
226 case CONN_TYPE_METRICS_LISTENER
280 return "Transparent pf/netfilter listener";
294 log_warn(
LD_BUG,
"unknown connection type %d", type);
309 CASE_ANY_LISTENER_TYPE:
319 return "renegotiating (TLS, v2 handshake)";
321 return "waiting for renegotiation or V3 handshake";
323 return "handshaking (Tor, v2 handshake)";
325 return "handshaking (Tor, v3 handshake)";
332 return "waiting for authentication type";
334 return "waiting for client nonce";
336 return "waiting for client hash";
375 return "waiting for authentication (protocol v1)";
381 return "uninitialized";
384 log_warn(
LD_BUG,
"unknown connection state %d (type %d)", state, type);
386 "unknown state [%d] on unknown [%s] connection",
388 tor_assert_nonfatal_unreached_once();
407 bool include_preposition)
413 static char peer_buf[256];
415 const char *address = NULL;
422 switch (conn->
type) {
423 CASE_ANY_LISTENER_TYPE:
458 strlcpy(ed_id_buf,
"<none>",
sizeof(ed_id_buf));
463 " ID=%s RSA_ID=%s", ed_id_buf, rsa_id_buf);
470 sizeof(canonical_addr_buf), 1)) {
472 sizeof(extra_buf)-strlen(extra_buf),
473 " canonical_addr=%s:%"PRIu16,
482 strlcpy(extra_buf,
" (DNS lookup pending)",
sizeof(extra_buf));
487 if (address == NULL) {
493 address =
"<can't format!>";
494 tor_assert_nonfatal_unreached_once();
501 if (scrub &&
get_options()->SafeLogging_ != SAFELOG_SCRUB_NONE) {
502 address =
"[scrubbed]";
505 if (conn->
port != 0) {
510 const char *sp = include_preposition ?
" " :
"";
511 if (! include_preposition)
515 "%s%s%s%s%s", prep, sp, address, portbuf, extra_buf);
549 return "null connection";
551 static char desc_buf[256];
554 "%s connection (%s) %s",
582 time_t now = time(NULL);
587 connection_or_set_canonical(or_conn, 0);
592 TO_CONN(or_conn)->always_rate_limit_as_remote = 1;
613 if (socket_family == AF_INET)
614 entry_conn->entry_cfg.ipv4_traffic = 1;
615 else if (socket_family == AF_INET6)
616 entry_conn->entry_cfg.ipv6_traffic = 1;
663 return listener_conn;
689 CASE_ANY_LISTENER_TYPE:
713 static uint64_t n_connections_allocated = 1;
718 conn->
magic = OR_CONNECTION_MAGIC;
721 conn->
magic = EDGE_CONNECTION_MAGIC;
724 conn->
magic = ENTRY_CONNECTION_MAGIC;
727 conn->
magic = DIR_CONNECTION_MAGIC;
730 conn->
magic = CONTROL_CONNECTION_MAGIC;
732 CASE_ANY_LISTENER_TYPE:
733 conn->
magic = LISTENER_CONNECTION_MAGIC;
736 conn->
magic = BASE_CONNECTION_MAGIC;
798 switch (conn->
type) {
825 CASE_ANY_LISTENER_TYPE:
838 log_info(
LD_GENERAL,
"Freeing linked %s connection [%s] with %d "
839 "bytes on inbuf, %d on outbuf.",
842 (
int)connection_get_inbuf_len(conn),
843 (
int)connection_get_outbuf_len(conn));
847 buf_free(conn->
inbuf);
855 if (unlink(conn->
address) < 0 && errno != ENOENT) {
864 if (connection_speaks_cells(conn)) {
877 tor_tls_free(or_conn->
tls);
888 "Freeing orconn at %p, saw channel %p with ID "
889 "%"PRIu64
" left un-NULLed",
892 if (!CHANNEL_FINISHED(base_chan)) {
896 or_conn->
chan->conn = NULL;
897 or_conn->
chan = NULL;
909 if (entry_conn->sending_optimistic_data) {
910 buf_free(entry_conn->sending_optimistic_data);
923 memwipe(cp, 0, strlen(cp));
940 dir_conn_clear_spool(dir_conn);
942 hs_ident_dir_conn_free(dir_conn->hs_ident);
951 log_debug(
LD_NET,
"closing fd %d.",(
int)conn->
s);
958 log_warn(
LD_BUG,
"called on OR conn with non-zeroed identity_digest");
986 if (connection_speaks_cells(conn)) {
997 connection_ap_warn_and_unmark_if_pending_circ(
TO_ENTRY_CONN(conn),
1029 switch (conn->
type) {
1048 #define CONN_IS_CLOSED(c) \
1049 ((c)->linked ? ((c)->linked_conn_is_closed) : (! SOCKET_OK(c->s)))
1060 log_err(
LD_BUG,
"Attempt to close already-closed connection.");
1064 if (connection_get_outbuf_len(conn)) {
1065 log_info(
LD_NET,
"fd %d, type %s, state %s, %"TOR_PRIuSZ
" bytes on outbuf.",
1103 "Something tried to close an or_connection_t without going "
1104 "through channels at %s:%d",
1130 int line,
const char *file))
1138 log_warn(
LD_BUG,
"Duplicate call to connection_mark_for_close at %s:%d"
1151 "Calling connection_mark_for_close_internal_() on an OR conn "
1198 "Giving up on marked_for_close conn that's been flushing "
1199 "for 15s (fd %d, type %s, state %s).",
1205 } SMARTLIST_FOREACH_END(conn);
1208 #if defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN)
1222 static struct sockaddr_un *
1223 create_unix_sockaddr(
const char *listenaddress,
char **readable_address,
1226 struct sockaddr_un *sockaddr = NULL;
1228 sockaddr = tor_malloc_zero(
sizeof(
struct sockaddr_un));
1229 sockaddr->sun_family = AF_UNIX;
1230 if (strlcpy(sockaddr->sun_path, listenaddress,
sizeof(sockaddr->sun_path))
1231 >=
sizeof(sockaddr->sun_path)) {
1232 log_warn(
LD_CONFIG,
"Unix socket path '%s' is too long to fit.",
1238 if (readable_address)
1239 *readable_address = tor_strdup(listenaddress);
1241 *len_out =
sizeof(
struct sockaddr_un);
1245 static struct sockaddr *
1246 create_unix_sockaddr(
const char *listenaddress,
char **readable_address,
1249 (void)listenaddress;
1250 (void)readable_address;
1252 "Unix domain sockets not supported, yet we tried to create one.");
1261 warn_about_resource_exhaution(
void)
1263 #define WARN_TOO_MANY_CONNS_INTERVAL (6*60*60)
1264 static ratelim_t last_warned = RATELIM_INIT(WARN_TOO_MANY_CONNS_INTERVAL);
1268 log_warn(
LD_NET,
"Failing because we have %d connections already. Please "
1269 "read doc/TUNING for guidance.%s", n_conns, m);
1284 warn_about_resource_exhaution();
1295 warn_about_resource_exhaution();
1298 #ifdef HAVE_SYS_UN_H
1300 #define UNIX_SOCKET_PURPOSE_CONTROL_SOCKET 0
1301 #define UNIX_SOCKET_PURPOSE_SOCKS_SOCKET 1
1306 is_valid_unix_socket_purpose(
int purpose)
1311 case UNIX_SOCKET_PURPOSE_CONTROL_SOCKET:
1312 case UNIX_SOCKET_PURPOSE_SOCKS_SOCKET:
1322 unix_socket_purpose_to_string(
int purpose)
1324 const char *s =
"unknown-purpose socket";
1327 case UNIX_SOCKET_PURPOSE_CONTROL_SOCKET:
1328 s =
"control socket";
1330 case UNIX_SOCKET_PURPOSE_SOCKS_SOCKET:
1341 check_location_for_unix_socket(
const or_options_t *options,
const char *path,
1347 tor_assert(is_valid_unix_socket_purpose(purpose));
1349 p = tor_strdup(path);
1352 log_warn(
LD_GENERAL,
"Bad unix socket address '%s'. Tor does not support "
1353 "relative paths for unix sockets.", path);
1357 if (port->is_world_writable) {
1363 if (port->is_group_writable) {
1364 flags |= CPD_GROUP_OK;
1367 if (port->relax_dirmode_check) {
1368 flags |= CPD_RELAX_DIRMODE_CHECK;
1372 char *escpath, *escdir;
1375 log_warn(
LD_GENERAL,
"Before Tor can create a %s in %s, the directory "
1376 "%s needs to exist, and to be accessible only by the user%s "
1377 "account that is running Tor. (On some Unix systems, anybody "
1378 "who can list a socket can connect to it, so Tor is being "
1380 unix_socket_purpose_to_string(purpose), escpath, escdir,
1381 port->is_group_writable ?
" and group" :
"");
1410 if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (
void*) &one,
1411 (socklen_t)
sizeof(one)) == -1) {
1424 #ifdef SO_EXCLUSIVEADDRUSE
1431 if (setsockopt(sock, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, (
void*) &one,
1432 (socklen_t)
sizeof(one))) {
1455 if ((r = listen(fd, SOMAXCONN)) == 0) {
1457 log_warn(
LD_NET,
"Setting listen backlog to INT_MAX connections "
1458 "didn't work, but SOMAXCONN did. Lowering backlog limit.");
1476 int type,
const char *address,
1485 #if defined(HAVE_PWD_H) && defined(HAVE_SYS_UN_H)
1486 const struct passwd *pw = NULL;
1488 uint16_t usePort = 0, gotPort = 0;
1489 int start_reading = 0;
1497 if (listensockaddr->sa_family == AF_INET ||
1498 listensockaddr->sa_family == AF_INET6) {
1504 log_notice(
LD_NET,
"Opening %s on %s",
1508 is_stream ? SOCK_STREAM : SOCK_DGRAM,
1509 is_stream ? IPPROTO_TCP: IPPROTO_UDP);
1511 int e = tor_socket_errno(s);
1512 if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1520 log_warn(
LD_NET,
"Socket creation failed: %s",
1521 tor_socket_strerror(e));
1527 log_warn(
LD_NET,
"Error setting SO_REUSEADDR flag on %s: %s",
1529 tor_socket_strerror(errno));
1533 if (make_win32_socket_exclusive(s) < 0) {
1534 log_warn(
LD_NET,
"Error setting SO_EXCLUSIVEADDRUSE flag on %s: %s",
1536 tor_socket_strerror(errno));
1540 #if defined(USE_TRANSPARENT) && defined(IP_TRANSPARENT)
1544 if (setsockopt(s, SOL_IP, IP_TRANSPARENT, (
void*)&one,
1545 (socklen_t)
sizeof(one)) < 0) {
1546 const char *extra =
"";
1547 int e = tor_socket_errno(s);
1549 extra =
"TransTPROXY requires root privileges or similar"
1551 log_warn(
LD_NET,
"Error setting IP_TRANSPARENT flag: %s.%s",
1552 tor_socket_strerror(e), extra);
1558 if (listensockaddr->sa_family == AF_INET6) {
1562 if (setsockopt(s,IPPROTO_IPV6, IPV6_V6ONLY,
1563 (
void*)&one, (socklen_t)
sizeof(one)) < 0) {
1564 int e = tor_socket_errno(s);
1565 log_warn(
LD_NET,
"Error setting IPV6_V6ONLY flag: %s",
1566 tor_socket_strerror(e));
1572 if (bind(s,listensockaddr,socklen) < 0) {
1573 const char *helpfulhint =
"";
1574 int e = tor_socket_errno(s);
1575 if (ERRNO_IS_EADDRINUSE(e)) {
1576 helpfulhint =
". Is Tor already running?";
1580 log_warn(
LD_NET,
"Could not bind to %s:%u: %s%s", address, usePort,
1581 tor_socket_strerror(e), helpfulhint);
1586 if (tor_listen(s) < 0) {
1587 log_warn(
LD_NET,
"Could not listen on %s:%u: %s", address, usePort,
1588 tor_socket_strerror(tor_socket_errno(s)));
1597 struct sockaddr_storage ss;
1598 socklen_t ss_len=
sizeof(ss);
1599 if (getsockname(s, (
struct sockaddr*)&ss, &ss_len)<0) {
1600 log_warn(
LD_NET,
"getsockname() couldn't learn address for %s: %s",
1602 tor_socket_strerror(tor_socket_errno(s)));
1607 #ifdef HAVE_SYS_UN_H
1611 }
else if (listensockaddr->sa_family == AF_UNIX) {
1617 if (check_location_for_unix_socket(options, address,
1619 UNIX_SOCKET_PURPOSE_CONTROL_SOCKET :
1620 UNIX_SOCKET_PURPOSE_SOCKS_SOCKET, port_cfg) < 0) {
1624 log_notice(
LD_NET,
"Opening %s on %s",
1629 if (unlink(address) < 0 && errno != ENOENT) {
1630 log_warn(
LD_NET,
"Could not unlink %s: %s", address,
1637 int e = tor_socket_errno(s);
1638 if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1646 log_warn(
LD_NET,
"Socket creation failed: %s.", strerror(e));
1651 if (bind(s, listensockaddr,
1652 (socklen_t)
sizeof(
struct sockaddr_un)) == -1) {
1653 log_warn(
LD_NET,
"Bind to %s failed: %s.", address,
1654 tor_socket_strerror(tor_socket_errno(s)));
1659 if (options->
User) {
1663 log_warn(
LD_NET,
"Unable to chown() %s socket: user %s not found.",
1664 address, options->
User);
1666 }
else if (fstat(s, &st) == 0 &&
1667 st.st_uid == pw->pw_uid && st.st_gid == pw->pw_gid) {
1670 pw->pw_uid, pw->pw_gid) < 0) {
1671 log_warn(
LD_NET,
"Unable to chown() %s socket: %s.",
1672 address, strerror(errno));
1682 if (port_cfg->is_world_writable) {
1684 status =
"world-writable";
1685 }
else if (port_cfg->is_group_writable) {
1687 status =
"group-writable";
1694 if (fstat(s, &st) == 0 && (st.st_mode & 0777) == mode) {
1697 log_warn(
LD_FS,
"Unable to make %s %s.", address, status);
1702 if (listen(s, SOMAXCONN) < 0) {
1703 log_warn(
LD_NET,
"Could not listen on %s: %s", address,
1704 tor_socket_strerror(tor_socket_errno(s)));
1711 socklen_t len =
sizeof(value);
1713 if (!getsockopt(s, SOL_SOCKET, SO_ACCEPTCONN, &value, &len)) {
1715 log_err(
LD_NET,
"Could not listen on %s - "
1716 "getsockopt(.,SO_ACCEPTCONN,.) yields 0.", address);
1723 log_err(
LD_BUG,
"Got unexpected address family %d.",
1724 listensockaddr->sa_family);
1733 conn->
address = tor_strdup(address);
1734 conn->
port = gotPort;
1750 lis_conn->entry_cfg.
session_group = global_next_session_group--;
1754 if (connection_add(conn) < 0) {
1755 log_warn(
LD_NET,
"connection_add for listener failed. Giving up.");
1760 "%s listening on port %u.",
1764 if (start_reading) {
1785 connection_free(conn);
1801 int *defer,
int *addr_in_use)
1804 struct sockaddr *listensockaddr;
1805 socklen_t listensocklen = 0;
1813 if (port->server_cfg.no_listen) {
1824 strcmp(options->
User,
"root")) {
1832 listensockaddr = (
struct sockaddr *)
1834 &address, &listensocklen);
1836 listensockaddr = tor_malloc(
sizeof(
struct sockaddr_storage));
1840 sizeof(
struct sockaddr_storage));
1844 if (listensockaddr) {
1846 port->
type, address, port,
1869 if (sa->sa_family == AF_INET) {
1870 struct sockaddr_in *sin=(
struct sockaddr_in*)sa;
1871 if (len !=
sizeof(
struct sockaddr_in)) {
1872 log_fn(level,
LD_NET,
"Length of address not as expected: %d vs %d",
1873 len,(
int)
sizeof(
struct sockaddr_in));
1876 if (sin->sin_addr.s_addr == 0 || sin->sin_port == 0) {
1878 "Address for new connection has address/port equal to zero.");
1881 }
else if (sa->sa_family == AF_INET6) {
1884 log_fn(level,
LD_NET,
"Length of address not as expected: %d vs %d",
1889 sin6->sin6_port == 0) {
1891 "Address for new connection has address/port equal to zero.");
1894 }
else if (sa->sa_family == AF_UNIX) {
1911 log_info(
LD_BUG,
"A listener connection returned a socket with a "
1912 "mismatched family. %s for addr_family %d gave us a socket "
1913 "with address family %d. Dropping.",
1931 struct sockaddr_storage addrbuf;
1932 struct sockaddr *remote = (
struct sockaddr*)&addrbuf;
1934 socklen_t remotelen = (socklen_t)
sizeof(addrbuf);
1937 tor_assert((
size_t)remotelen >=
sizeof(
struct sockaddr_in));
1938 memset(&addrbuf, 0,
sizeof(addrbuf));
1942 int e = tor_socket_errno(conn->
s);
1943 if (ERRNO_IS_ACCEPT_EAGAIN(e)) {
1951 }
else if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1958 log_warn(
LD_NET,
"accept() failed: %s. Closing listener.",
1959 tor_socket_strerror(e));
1960 connection_mark_for_close(conn);
1966 "Connection accepted on socket %d (child of fd %d).",
1967 (
int)news,(
int)conn->
s);
1973 if (tor_socket_errno(news) == EINVAL) {
1975 log_debug(
LD_NET,
"make_socket_reuseable returned EINVAL");
1977 log_warn(
LD_NET,
"Error setting SO_REUSEADDR flag on %s: %s",
1979 tor_socket_strerror(errno));
1999 "accept() returned a strange address; closing connection.");
2011 "Denying socks connection from untrusted address %s.",
2021 log_notice(
LD_DIRSERV,
"Denying dir connection from address %s.",
2031 if (dos_conn_addr_get_defense_type(&addr) == DOS_CONN_DEFENSE_CLOSE) {
2047 newconn->
port = port;
2052 log_info(
LD_NET,
"New SOCKS connection opened from %s.",
2056 log_info(
LD_NET,
"New SOCKS AF_UNIX connection opened");
2059 log_notice(
LD_CONTROL,
"New control connection opened from %s.",
2063 log_info(
LD_CONTROL,
"New metrics connection opened from %s.",
2070 log_notice(
LD_CONTROL,
"New control connection opened.");
2086 if (connection_add(newconn) < 0) {
2087 connection_free(newconn);
2093 connection_mark_for_close(newconn);
2119 switch (conn->
type) {
2132 memcpy(&
TO_ENTRY_CONN(conn)->entry_cfg, &listener->entry_cfg,
2140 switch (
TO_CONN(listener)->type) {
2180 const struct sockaddr *sa,
2182 const struct sockaddr *bindaddr,
2183 socklen_t bindaddr_len,
2201 static ratelim_t disablenet_violated = RATELIM_INIT(30*60);
2202 *socket_error = SOCK_ERRNO(ENETUNREACH);
2204 "Tried to open a socket with DisableNetwork set.");
2209 const int protocol_family = sa->sa_family;
2210 const int proto = (sa->sa_family == AF_INET6 ||
2211 sa->sa_family == AF_INET) ? IPPROTO_TCP : 0;
2219 *socket_error = tor_socket_errno(s);
2220 if (ERRNO_IS_RESOURCE_LIMIT(*socket_error)) {
2224 log_warn(
LD_NET,
"Error creating network socket: %s",
2225 tor_socket_strerror(*socket_error));
2232 log_warn(
LD_NET,
"Error setting SO_REUSEADDR flag on new connection: %s",
2233 tor_socket_strerror(errno));
2243 #ifdef IP_BIND_ADDRESS_NO_PORT
2244 static int try_ip_bind_address_no_port = 1;
2245 if (bindaddr && try_ip_bind_address_no_port &&
2246 setsockopt(s, SOL_IP, IP_BIND_ADDRESS_NO_PORT, &(
int){1},
sizeof(int))) {
2247 if (errno == EINVAL) {
2248 log_notice(
LD_NET,
"Tor was built with support for "
2249 "IP_BIND_ADDRESS_NO_PORT, but the current kernel "
2250 "doesn't support it. This might cause Tor to run out "
2251 "of ephemeral ports more quickly.");
2252 try_ip_bind_address_no_port = 0;
2254 log_warn(
LD_NET,
"Error setting IP_BIND_ADDRESS_NO_PORT on new "
2255 "connection: %s", tor_socket_strerror(errno));
2260 if (bindaddr && bind(s, bindaddr, bindaddr_len) < 0) {
2261 *socket_error = tor_socket_errno(s);
2262 if (ERRNO_IS_EADDRINUSE(*socket_error)) {
2266 log_warn(
LD_NET,
"Error binding network socket: %s",
2267 tor_socket_strerror(*socket_error));
2285 if (connect(s, sa, sa_len) < 0) {
2286 int e = tor_socket_errno(s);
2287 if (!ERRNO_IS_CONN_EINPROGRESS(e)) {
2291 "connect() to socket failed: %s",
2292 tor_socket_strerror(e));
2304 "Connection to socket %s (sock "TOR_SOCKET_T_FORMAT
").",
2305 inprogress ?
"in progress" :
"established", s);
2307 if (connection_add_connecting(conn) < 0) {
2309 *socket_error = SOCK_ERRNO(ENOBUFS);
2313 return inprogress ? 0 : 1;
2320 connection_connect_log_client_use_ip_version(
const connection_t *conn)
2346 static int logged_backtrace = 0;
2347 log_info(
LD_BUG,
"Outgoing %s connection to %s violated ClientUseIPv%s 0.",
2351 if (!logged_backtrace) {
2353 logged_backtrace = 1;
2365 log_info(
LD_NET,
"Our outgoing connection is using IPv%d.",
2372 log_info(
LD_NET,
"Outgoing connection to %s doesn't satisfy "
2373 "ClientPreferIPv6%sPort %d, with ClientUseIPv4 %d, and "
2374 "reachable_addr_use_ipv6 %d (ClientUseIPv6 %d and UseBridges "
2448 const tor_addr_t *addr, uint16_t port,
int *socket_error)
2450 struct sockaddr_storage addrbuf;
2451 struct sockaddr_storage bind_addr_ss;
2452 struct sockaddr *bind_addr = NULL;
2453 struct sockaddr *dest_addr;
2454 int dest_addr_len, bind_addr_len = 0;
2458 connection_connect_log_client_use_ip_version(conn);
2465 memset(&bind_addr_ss, 0,
sizeof(bind_addr_ss));
2467 (
struct sockaddr *) &bind_addr_ss,
2468 sizeof(bind_addr_ss));
2469 if (bind_addr_len == 0) {
2471 "Error converting OutboundBindAddress %s into sockaddr. "
2474 bind_addr = (
struct sockaddr *)&bind_addr_ss;
2479 memset(&addrbuf,0,
sizeof(addrbuf));
2480 dest_addr = (
struct sockaddr*) &addrbuf;
2484 log_debug(
LD_NET,
"Connecting to %s:%u.",
2488 bind_addr, bind_addr_len, socket_error);
2491 #ifdef HAVE_SYS_UN_H
2501 connection_connect_unix(
connection_t *conn,
const char *socket_path,
2504 struct sockaddr_un dest_addr;
2509 if (strlen(socket_path) + 1 >
sizeof(dest_addr.sun_path)) {
2511 "Path %s is too long for an AF_UNIX socket\n",
2513 *socket_error = SOCK_ERRNO(ENAMETOOLONG);
2517 memset(&dest_addr, 0,
sizeof(dest_addr));
2518 dest_addr.sun_family = AF_UNIX;
2519 strlcpy(dest_addr.sun_path, socket_path,
sizeof(dest_addr.sun_path));
2522 "Connecting to AF_UNIX socket at %s.",
2526 (
struct sockaddr *)&dest_addr,
sizeof(dest_addr),
2527 NULL, 0, socket_error);
2537 static const char *unknown =
"???";
2538 static const char *states[] = {
2541 "PROXY_HTTPS_WANT_CONNECT_OK",
2542 "PROXY_SOCKS4_WANT_CONNECT_OK",
2543 "PROXY_SOCKS5_WANT_AUTH_METHOD_NONE",
2544 "PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929",
2545 "PROXY_SOCKS5_WANT_AUTH_RFC1929_OK",
2546 "PROXY_SOCKS5_WANT_CONNECT_OK",
2547 "PROXY_HAPROXY_WAIT_FOR_FLUSH",
2553 if (state < PROXY_NONE || state > PROXY_CONNECTED)
2556 return states[state];
2574 if (r == 0 && transport)
2575 return PROXY_PLUGGABLE;
2580 return PROXY_CONNECT;
2582 return PROXY_SOCKS4;
2584 return PROXY_SOCKS5;
2588 return PROXY_HAPROXY;
2596 #define SOCKS4_STANDARD_BUFFER_SIZE (1 + 1 + 2 + 4 + 1)
2612 char *base64_authenticator = NULL;
2618 if (authenticator) {
2620 if (!base64_authenticator)
2621 log_warn(
LD_OR,
"Encoding https authenticator failed");
2624 if (base64_authenticator) {
2626 tor_snprintf(buf,
sizeof(buf),
"CONNECT %s HTTP/1.1\r\n"
2628 "Proxy-Authorization: Basic %s\r\n\r\n",
2631 base64_authenticator);
2634 tor_snprintf(buf,
sizeof(buf),
"CONNECT %s HTTP/1.0\r\n\r\n",
2638 connection_buf_add(buf, strlen(buf), conn);
2657 size_t buf_size = 0;
2658 char *socks_args_string = NULL;
2663 log_warn(
LD_NET,
"SOCKS4 client is incompatible with IPv6");
2675 if (socks_args_string)
2676 log_debug(
LD_NET,
"Sending out '%s' as our SOCKS argument string.",
2683 buf_size = SOCKS4_STANDARD_BUFFER_SIZE;
2687 if (socks_args_string)
2688 buf_size += strlen(socks_args_string);
2691 buf = tor_malloc_zero(buf_size);
2694 portn = htons(conn->
port);
2698 memcpy(buf + 2, &portn, 2);
2699 memcpy(buf + 4, &ip4addr, 4);
2704 if (socks_args_string) {
2707 SOCKS4_STANDARD_BUFFER_SIZE + strlen(socks_args_string));
2708 strlcpy((
char *)buf + 8, socks_args_string, buf_size - 8);
2714 connection_buf_add((
char *)buf, buf_size, conn);
2734 unsigned char buf[4];
2750 conn->
proxy_state = PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929;
2754 conn->
proxy_state = PROXY_SOCKS5_WANT_AUTH_METHOD_NONE;
2757 connection_buf_add((
char *)buf, 2 + buf[1], conn);
2771 char *buf = haproxy_format_proxy_header_line(addr_port);
2778 connection_buf_add(buf, strlen(buf), conn);
2825 log_err(
LD_BUG,
"Invalid proxy protocol, %d", type);
2832 log_debug(
LD_NET,
"set state %s",
2853 NULL, NULL, 10000, 0)) {
2856 "Your https proxy sent back an oversized response. Closing.");
2859 log_info(
LD_NET,
"https proxy response not all here yet. Waiting.");
2865 NULL, &reason) < 0) {
2867 "Unparseable headers from proxy (%s). Closing.",
2873 if (!reason) reason = tor_strdup(
"[no reason given]");
2875 if (status_code == 200) {
2877 "HTTPS connect for %s successful! (200 %s) Starting TLS.",
2883 switch (status_code) {
2886 "The https proxy refused to allow connection to %s "
2887 "(status code %d, %s). Closing.",
2892 "The https proxy sent back an unexpected status code %d (%s). "
2894 status_code,
escaped(reason));
2907 unsigned char buf[1024];
2909 uint16_t port = htons(conn->
port);
2920 memcpy(buf + 4, &addr, 4);
2921 memcpy(buf + 8, &port, 2);
2926 memcpy(buf + 20, &port, 2);
2929 connection_buf_add((
char *)buf, reqsize, conn);
2938 int state,
char **reason)
2957 char *reason = NULL;
2959 log_debug(
LD_NET,
"enter state %s",
2963 case PROXY_HTTPS_WANT_CONNECT_OK:
2969 case PROXY_SOCKS4_WANT_CONNECT_OK:
2977 case PROXY_SOCKS5_WANT_AUTH_METHOD_NONE:
2988 case PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929:
2997 }
else if (ret == 2) {
2998 unsigned char buf[1024];
2999 size_t reqsize, usize, psize;
3000 const char *user, *pass;
3001 char *socks_args_string = NULL;
3006 if (!socks_args_string) {
3007 log_warn(
LD_NET,
"Could not create SOCKS args string for PT.");
3012 log_debug(
LD_NET,
"PT SOCKS5 arguments: %s", socks_args_string);
3017 user = socks_args_string;
3022 user = socks_args_string;
3023 usize = strlen(socks_args_string);
3031 usize = strlen(user);
3032 psize = strlen(pass);
3034 log_err(
LD_BUG,
"We entered %s for no reason!", __func__);
3044 reqsize = 3 + usize + psize;
3048 memcpy(buf + 2, user, usize);
3049 buf[2 + usize] = psize;
3050 memcpy(buf + 3 + usize, pass, psize);
3052 if (socks_args_string)
3055 connection_buf_add((
char *)buf, reqsize, conn);
3057 conn->
proxy_state = PROXY_SOCKS5_WANT_AUTH_RFC1929_OK;
3062 case PROXY_SOCKS5_WANT_AUTH_RFC1929_OK:
3073 case PROXY_SOCKS5_WANT_CONNECT_OK:
3082 log_err(
LD_BUG,
"Invalid proxy_state for reading, %d",
3089 log_debug(
LD_NET,
"leaving state %s",
3094 log_warn(
LD_NET,
"Proxy Client: unable to connect %s (%s)",
3098 log_warn(
LD_NET,
"Proxy Client: unable to connect %s",
3101 }
else if (ret == 1) {
3102 log_info(
LD_NET,
"Proxy Client: %s successful",
3130 int control_listeners_only)
3132 #ifndef ENABLE_LISTENER_REBIND
3139 if (control_listeners_only) {
3160 if (conn->
type != wanted->type)
3162 if ((conn->
socket_family != AF_UNIX && wanted->is_unix_addr) ||
3166 if (wanted->server_cfg.no_listen)
3169 if (wanted->is_unix_addr) {
3171 !strcmp(wanted->unix_addr, conn->
address)) {
3172 found_port = wanted;
3177 const int port_matches_exact = (wanted->port == conn->
port);
3182 port_matches_exact);
3185 found_port = wanted;
3188 #ifdef ENABLE_LISTENER_REBIND
3198 const int may_need_rebind =
3202 if (replacements && may_need_rebind) {
3206 replacement->old_conn = conn;
3207 replacement->new_port = wanted;
3216 } SMARTLIST_FOREACH_END(wanted);
3226 } SMARTLIST_FOREACH_END(conn);
3233 if (conn && new_conns)
3237 } SMARTLIST_FOREACH_END(port);
3239 smartlist_free(launch);
3261 const uint16_t old_or_port_ipv6 =
3268 } SMARTLIST_FOREACH_END(conn);
3274 close_all_noncontrol) < 0)
3277 #ifdef ENABLE_LISTENER_REBIND
3278 if (smartlist_len(replacements))
3279 log_debug(
LD_NET,
"%d replacements - starting rebinding loop.",
3280 smartlist_len(replacements));
3283 int addr_in_use = 0;
3294 log_debug(
LD_NET,
"Skipping creating new listener for %s",
3300 connection_mark_for_close(old_conn);
3304 &skip, &addr_in_use);
3310 log_warn(
LD_NET,
"Unable to create listener port: %s:%d",
3319 log_notice(
LD_NET,
"Closed no-longer-configured %s "
3323 } SMARTLIST_FOREACH_END(r);
3329 log_notice(
LD_NET,
"Closing no-longer-configured %s on %s:%d",
3333 connection_mark_for_close(conn);
3334 } SMARTLIST_FOREACH_END(conn);
3336 smartlist_free(listeners);
3339 smartlist_free(replacements);
3364 connection_mark_for_close(conn);
3365 } SMARTLIST_FOREACH_END(conn);
3375 switch (conn->
type) {
3381 END_STREAM_REASON_HIBERNATING);
3393 connection_mark_for_close(conn);
3398 connection_mark_for_close(conn);
3401 } SMARTLIST_FOREACH_END(conn);
3420 tor_addr_is_internal(&conn->
addr, 0)))
3433 #define CLIENT_IDLE_TIME_FOR_PRIORITY 30
3458 ssize_t global_bucket_val, ssize_t conn_bucket)
3461 ssize_t num_bytes_high = (priority ? 32 : 16) * base;
3462 ssize_t num_bytes_low = (priority ? 4 : 2) * base;
3467 at_most = global_bucket_val / 8;
3468 at_most -= (at_most % base);
3469 if (at_most > num_bytes_high)
3470 at_most = num_bytes_high;
3471 else if (at_most < num_bytes_low)
3472 at_most = num_bytes_low;
3474 if (at_most > global_bucket_val)
3475 at_most = global_bucket_val;
3477 if (conn_bucket >= 0 && at_most > conn_bucket)
3478 at_most = conn_bucket;
3491 ssize_t conn_bucket = -1;
3492 size_t global_bucket_val = token_bucket_rw_get_read(&global_bucket);
3493 if (global_bucket_val == 0) {
3504 if (connection_speaks_cells(conn)) {
3507 conn_bucket = token_bucket_rw_get_read(&or_conn->
bucket);
3508 base = get_cell_network_size(or_conn->wide_circ_ids);
3516 conn_bucket = token_bucket_rw_get_read(&edge_conn->
bucket);
3526 return conn_bucket>=0 ? conn_bucket : 1<<14;
3530 size_t relayed = token_bucket_rw_get_read(&global_relayed_bucket);
3531 global_bucket_val = MIN(global_bucket_val, relayed);
3536 global_bucket_val, conn_bucket);
3546 size_t global_bucket_val = token_bucket_rw_get_write(&global_bucket);
3547 if (global_bucket_val == 0) {
3558 if (connection_speaks_cells(conn)) {
3562 conn_bucket = MIN(conn_bucket,
3563 token_bucket_rw_get_write(&or_conn->
bucket));
3564 base = get_cell_network_size(or_conn->wide_circ_ids);
3568 size_t relayed = token_bucket_rw_get_write(&global_relayed_bucket);
3569 global_bucket_val = MIN(global_bucket_val, relayed);
3573 global_bucket_val, conn_bucket);
3598 size_t smaller_bucket =
3599 MIN(token_bucket_rw_get_write(&global_bucket),
3600 token_bucket_rw_get_write(&global_relayed_bucket));
3620 if (smaller_bucket < attempt)
3640 time_t now,
size_t num_read,
size_t num_written)
3646 if (num_written > 0)
3665 num_written, now, is_ipv6);
3670 if (num_written > 0) {
3695 size_t num_read,
size_t num_written)
3697 if (num_written >= INT_MAX || num_read >= INT_MAX) {
3698 log_err(
LD_BUG,
"Value out of range. num_read=%lu, num_written=%lu, "
3699 "connection type=%s, state=%s",
3700 (
unsigned long)num_read, (
unsigned long)num_written,
3704 if (num_written >= INT_MAX)
3706 if (num_read >= INT_MAX)
3728 if (flags & TB_WRITE) {
3776 token_bucket_rw_get_read(&
TO_EDGE_CONN(conn)->bucket) <= 0) {
3777 reason =
"edge connection read bucket exhausted. Pausing.";
3781 }
else if (token_bucket_rw_get_read(&global_bucket) <= 0) {
3782 reason =
"global read bucket exhausted. Pausing.";
3784 token_bucket_rw_get_read(&global_relayed_bucket) <= 0) {
3785 reason =
"global relayed read bucket exhausted. Pausing.";
3786 }
else if (connection_speaks_cells(conn) &&
3788 token_bucket_rw_get_read(&
TO_OR_CONN(conn)->bucket) <= 0) {
3789 reason =
"connection read bucket exhausted. Pausing.";
3809 bool is_global =
true;
3810 if (token_bucket_rw_get_write(&global_bucket) <= 0) {
3811 reason =
"global write bucket exhausted. Pausing.";
3813 token_bucket_rw_get_write(&global_relayed_bucket) <= 0) {
3814 reason =
"global relayed write bucket exhausted. Pausing.";
3815 }
else if (connection_speaks_cells(conn) &&
3817 token_bucket_rw_get_write(&
TO_OR_CONN(conn)->bucket) <= 0) {
3818 reason =
"connection write bucket exhausted. Pausing.";
3934 } SMARTLIST_FOREACH_END(conn);
3986 ssize_t max_to_read=-1, try_to_read;
3987 size_t before, n_read = 0;
3988 int socket_error = 0;
3997 switch (conn->
type) {
4020 try_to_read = max_to_read;
4030 END_OR_CONN_REASON_CONNRESET,
4032 tor_socket_strerror(socket_error) :
4033 "(unknown, errno was 0)");
4048 connection_mark_for_close_internal(conn);
4052 if (
CONN_IS_EDGE(conn) && try_to_read != max_to_read) {
4082 connection_mark_for_close(linked);
4124 ssize_t at_most = *max_to_read;
4125 size_t slack_in_buf, more_to_read;
4126 size_t n_read = 0, n_written = 0;
4128 if (at_most == -1) {
4135 if (at_most > maximum) {
4141 if ((
size_t)at_most > slack_in_buf && slack_in_buf >= 1024) {
4142 more_to_read = at_most - slack_in_buf;
4143 at_most = slack_in_buf;
4148 if (connection_speaks_cells(conn) &&
4152 size_t initial_size;
4160 "%d: starting, inbuf_datalen %ld (%d pending in tls object)."
4168 if (TOR_TLS_IS_ERROR(result) || result == TOR_TLS_CLOSE)
4175 case TOR_TLS_ERROR_IO:
4176 log_debug(
LD_NET,
"TLS %s closed %son read. Closing.",
4178 result == TOR_TLS_CLOSE ?
"cleanly " :
"");
4181 log_debug(
LD_NET,
"tls error [%s] from %s. Breaking.",
4185 case TOR_TLS_WANTWRITE:
4188 case TOR_TLS_WANTREAD:
4214 log_warn(
LD_BUG,
"apparently, reading pending bytes can fail.");
4220 log_debug(
LD_GENERAL,
"After TLS read of %d: %ld read, %ld written",
4221 result, (
long)n_read, (
long)n_written);
4222 }
else if (conn->
linked) {
4236 n_read = (
size_t) result;
4239 int reached_eof = 0;
4252 n_read = (size_t) result;
4257 *max_to_read = at_most - n_read;
4272 if (PREDICT_LIKELY(UINT32_MAX - edge_conn->
n_read > n_read))
4273 edge_conn->
n_read += (int)n_read;
4275 edge_conn->
n_read = UINT32_MAX;
4293 if (more_to_read && result == at_most) {
4295 at_most = more_to_read;
4328 char **headers_out,
size_t max_headerlen,
4329 char **body_out,
size_t *body_used,
4330 size_t max_bodylen,
int force_complete)
4333 body_out, body_used, max_bodylen, force_complete);
4340 return connection_get_outbuf_len(conn) > 0;
4366 static int isVistaOr7 = -1;
4367 if (isVistaOr7 == -1) {
4369 OSVERSIONINFO osvi = { 0 };
4370 osvi.dwOSVersionInfoSize =
sizeof(OSVERSIONINFO);
4371 GetVersionEx(&osvi);
4372 if (osvi.dwMajorVersion == 6 && osvi.dwMinorVersion < 2)
4380 DWORD bytesReturned = 0;
4381 if (!WSAIoctl(sock, SIO_IDEAL_SEND_BACKLOG_QUERY, NULL, 0,
4382 &isb,
sizeof(isb), &bytesReturned, NULL, NULL)) {
4383 setsockopt(sock, SOL_SOCKET, SO_SNDBUF, (
const char*)&isb,
sizeof(isb));
4412 socklen_t len=(socklen_t)
sizeof(e);
4414 ssize_t max_to_write;
4416 size_t n_read = 0, n_written = 0;
4417 int dont_stop_writing = 0;
4425 log_warn(
LD_BUG,
"called recursively from inside conn->in_flushed_some");
4435 if (getsockopt(conn->
s, SOL_SOCKET, SO_ERROR, (
void*)&e, &len) < 0) {
4436 log_warn(
LD_BUG,
"getsockopt() syscall failed");
4444 connection_mark_for_close(conn);
4450 if (!ERRNO_IS_CONN_EINPROGRESS(e)) {
4451 log_info(
LD_NET,
"in-progress connect failed. Removing. (%s)",
4452 tor_socket_strerror(e));
4458 tor_socket_strerror(e));
4465 connection_mark_for_close_internal(conn);
4479 if (connection_speaks_cells(conn) &&
4482 size_t initial_size;
4489 END_OR_CONN_REASON_MISC,
4490 "TLS error in connection_tls_"
4491 "continue_handshake()");
4497 connection_mark_for_close_internal(conn);
4502 return connection_handle_read(conn);
4523 log_info(
LD_NET, result != TOR_TLS_CLOSE ?
4524 "tls error. breaking.":
"TLS connection closed on flush");
4527 END_OR_CONN_REASON_MISC,
4528 result != TOR_TLS_CLOSE ?
4529 "TLS error in during flush" :
4530 "TLS closed during flush");
4536 connection_mark_for_close_internal(conn);
4538 case TOR_TLS_WANTWRITE:
4539 log_debug(
LD_NET,
"wanted write.");
4541 dont_stop_writing = 1;
4543 case TOR_TLS_WANTREAD:
4545 log_debug(
LD_NET,
"wanted read.");
4561 log_debug(
LD_GENERAL,
"After TLS write of %d: %ld read, %ld written",
4562 result, (
long)n_read, (
long)n_written);
4563 or_conn->bytes_xmitted += result;
4564 or_conn->bytes_xmitted_by_tls += n_written;
4584 connection_mark_for_close(conn);
4588 n_written = (size_t) result;
4595 if (PREDICT_LIKELY(UINT32_MAX - edge_conn->
n_written > n_written))
4619 if (connection_speaks_cells(conn)) {
4621 END_OR_CONN_REASON_MISC,
4622 "Got error back from "
4623 "connection_flushed_some()");
4630 connection_mark_for_close_internal(conn);
4635 !dont_stop_writing) {
4690 return connection_handle_write(conn, 1);
4720 "write_to_buf failed. Closing circuit (fd %d).", (
int)conn->
s);
4722 END_CIRC_REASON_INTERNAL);
4726 "write_to_buf failed on an orconn; notifying of error "
4727 "(fd %d)", (
int)(conn->
s));
4731 "write_to_buf failed. Closing connection (fd %d).",
4733 connection_mark_for_close(conn);
4768 if (!len && !(zlib<0))
4776 int done = zlib < 0;
4779 string, len, done));
4800 connection_buf_add_compress(
string, len, dir_conn, done);
4804 connection_buf_add(
string, len,
TO_CONN(dir_conn));
4808 connection_buf_add_compress(
const char *
string,
size_t len,
4835 #define CONN_GET_ALL_TEMPLATE(var, test) \
4837 smartlist_t *conns = get_connection_array(); \
4838 smartlist_t *ret_conns = smartlist_new(); \
4839 SMARTLIST_FOREACH_BEGIN(conns, connection_t *, var) { \
4840 if (var && (test) && !var->marked_for_close) \
4841 smartlist_add(ret_conns, var); \
4842 } SMARTLIST_FOREACH_END(var); \
4851 connection_list_by_type_state(
int type,
int state)
4853 CONN_GET_ALL_TEMPLATE(conn, (conn->type == type && conn->state == state));
4861 connection_list_by_type_purpose(
int type,
int purpose)
4863 CONN_GET_ALL_TEMPLATE(conn,
4864 (conn->type == type && conn->purpose == purpose));
4869 #define CONN_GET_TEMPLATE(var, test) \
4871 smartlist_t *conns = get_connection_array(); \
4872 SMARTLIST_FOREACH(conns, connection_t *, var, \
4874 if (var && (test) && !var->marked_for_close) \
4889 (conn->type == type &&
4891 conn->port == port &&
4892 conn->purpose == purpose));
4935 #define DIR_CONN_LIST_TEMPLATE(conn_var, conn_test, \
4936 dirconn_var, dirconn_test) \
4938 smartlist_t *conns = get_connection_array(); \
4939 smartlist_t *dir_conns = smartlist_new(); \
4940 SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn_var) { \
4941 if (conn_var && (conn_test) \
4942 && conn_var->type == CONN_TYPE_DIR \
4943 && !conn_var->marked_for_close) { \
4944 dir_connection_t *dirconn_var = TO_DIR_CONN(conn_var); \
4945 if (dirconn_var && (dirconn_test)) { \
4946 smartlist_add(dir_conns, dirconn_var); \
4949 } SMARTLIST_FOREACH_END(conn_var); \
4962 const char *resource)
4965 conn->purpose == purpose,
4968 dirconn->requested_resource));
4980 const char *resource,
4984 conn->purpose == purpose && conn->state == state,
4987 dirconn->requested_resource));
4990 #undef DIR_CONN_LIST_TEMPLATE
5013 log_debug(
LD_DIR,
"%s: Found an OR connection: %s",
5021 #undef CONN_GET_TEMPLATE
5092 const size_t authenticator_length = strlen(authenticator);
5093 const size_t base64_authenticator_length =
5095 char *base64_authenticator = tor_malloc(base64_authenticator_length);
5096 if (
base64_encode(base64_authenticator, base64_authenticator_length,
5097 authenticator, authenticator_length, 0) < 0) {
5100 return base64_authenticator;
5119 int e = tor_socket_errno(sock);
5120 log_warn(
LD_NET,
"getsockname() to check for address change failed: %s",
5121 tor_socket_strerror(e));
5126 if (family == AF_INET)
5128 else if (family == AF_INET6)
5129 last_interface_ip_ptr = &last_interface_ipv6;
5133 if (! *last_interface_ip_ptr) {
5136 *last_interface_ip_ptr = a;
5153 if (
tor_addr_eq(&iface_addr, *last_interface_ip_ptr)) {
5159 log_notice(
LD_NET,
"Our IP address has changed. Rotating keys...");
5181 void *sz = (
void*)&size;
5182 socklen_t sz_sz = (socklen_t)
sizeof(size);
5183 if (setsockopt(sock, SOL_SOCKET, SO_SNDBUF, sz, sz_sz) < 0) {
5184 int e = tor_socket_errno(sock);
5185 log_warn(
LD_NET,
"setsockopt() to constrain send "
5186 "buffer to %d bytes failed: %s", size, tor_socket_strerror(e));
5188 if (setsockopt(sock, SOL_SOCKET, SO_RCVBUF, sz, sz_sz) < 0) {
5189 int e = tor_socket_errno(sock);
5190 log_warn(
LD_NET,
"setsockopt() to constrain recv "
5191 "buffer to %d bytes failed: %s", size, tor_socket_strerror(e));
5206 switch (conn->
type) {
5222 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5237 r = connection_dirserv_flushed_some(
TO_DIR_CONN(conn));
5267 switch (conn->
type) {
5282 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5315 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5325 switch (conn->
type) {
5339 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5349 int a_circs, b_circs;
5355 if (a_circs < b_circs)
return 1;
5356 else if (a_circs > b_circs)
return -1;
5400 int conn_counts_by_type[CONN_TYPE_MAX_ + 1], i;
5426 memset(conn_counts_by_type, 0,
sizeof(conn_counts_by_type));
5430 ++(conn_counts_by_type[c->type]);
5451 } SMARTLIST_FOREACH_END(c);
5454 if (smartlist_len(conns) > 0) {
5456 log_info(
LD_NET,
"Some stats on conn types seen during OOS follow");
5457 for (i = CONN_TYPE_MIN_; i <= CONN_TYPE_MAX_; ++i) {
5459 if (conn_counts_by_type[i] > 0) {
5460 log_info(
LD_NET,
"%s: %d conns",
5462 conn_counts_by_type[i]);
5465 log_info(
LD_NET,
"Done with OOS conn type stats");
5469 if (smartlist_len(eligible) > n) {
5474 for (i = 0; i < n; ++i) {
5478 smartlist_free(eligible);
5498 connection_mark_for_close(c);
5500 } SMARTLIST_FOREACH_END(c);
5503 "OOS handler marked %d connections",
5504 smartlist_len(conns));
5529 int target_n_socks = 0, moribund_socks, socks_to_kill;
5545 "Running the OOS handler (%d open sockets, %s)",
5546 n_socks, (failed != 0) ?
"exhaustion seen" :
"no exhaustion");
5554 if (n_socks >=
get_options()->ConnLimit_high_thresh &&
5560 "Current number of sockets %d is greater than configured "
5561 "limit %d; OOS handler trying to get down to %d",
5564 }
else if (failed) {
5570 target_n_socks = (n_socks * 9) / 10;
5572 "We saw socket exhaustion at %d open sockets; OOS handler "
5573 "trying to get down to %d",
5574 n_socks, target_n_socks);
5577 if (target_n_socks > 0) {
5588 if (moribund_socks < n_socks - target_n_socks) {
5589 socks_to_kill = n_socks - target_n_socks - moribund_socks;
5595 "OOS handler killed %d conns", smartlist_len(conns));
5596 smartlist_free(conns);
5598 log_notice(
LD_NET,
"OOS handler failed to pick any victim conns");
5602 "Not killing any sockets for OOS because there are %d "
5603 "already moribund, and we only want to eliminate %d",
5604 moribund_socks, n_socks - target_n_socks);
5613 uint64_t used_by_type[CONN_TYPE_MAX_+1];
5614 uint64_t alloc_by_type[CONN_TYPE_MAX_+1];
5615 int n_conns_by_type[CONN_TYPE_MAX_+1];
5616 uint64_t total_alloc = 0;
5617 uint64_t total_used = 0;
5621 memset(used_by_type, 0,
sizeof(used_by_type));
5622 memset(alloc_by_type, 0,
sizeof(alloc_by_type));
5623 memset(n_conns_by_type, 0,
sizeof(n_conns_by_type));
5627 ++n_conns_by_type[tp];
5636 } SMARTLIST_FOREACH_END(c);
5637 for (i=0; i <= CONN_TYPE_MAX_; ++i) {
5638 total_used += used_by_type[i];
5639 total_alloc += alloc_by_type[i];
5643 "In buffers for %d connections: %"PRIu64
" used/%"PRIu64
" allocated",
5644 smartlist_len(conns),
5645 (total_used), (total_alloc));
5646 for (i=CONN_TYPE_MIN_; i <= CONN_TYPE_MAX_; ++i) {
5647 if (!n_conns_by_type[i])
5650 " For %d %s connections: %"PRIu64
" used/%"PRIu64
" allocated",
5652 (used_by_type[i]), (alloc_by_type[i]));
5667 switch (conn->
type) {
5684 CASE_ANY_LISTENER_TYPE:
5756 CASE_ANY_LISTENER_TYPE:
5824 *port = transport->
port;
5836 *proxy_type = PROXY_CONNECT;
5841 *proxy_type = PROXY_SOCKS4;
5846 *proxy_type = PROXY_SOCKS5;
5853 *proxy_type = PROXY_HAPROXY;
5859 *proxy_type = PROXY_NONE;
5869 uint16_t proxy_port;