57#define CONNECTION_PRIVATE
68#define CHANNEL_OBJECT_PRIVATE
81#include "core/or/dos.h"
87#include "core/proto/proto_haproxy.h"
132#ifdef HAVE_SYS_STAT_H
137#include <sys/socket.h>
169#define ENABLE_LISTENER_REBIND
172 const struct sockaddr *listensockaddr,
173 socklen_t listensocklen,
int type,
179 int *defer,
int *addr_in_use);
188 ssize_t *max_to_read,
215#define CASE_ANY_LISTENER_TYPE \
216 case CONN_TYPE_OR_LISTENER: \
217 case CONN_TYPE_EXT_OR_LISTENER: \
218 case CONN_TYPE_AP_LISTENER: \
219 case CONN_TYPE_DIR_LISTENER: \
220 case CONN_TYPE_CONTROL_LISTENER: \
221 case CONN_TYPE_AP_TRANS_LISTENER: \
222 case CONN_TYPE_AP_NATD_LISTENER: \
223 case CONN_TYPE_AP_DNS_LISTENER: \
224 case CONN_TYPE_AP_HTTP_CONNECT_LISTENER: \
225 case CONN_TYPE_METRICS_LISTENER
279 return "Transparent pf/netfilter listener";
293 log_warn(
LD_BUG,
"unknown connection type %d", type);
308 CASE_ANY_LISTENER_TYPE:
318 return "waiting for V3+ handshake";
320 return "handshaking (Tor, v3 handshake)";
327 return "waiting for authentication type";
329 return "waiting for client nonce";
331 return "waiting for client hash";
370 return "waiting for authentication (protocol v1)";
376 return "uninitialized";
379 log_warn(
LD_BUG,
"unknown connection state %d (type %d)", state, type);
381 "unknown state [%d] on unknown [%s] connection",
383 tor_assert_nonfatal_unreached_once();
402 bool include_preposition)
408 static char peer_buf[256];
410 const char *address = NULL;
417 switch (conn->
type) {
418 CASE_ANY_LISTENER_TYPE:
453 strlcpy(ed_id_buf,
"<none>",
sizeof(ed_id_buf));
458 " ID=%s RSA_ID=%s", ed_id_buf, rsa_id_buf);
465 sizeof(canonical_addr_buf), 1)) {
467 sizeof(extra_buf)-strlen(extra_buf),
468 " canonical_addr=%s:%"PRIu16,
477 strlcpy(extra_buf,
" (DNS lookup pending)",
sizeof(extra_buf));
482 if (address == NULL) {
488 address =
"<can't format!>";
489 tor_assert_nonfatal_unreached_once();
496 if (scrub &&
get_options()->SafeLogging_ != SAFELOG_SCRUB_NONE) {
497 address =
"[scrubbed]";
500 if (conn->
port != 0) {
505 const char *sp = include_preposition ?
" " :
"";
506 if (! include_preposition)
510 "%s%s%s%s%s", prep, sp, address, portbuf, extra_buf);
544 return "null connection";
546 static char desc_buf[256];
549 "%s connection (%s) %s",
577 time_t now = time(NULL);
582 connection_or_set_canonical(or_conn, 0);
587 TO_CONN(or_conn)->always_rate_limit_as_remote = 1;
608 if (socket_family == AF_INET)
609 entry_conn->entry_cfg.ipv4_traffic = 1;
610 else if (socket_family == AF_INET6)
611 entry_conn->entry_cfg.ipv6_traffic = 1;
658 return listener_conn;
684 CASE_ANY_LISTENER_TYPE:
708 static uint64_t n_connections_allocated = 1;
713 conn->
magic = OR_CONNECTION_MAGIC;
716 conn->
magic = EDGE_CONNECTION_MAGIC;
719 conn->
magic = ENTRY_CONNECTION_MAGIC;
722 conn->
magic = DIR_CONNECTION_MAGIC;
725 conn->
magic = CONTROL_CONNECTION_MAGIC;
727 CASE_ANY_LISTENER_TYPE:
728 conn->
magic = LISTENER_CONNECTION_MAGIC;
731 conn->
magic = BASE_CONNECTION_MAGIC;
793 switch (conn->
type) {
820 CASE_ANY_LISTENER_TYPE:
833 log_info(
LD_GENERAL,
"Freeing linked %s connection [%s] with %d "
834 "bytes on inbuf, %d on outbuf.",
837 (
int)connection_get_inbuf_len(conn),
838 (
int)connection_get_outbuf_len(conn));
842 buf_free(conn->
inbuf);
850 if (unlink(conn->
address) < 0 && errno != ENOENT) {
859 if (connection_speaks_cells(conn)) {
872 tor_tls_free(or_conn->
tls);
883 "Freeing orconn at %p, saw channel %p with ID "
884 "%"PRIu64
" left un-NULLed",
887 if (!CHANNEL_FINISHED(base_chan)) {
891 or_conn->
chan->conn = NULL;
892 or_conn->
chan = NULL;
904 if (entry_conn->sending_optimistic_data) {
905 buf_free(entry_conn->sending_optimistic_data);
918 memwipe(cp, 0, strlen(cp));
935 dir_conn_clear_spool(dir_conn);
937 hs_ident_dir_conn_free(dir_conn->hs_ident);
946 log_debug(
LD_NET,
"closing fd %d.",(
int)conn->
s);
953 log_warn(
LD_BUG,
"called on OR conn with non-zeroed identity_digest");
981 if (connection_speaks_cells(conn)) {
992 connection_ap_warn_and_unmark_if_pending_circ(
TO_ENTRY_CONN(conn),
1024 switch (conn->
type) {
1043#define CONN_IS_CLOSED(c) \
1044 ((c)->linked ? ((c)->linked_conn_is_closed) : (! SOCKET_OK(c->s)))
1055 log_err(
LD_BUG,
"Attempt to close already-closed connection.");
1059 if (connection_get_outbuf_len(conn)) {
1060 log_info(
LD_NET,
"fd %d, type %s, state %s, %"TOR_PRIuSZ
" bytes on outbuf.",
1098 "Something tried to close an or_connection_t without going "
1099 "through channels at %s:%d",
1125 int line,
const char *file))
1133 log_warn(
LD_BUG,
"Duplicate call to connection_mark_for_close at %s:%d"
1146 "Calling connection_mark_for_close_internal_() on an OR conn "
1193 "Giving up on marked_for_close conn that's been flushing "
1194 "for 15s (fd %d, type %s, state %s).",
1200 } SMARTLIST_FOREACH_END(conn);
1203#if defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN)
1217static struct sockaddr_un *
1218create_unix_sockaddr(
const char *listenaddress,
char **readable_address,
1221 struct sockaddr_un *sockaddr = NULL;
1223 sockaddr = tor_malloc_zero(
sizeof(
struct sockaddr_un));
1224 sockaddr->sun_family = AF_UNIX;
1225 if (strlcpy(sockaddr->sun_path, listenaddress,
sizeof(sockaddr->sun_path))
1226 >=
sizeof(sockaddr->sun_path)) {
1227 log_warn(
LD_CONFIG,
"Unix socket path '%s' is too long to fit.",
1233 if (readable_address)
1234 *readable_address = tor_strdup(listenaddress);
1236 *len_out =
sizeof(
struct sockaddr_un);
1240static struct sockaddr *
1241create_unix_sockaddr(
const char *listenaddress,
char **readable_address,
1244 (void)listenaddress;
1245 (void)readable_address;
1247 "Unix domain sockets not supported, yet we tried to create one.");
1256warn_about_resource_exhaution(
void)
1258#define WARN_TOO_MANY_CONNS_INTERVAL (6*60*60)
1259 static ratelim_t last_warned = RATELIM_INIT(WARN_TOO_MANY_CONNS_INTERVAL);
1263 log_warn(
LD_NET,
"Failing because we have %d connections already. Please "
1264 "read doc/TUNING for guidance.%s", n_conns, m);
1279 warn_about_resource_exhaution();
1290 warn_about_resource_exhaution();
1295#define UNIX_SOCKET_PURPOSE_CONTROL_SOCKET 0
1296#define UNIX_SOCKET_PURPOSE_SOCKS_SOCKET 1
1301is_valid_unix_socket_purpose(
int purpose)
1306 case UNIX_SOCKET_PURPOSE_CONTROL_SOCKET:
1307 case UNIX_SOCKET_PURPOSE_SOCKS_SOCKET:
1317unix_socket_purpose_to_string(
int purpose)
1319 const char *s =
"unknown-purpose socket";
1322 case UNIX_SOCKET_PURPOSE_CONTROL_SOCKET:
1323 s =
"control socket";
1325 case UNIX_SOCKET_PURPOSE_SOCKS_SOCKET:
1336check_location_for_unix_socket(
const or_options_t *options,
const char *path,
1342 tor_assert(is_valid_unix_socket_purpose(purpose));
1344 p = tor_strdup(path);
1347 log_warn(
LD_GENERAL,
"Bad unix socket address '%s'. Tor does not support "
1348 "relative paths for unix sockets.", path);
1352 if (port->is_world_writable) {
1358 if (port->is_group_writable) {
1359 flags |= CPD_GROUP_OK;
1362 if (port->relax_dirmode_check) {
1363 flags |= CPD_RELAX_DIRMODE_CHECK;
1367 char *escpath, *escdir;
1370 log_warn(
LD_GENERAL,
"Before Tor can create a %s in %s, the directory "
1371 "%s needs to exist, and to be accessible only by the user%s "
1372 "account that is running Tor. (On some Unix systems, anybody "
1373 "who can list a socket can connect to it, so Tor is being "
1375 unix_socket_purpose_to_string(purpose), escpath, escdir,
1376 port->is_group_writable ?
" and group" :
"");
1405 if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (
void*) &one,
1406 (socklen_t)
sizeof(one)) == -1) {
1419#ifdef SO_EXCLUSIVEADDRUSE
1426 if (setsockopt(sock, SOL_SOCKET, SO_EXCLUSIVEADDRUSE, (
void*) &one,
1427 (socklen_t)
sizeof(one))) {
1450 if ((r = listen(fd, SOMAXCONN)) == 0) {
1452 log_warn(
LD_NET,
"Setting listen backlog to INT_MAX connections "
1453 "didn't work, but SOMAXCONN did. Lowering backlog limit.");
1471 int type,
const char *address,
1480#if defined(HAVE_PWD_H) && defined(HAVE_SYS_UN_H)
1481 const struct passwd *pw = NULL;
1483 uint16_t usePort = 0, gotPort = 0;
1484 int start_reading = 0;
1492 if (listensockaddr->sa_family == AF_INET ||
1493 listensockaddr->sa_family == AF_INET6) {
1499 log_notice(
LD_NET,
"Opening %s on %s",
1503 is_stream ? SOCK_STREAM : SOCK_DGRAM,
1504 is_stream ? IPPROTO_TCP: IPPROTO_UDP);
1506 int e = tor_socket_errno(s);
1507 if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1515 log_warn(
LD_NET,
"Socket creation failed: %s",
1516 tor_socket_strerror(e));
1522 log_warn(
LD_NET,
"Error setting SO_REUSEADDR flag on %s: %s",
1524 tor_socket_strerror(errno));
1528 if (make_win32_socket_exclusive(s) < 0) {
1529 log_warn(
LD_NET,
"Error setting SO_EXCLUSIVEADDRUSE flag on %s: %s",
1531 tor_socket_strerror(errno));
1535#if defined(USE_TRANSPARENT) && defined(IP_TRANSPARENT)
1539 if (setsockopt(s, SOL_IP, IP_TRANSPARENT, (
void*)&one,
1540 (socklen_t)
sizeof(one)) < 0) {
1541 const char *extra =
"";
1542 int e = tor_socket_errno(s);
1544 extra =
"TransTPROXY requires root privileges or similar"
1546 log_warn(
LD_NET,
"Error setting IP_TRANSPARENT flag: %s.%s",
1547 tor_socket_strerror(e), extra);
1553 if (listensockaddr->sa_family == AF_INET6) {
1557 if (setsockopt(s,IPPROTO_IPV6, IPV6_V6ONLY,
1558 (
void*)&one, (socklen_t)
sizeof(one)) < 0) {
1559 int e = tor_socket_errno(s);
1560 log_warn(
LD_NET,
"Error setting IPV6_V6ONLY flag: %s",
1561 tor_socket_strerror(e));
1567 if (bind(s,listensockaddr,socklen) < 0) {
1568 const char *helpfulhint =
"";
1569 int e = tor_socket_errno(s);
1570 if (ERRNO_IS_EADDRINUSE(e)) {
1571 helpfulhint =
". Is Tor already running?";
1575 log_warn(
LD_NET,
"Could not bind to %s:%u: %s%s", address, usePort,
1576 tor_socket_strerror(e), helpfulhint);
1581 if (tor_listen(s) < 0) {
1582 log_warn(
LD_NET,
"Could not listen on %s:%u: %s", address, usePort,
1583 tor_socket_strerror(tor_socket_errno(s)));
1592 struct sockaddr_storage ss;
1593 socklen_t ss_len=
sizeof(ss);
1594 if (getsockname(s, (
struct sockaddr*)&ss, &ss_len)<0) {
1595 log_warn(
LD_NET,
"getsockname() couldn't learn address for %s: %s",
1597 tor_socket_strerror(tor_socket_errno(s)));
1606 }
else if (listensockaddr->sa_family == AF_UNIX) {
1612 if (check_location_for_unix_socket(options, address,
1614 UNIX_SOCKET_PURPOSE_CONTROL_SOCKET :
1615 UNIX_SOCKET_PURPOSE_SOCKS_SOCKET, port_cfg) < 0) {
1619 log_notice(
LD_NET,
"Opening %s on %s",
1624 if (unlink(address) < 0 && errno != ENOENT) {
1625 log_warn(
LD_NET,
"Could not unlink %s: %s", address,
1632 int e = tor_socket_errno(s);
1633 if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1641 log_warn(
LD_NET,
"Socket creation failed: %s.", strerror(e));
1646 if (bind(s, listensockaddr,
1647 (socklen_t)
sizeof(
struct sockaddr_un)) == -1) {
1648 log_warn(
LD_NET,
"Bind to %s failed: %s.", address,
1649 tor_socket_strerror(tor_socket_errno(s)));
1654 if (options->
User) {
1658 log_warn(
LD_NET,
"Unable to chown() %s socket: user %s not found.",
1659 address, options->
User);
1661 }
else if (fstat(s, &st) == 0 &&
1662 st.st_uid == pw->pw_uid && st.st_gid == pw->pw_gid) {
1665 pw->pw_uid, pw->pw_gid) < 0) {
1666 log_warn(
LD_NET,
"Unable to chown() %s socket: %s.",
1667 address, strerror(errno));
1677 if (port_cfg->is_world_writable) {
1679 status =
"world-writable";
1680 }
else if (port_cfg->is_group_writable) {
1682 status =
"group-writable";
1689 if (fstat(s, &st) == 0 && (st.st_mode & 0777) == mode) {
1692 log_warn(
LD_FS,
"Unable to make %s %s.", address, status);
1697 if (listen(s, SOMAXCONN) < 0) {
1698 log_warn(
LD_NET,
"Could not listen on %s: %s", address,
1699 tor_socket_strerror(tor_socket_errno(s)));
1706 socklen_t len =
sizeof(value);
1708 if (!getsockopt(s, SOL_SOCKET, SO_ACCEPTCONN, &value, &len)) {
1710 log_err(
LD_NET,
"Could not listen on %s - "
1711 "getsockopt(.,SO_ACCEPTCONN,.) yields 0.", address);
1718 log_err(
LD_BUG,
"Got unexpected address family %d.",
1719 listensockaddr->sa_family);
1728 conn->
address = tor_strdup(address);
1729 conn->
port = gotPort;
1745 lis_conn->entry_cfg.
session_group = global_next_session_group--;
1749 if (connection_add(conn) < 0) {
1750 log_warn(
LD_NET,
"connection_add for listener failed. Giving up.");
1755 "%s listening on port %u.",
1759 if (start_reading) {
1780 connection_free(conn);
1796 int *defer,
int *addr_in_use)
1799 struct sockaddr *listensockaddr;
1800 socklen_t listensocklen = 0;
1808 if (port->server_cfg.no_listen) {
1819 strcmp(options->
User,
"root")) {
1827 listensockaddr = (
struct sockaddr *)
1829 &address, &listensocklen);
1831 listensockaddr = tor_malloc(
sizeof(
struct sockaddr_storage));
1835 sizeof(
struct sockaddr_storage));
1839 if (listensockaddr) {
1841 port->
type, address, port,
1864 if (sa->sa_family == AF_INET) {
1865 struct sockaddr_in *sin=(
struct sockaddr_in*)sa;
1866 if (len !=
sizeof(
struct sockaddr_in)) {
1867 log_fn(level,
LD_NET,
"Length of address not as expected: %d vs %d",
1868 len,(
int)
sizeof(
struct sockaddr_in));
1871 if (sin->sin_addr.s_addr == 0 || sin->sin_port == 0) {
1873 "Address for new connection has address/port equal to zero.");
1876 }
else if (sa->sa_family == AF_INET6) {
1879 log_fn(level,
LD_NET,
"Length of address not as expected: %d vs %d",
1884 sin6->sin6_port == 0) {
1886 "Address for new connection has address/port equal to zero.");
1889 }
else if (sa->sa_family == AF_UNIX) {
1906 log_info(
LD_BUG,
"A listener connection returned a socket with a "
1907 "mismatched family. %s for addr_family %d gave us a socket "
1908 "with address family %d. Dropping.",
1926 struct sockaddr_storage addrbuf;
1927 struct sockaddr *remote = (
struct sockaddr*)&addrbuf;
1929 socklen_t remotelen = (socklen_t)
sizeof(addrbuf);
1932 tor_assert((
size_t)remotelen >=
sizeof(
struct sockaddr_in));
1933 memset(&addrbuf, 0,
sizeof(addrbuf));
1937 int e = tor_socket_errno(conn->
s);
1938 if (ERRNO_IS_ACCEPT_EAGAIN(e)) {
1946 }
else if (ERRNO_IS_RESOURCE_LIMIT(e)) {
1953 log_warn(
LD_NET,
"accept() failed: %s. Closing listener.",
1954 tor_socket_strerror(e));
1955 connection_mark_for_close(conn);
1961 "Connection accepted on socket %d (child of fd %d).",
1962 (
int)news,(
int)conn->
s);
1968 if (tor_socket_errno(news) == EINVAL) {
1970 log_debug(
LD_NET,
"make_socket_reuseable returned EINVAL");
1972 log_warn(
LD_NET,
"Error setting SO_REUSEADDR flag on %s: %s",
1974 tor_socket_strerror(errno));
1994 "accept() returned a strange address; closing connection.");
2006 "Denying socks connection from untrusted address %s.",
2016 log_notice(
LD_DIRSERV,
"Denying dir connection from address %s.",
2026 if (dos_conn_addr_get_defense_type(&addr) == DOS_CONN_DEFENSE_CLOSE) {
2042 newconn->
port = port;
2047 log_info(
LD_NET,
"New SOCKS connection opened from %s.",
2051 log_info(
LD_NET,
"New SOCKS AF_UNIX connection opened");
2054 log_notice(
LD_CONTROL,
"New control connection opened from %s.",
2058 log_info(
LD_CONTROL,
"New metrics connection opened from %s.",
2065 log_notice(
LD_CONTROL,
"New control connection opened.");
2081 if (connection_add(newconn) < 0) {
2082 connection_free(newconn);
2088 connection_mark_for_close(newconn);
2114 switch (conn->
type) {
2127 memcpy(&
TO_ENTRY_CONN(conn)->entry_cfg, &listener->entry_cfg,
2135 switch (
TO_CONN(listener)->type) {
2175 const struct sockaddr *sa,
2177 const struct sockaddr *bindaddr,
2178 socklen_t bindaddr_len,
2196 static ratelim_t disablenet_violated = RATELIM_INIT(30*60);
2197 *socket_error = SOCK_ERRNO(ENETUNREACH);
2199 "Tried to open a socket with DisableNetwork set.");
2204 const int protocol_family = sa->sa_family;
2205 const int proto = (sa->sa_family == AF_INET6 ||
2206 sa->sa_family == AF_INET) ? IPPROTO_TCP : 0;
2214 *socket_error = tor_socket_errno(s);
2215 if (ERRNO_IS_RESOURCE_LIMIT(*socket_error)) {
2219 log_warn(
LD_NET,
"Error creating network socket: %s",
2220 tor_socket_strerror(*socket_error));
2227 log_warn(
LD_NET,
"Error setting SO_REUSEADDR flag on new connection: %s",
2228 tor_socket_strerror(errno));
2238#ifdef IP_BIND_ADDRESS_NO_PORT
2239 static int try_ip_bind_address_no_port = 1;
2240 if (bindaddr && try_ip_bind_address_no_port &&
2241 setsockopt(s, SOL_IP, IP_BIND_ADDRESS_NO_PORT, &(
int){1},
sizeof(int))) {
2242 if (errno == EINVAL) {
2243 log_notice(
LD_NET,
"Tor was built with support for "
2244 "IP_BIND_ADDRESS_NO_PORT, but the current kernel "
2245 "doesn't support it. This might cause Tor to run out "
2246 "of ephemeral ports more quickly.");
2247 try_ip_bind_address_no_port = 0;
2249 log_warn(
LD_NET,
"Error setting IP_BIND_ADDRESS_NO_PORT on new "
2250 "connection: %s", tor_socket_strerror(errno));
2255 if (bindaddr && bind(s, bindaddr, bindaddr_len) < 0) {
2256 *socket_error = tor_socket_errno(s);
2257 if (ERRNO_IS_EADDRINUSE(*socket_error)) {
2261 log_warn(
LD_NET,
"Error binding network socket: %s",
2262 tor_socket_strerror(*socket_error));
2280 if (connect(s, sa, sa_len) < 0) {
2281 int e = tor_socket_errno(s);
2282 if (!ERRNO_IS_CONN_EINPROGRESS(e)) {
2286 "connect() to socket failed: %s",
2287 tor_socket_strerror(e));
2299 "Connection to socket %s (sock "TOR_SOCKET_T_FORMAT
").",
2300 inprogress ?
"in progress" :
"established", s);
2302 if (connection_add_connecting(conn) < 0) {
2304 *socket_error = SOCK_ERRNO(ENOBUFS);
2308 return inprogress ? 0 : 1;
2315connection_connect_log_client_use_ip_version(
const connection_t *conn)
2341 static int logged_backtrace = 0;
2342 log_info(
LD_BUG,
"Outgoing %s connection to %s violated ClientUseIPv%s 0.",
2346 if (!logged_backtrace) {
2348 logged_backtrace = 1;
2360 log_info(
LD_NET,
"Our outgoing connection is using IPv%d.",
2367 log_info(
LD_NET,
"Outgoing connection to %s doesn't satisfy "
2368 "ClientPreferIPv6%sPort %d, with ClientUseIPv4 %d, and "
2369 "reachable_addr_use_ipv6 %d (ClientUseIPv6 %d and UseBridges "
2443 const tor_addr_t *addr, uint16_t port,
int *socket_error)
2445 struct sockaddr_storage addrbuf;
2446 struct sockaddr_storage bind_addr_ss;
2447 struct sockaddr *bind_addr = NULL;
2448 struct sockaddr *dest_addr;
2449 int dest_addr_len, bind_addr_len = 0;
2453 connection_connect_log_client_use_ip_version(conn);
2460 memset(&bind_addr_ss, 0,
sizeof(bind_addr_ss));
2462 (
struct sockaddr *) &bind_addr_ss,
2463 sizeof(bind_addr_ss));
2464 if (bind_addr_len == 0) {
2466 "Error converting OutboundBindAddress %s into sockaddr. "
2469 bind_addr = (
struct sockaddr *)&bind_addr_ss;
2474 memset(&addrbuf,0,
sizeof(addrbuf));
2475 dest_addr = (
struct sockaddr*) &addrbuf;
2479 log_debug(
LD_NET,
"Connecting to %s:%u.",
2483 bind_addr, bind_addr_len, socket_error);
2496connection_connect_unix(
connection_t *conn,
const char *socket_path,
2499 struct sockaddr_un dest_addr;
2504 if (strlen(socket_path) + 1 >
sizeof(dest_addr.sun_path)) {
2506 "Path %s is too long for an AF_UNIX socket\n",
2508 *socket_error = SOCK_ERRNO(ENAMETOOLONG);
2512 memset(&dest_addr, 0,
sizeof(dest_addr));
2513 dest_addr.sun_family = AF_UNIX;
2514 strlcpy(dest_addr.sun_path, socket_path,
sizeof(dest_addr.sun_path));
2517 "Connecting to AF_UNIX socket at %s.",
2521 (
struct sockaddr *)&dest_addr,
sizeof(dest_addr),
2522 NULL, 0, socket_error);
2532 static const char *unknown =
"???";
2533 static const char *states[] = {
2536 "PROXY_HTTPS_WANT_CONNECT_OK",
2537 "PROXY_SOCKS4_WANT_CONNECT_OK",
2538 "PROXY_SOCKS5_WANT_AUTH_METHOD_NONE",
2539 "PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929",
2540 "PROXY_SOCKS5_WANT_AUTH_RFC1929_OK",
2541 "PROXY_SOCKS5_WANT_CONNECT_OK",
2542 "PROXY_HAPROXY_WAIT_FOR_FLUSH",
2548 if (state < PROXY_NONE || state > PROXY_CONNECTED)
2551 return states[state];
2569 if (r == 0 && transport)
2570 return PROXY_PLUGGABLE;
2575 return PROXY_CONNECT;
2577 return PROXY_SOCKS4;
2579 return PROXY_SOCKS5;
2583 return PROXY_HAPROXY;
2591#define SOCKS4_STANDARD_BUFFER_SIZE (1 + 1 + 2 + 4 + 1)
2607 char *base64_authenticator = NULL;
2613 if (authenticator) {
2615 if (!base64_authenticator)
2616 log_warn(
LD_OR,
"Encoding https authenticator failed");
2619 if (base64_authenticator) {
2621 tor_snprintf(buf,
sizeof(buf),
"CONNECT %s HTTP/1.1\r\n"
2623 "Proxy-Authorization: Basic %s\r\n\r\n",
2626 base64_authenticator);
2629 tor_snprintf(buf,
sizeof(buf),
"CONNECT %s HTTP/1.0\r\n\r\n",
2633 connection_buf_add(buf, strlen(buf), conn);
2652 size_t buf_size = 0;
2653 char *socks_args_string = NULL;
2658 log_warn(
LD_NET,
"SOCKS4 client is incompatible with IPv6");
2670 if (socks_args_string)
2671 log_debug(
LD_NET,
"Sending out '%s' as our SOCKS argument string.",
2678 buf_size = SOCKS4_STANDARD_BUFFER_SIZE;
2682 if (socks_args_string)
2683 buf_size += strlen(socks_args_string);
2686 buf = tor_malloc_zero(buf_size);
2689 portn = htons(conn->
port);
2693 memcpy(buf + 2, &portn, 2);
2694 memcpy(buf + 4, &ip4addr, 4);
2699 if (socks_args_string) {
2702 SOCKS4_STANDARD_BUFFER_SIZE + strlen(socks_args_string));
2703 strlcpy((
char *)buf + 8, socks_args_string, buf_size - 8);
2709 connection_buf_add((
char *)buf, buf_size, conn);
2729 unsigned char buf[4];
2745 conn->
proxy_state = PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929;
2749 conn->
proxy_state = PROXY_SOCKS5_WANT_AUTH_METHOD_NONE;
2752 connection_buf_add((
char *)buf, 2 + buf[1], conn);
2766 char *buf = haproxy_format_proxy_header_line(addr_port);
2773 connection_buf_add(buf, strlen(buf), conn);
2820 log_err(
LD_BUG,
"Invalid proxy protocol, %d", type);
2827 log_debug(
LD_NET,
"set state %s",
2848 NULL, NULL, 10000, 0)) {
2851 "Your https proxy sent back an oversized response. Closing.");
2854 log_info(
LD_NET,
"https proxy response not all here yet. Waiting.");
2860 NULL, &reason) < 0) {
2862 "Unparseable headers from proxy (%s). Closing.",
2868 if (!reason) reason = tor_strdup(
"[no reason given]");
2870 if (status_code == 200) {
2872 "HTTPS connect for %s successful! (200 %s) Starting TLS.",
2878 switch (status_code) {
2881 "The https proxy refused to allow connection to %s "
2882 "(status code %d, %s). Closing.",
2887 "The https proxy sent back an unexpected status code %d (%s). "
2889 status_code,
escaped(reason));
2902 unsigned char buf[1024];
2904 uint16_t port = htons(conn->
port);
2915 memcpy(buf + 4, &addr, 4);
2916 memcpy(buf + 8, &port, 2);
2921 memcpy(buf + 20, &port, 2);
2924 connection_buf_add((
char *)buf, reqsize, conn);
2933 int state,
char **reason)
2952 char *reason = NULL;
2954 log_debug(
LD_NET,
"enter state %s",
2958 case PROXY_HTTPS_WANT_CONNECT_OK:
2964 case PROXY_SOCKS4_WANT_CONNECT_OK:
2972 case PROXY_SOCKS5_WANT_AUTH_METHOD_NONE:
2983 case PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929:
2992 }
else if (ret == 2) {
2993 unsigned char buf[1024];
2994 size_t reqsize, usize, psize;
2995 const char *user, *pass;
2996 char *socks_args_string = NULL;
3001 if (!socks_args_string) {
3002 log_warn(
LD_NET,
"Could not create SOCKS args string for PT.");
3007 log_debug(
LD_NET,
"PT SOCKS5 arguments: %s", socks_args_string);
3012 user = socks_args_string;
3017 user = socks_args_string;
3018 usize = strlen(socks_args_string);
3026 usize = strlen(user);
3027 psize = strlen(pass);
3029 log_err(
LD_BUG,
"We entered %s for no reason!", __func__);
3039 reqsize = 3 + usize + psize;
3043 memcpy(buf + 2, user, usize);
3044 buf[2 + usize] = psize;
3045 memcpy(buf + 3 + usize, pass, psize);
3047 if (socks_args_string)
3050 connection_buf_add((
char *)buf, reqsize, conn);
3052 conn->
proxy_state = PROXY_SOCKS5_WANT_AUTH_RFC1929_OK;
3057 case PROXY_SOCKS5_WANT_AUTH_RFC1929_OK:
3068 case PROXY_SOCKS5_WANT_CONNECT_OK:
3077 log_err(
LD_BUG,
"Invalid proxy_state for reading, %d",
3084 log_debug(
LD_NET,
"leaving state %s",
3089 log_warn(
LD_NET,
"Proxy Client: unable to connect %s (%s)",
3093 log_warn(
LD_NET,
"Proxy Client: unable to connect %s",
3096 }
else if (ret == 1) {
3097 log_info(
LD_NET,
"Proxy Client: %s successful",
3125 int control_listeners_only)
3127#ifndef ENABLE_LISTENER_REBIND
3134 if (control_listeners_only) {
3155 if (conn->
type != wanted->type)
3157 if ((conn->
socket_family != AF_UNIX && wanted->is_unix_addr) ||
3161 if (wanted->server_cfg.no_listen)
3164 if (wanted->is_unix_addr) {
3166 !strcmp(wanted->unix_addr, conn->
address)) {
3167 found_port = wanted;
3172 const int port_matches_exact = (wanted->port == conn->
port);
3177 port_matches_exact);
3180 found_port = wanted;
3183#ifdef ENABLE_LISTENER_REBIND
3193 const int may_need_rebind =
3197 if (replacements && may_need_rebind) {
3201 replacement->old_conn = conn;
3202 replacement->new_port = wanted;
3211 } SMARTLIST_FOREACH_END(wanted);
3221 } SMARTLIST_FOREACH_END(conn);
3228 if (conn && new_conns)
3232 } SMARTLIST_FOREACH_END(port);
3234 smartlist_free(launch);
3256 const uint16_t old_or_port_ipv6 =
3263 } SMARTLIST_FOREACH_END(conn);
3269 close_all_noncontrol) < 0)
3272#ifdef ENABLE_LISTENER_REBIND
3273 if (smartlist_len(replacements))
3274 log_debug(
LD_NET,
"%d replacements - starting rebinding loop.",
3275 smartlist_len(replacements));
3278 int addr_in_use = 0;
3289 log_debug(
LD_NET,
"Skipping creating new listener for %s",
3295 connection_mark_for_close(old_conn);
3299 &skip, &addr_in_use);
3305 log_warn(
LD_NET,
"Unable to create listener port: %s:%d",
3314 log_notice(
LD_NET,
"Closed no-longer-configured %s "
3318 } SMARTLIST_FOREACH_END(r);
3324 log_notice(
LD_NET,
"Closing no-longer-configured %s on %s:%d",
3328 connection_mark_for_close(conn);
3329 } SMARTLIST_FOREACH_END(conn);
3331 smartlist_free(listeners);
3334 smartlist_free(replacements);
3359 connection_mark_for_close(conn);
3360 } SMARTLIST_FOREACH_END(conn);
3370 switch (conn->
type) {
3376 END_STREAM_REASON_HIBERNATING);
3388 connection_mark_for_close(conn);
3393 connection_mark_for_close(conn);
3396 } SMARTLIST_FOREACH_END(conn);
3415 tor_addr_is_internal(&conn->
addr, 0)))
3428#define CLIENT_IDLE_TIME_FOR_PRIORITY 30
3453 ssize_t global_bucket_val, ssize_t conn_bucket)
3456 ssize_t num_bytes_high = (priority ? 32 : 16) * base;
3457 ssize_t num_bytes_low = (priority ? 4 : 2) * base;
3462 at_most = global_bucket_val / 8;
3463 at_most -= (at_most % base);
3464 if (at_most > num_bytes_high)
3465 at_most = num_bytes_high;
3466 else if (at_most < num_bytes_low)
3467 at_most = num_bytes_low;
3469 if (at_most > global_bucket_val)
3470 at_most = global_bucket_val;
3472 if (conn_bucket >= 0 && at_most > conn_bucket)
3473 at_most = conn_bucket;
3486 ssize_t conn_bucket = -1;
3487 size_t global_bucket_val = token_bucket_rw_get_read(&global_bucket);
3488 if (global_bucket_val == 0) {
3499 if (connection_speaks_cells(conn)) {
3502 conn_bucket = token_bucket_rw_get_read(&or_conn->
bucket);
3503 base = get_cell_network_size(or_conn->wide_circ_ids);
3511 conn_bucket = token_bucket_rw_get_read(&edge_conn->
bucket);
3521 return conn_bucket>=0 ? conn_bucket : 1<<14;
3525 size_t relayed = token_bucket_rw_get_read(&global_relayed_bucket);
3526 global_bucket_val = MIN(global_bucket_val, relayed);
3531 global_bucket_val, conn_bucket);
3541 size_t global_bucket_val = token_bucket_rw_get_write(&global_bucket);
3542 if (global_bucket_val == 0) {
3553 if (connection_speaks_cells(conn)) {
3557 conn_bucket = MIN(conn_bucket,
3558 token_bucket_rw_get_write(&or_conn->
bucket));
3559 base = get_cell_network_size(or_conn->wide_circ_ids);
3563 size_t relayed = token_bucket_rw_get_write(&global_relayed_bucket);
3564 global_bucket_val = MIN(global_bucket_val, relayed);
3568 global_bucket_val, conn_bucket);
3593 size_t smaller_bucket =
3594 MIN(token_bucket_rw_get_write(&global_bucket),
3595 token_bucket_rw_get_write(&global_relayed_bucket));
3615 if (smaller_bucket < attempt)
3635 time_t now,
size_t num_read,
size_t num_written)
3641 if (num_written > 0)
3660 num_written, now, is_ipv6);
3665 if (num_written > 0) {
3690 size_t num_read,
size_t num_written)
3692 if (num_written >= INT_MAX || num_read >= INT_MAX) {
3693 log_err(
LD_BUG,
"Value out of range. num_read=%lu, num_written=%lu, "
3694 "connection type=%s, state=%s",
3695 (
unsigned long)num_read, (
unsigned long)num_written,
3699 if (num_written >= INT_MAX)
3701 if (num_read >= INT_MAX)
3723 if (flags & TB_WRITE) {
3778 token_bucket_rw_get_read(&
TO_EDGE_CONN(conn)->bucket) <= 0) {
3779 reason =
"edge connection read bucket exhausted. Pausing.";
3783 }
else if (token_bucket_rw_get_read(&global_bucket) <= 0) {
3784 reason =
"global read bucket exhausted. Pausing.";
3786 token_bucket_rw_get_read(&global_relayed_bucket) <= 0) {
3787 reason =
"global relayed read bucket exhausted. Pausing.";
3788 }
else if (connection_speaks_cells(conn) &&
3790 token_bucket_rw_get_read(&
TO_OR_CONN(conn)->bucket) <= 0) {
3791 reason =
"connection read bucket exhausted. Pausing.";
3811 bool is_global =
true;
3812 if (token_bucket_rw_get_write(&global_bucket) <= 0) {
3813 reason =
"global write bucket exhausted. Pausing.";
3815 token_bucket_rw_get_write(&global_relayed_bucket) <= 0) {
3816 reason =
"global relayed write bucket exhausted. Pausing.";
3817 }
else if (connection_speaks_cells(conn) &&
3819 token_bucket_rw_get_write(&
TO_OR_CONN(conn)->bucket) <= 0) {
3820 reason =
"connection write bucket exhausted. Pausing.";
3943 } SMARTLIST_FOREACH_END(conn);
3995 ssize_t max_to_read=-1, try_to_read;
3996 size_t before, n_read = 0;
3997 int socket_error = 0;
4006 switch (conn->
type) {
4029 try_to_read = max_to_read;
4039 END_OR_CONN_REASON_CONNRESET,
4041 tor_socket_strerror(socket_error) :
4042 "(unknown, errno was 0)");
4057 connection_mark_for_close_internal(conn);
4061 if (
CONN_IS_EDGE(conn) && try_to_read != max_to_read) {
4091 connection_mark_for_close(linked);
4133 ssize_t at_most = *max_to_read;
4134 size_t slack_in_buf, more_to_read;
4135 size_t n_read = 0, n_written = 0;
4137 if (at_most == -1) {
4144 if (at_most > maximum) {
4150 if ((
size_t)at_most > slack_in_buf && slack_in_buf >= 1024) {
4151 more_to_read = at_most - slack_in_buf;
4152 at_most = slack_in_buf;
4157 if (connection_speaks_cells(conn) &&
4161 size_t initial_size;
4168 "%d: starting, inbuf_datalen %ld (%d pending in tls object)."
4176 if (TOR_TLS_IS_ERROR(result) || result == TOR_TLS_CLOSE)
4183 case TOR_TLS_ERROR_IO:
4184 log_debug(
LD_NET,
"TLS %s closed %son read. Closing.",
4186 result == TOR_TLS_CLOSE ?
"cleanly " :
"");
4189 log_debug(
LD_NET,
"tls error [%s] from %s. Breaking.",
4193 case TOR_TLS_WANTWRITE:
4196 case TOR_TLS_WANTREAD:
4223 log_warn(
LD_BUG,
"apparently, reading pending bytes can fail.");
4229 log_debug(
LD_GENERAL,
"After TLS read of %d: %ld read, %ld written",
4230 result, (
long)n_read, (
long)n_written);
4231 }
else if (conn->
linked) {
4245 n_read = (
size_t) result;
4248 int reached_eof = 0;
4261 n_read = (size_t) result;
4266 *max_to_read = at_most - n_read;
4281 if (PREDICT_LIKELY(UINT32_MAX - edge_conn->
n_read > n_read))
4282 edge_conn->
n_read += (int)n_read;
4284 edge_conn->
n_read = UINT32_MAX;
4302 if (more_to_read && result == at_most) {
4304 at_most = more_to_read;
4337 char **headers_out,
size_t max_headerlen,
4338 char **body_out,
size_t *body_used,
4339 size_t max_bodylen,
int force_complete)
4342 body_out, body_used, max_bodylen, force_complete);
4349 return connection_get_outbuf_len(conn) > 0;
4375 static int isVistaOr7 = -1;
4376 if (isVistaOr7 == -1) {
4378 OSVERSIONINFO osvi = { 0 };
4379 osvi.dwOSVersionInfoSize =
sizeof(OSVERSIONINFO);
4380 GetVersionEx(&osvi);
4381 if (osvi.dwMajorVersion == 6 && osvi.dwMinorVersion < 2)
4389 DWORD bytesReturned = 0;
4390 if (!WSAIoctl(sock, SIO_IDEAL_SEND_BACKLOG_QUERY, NULL, 0,
4391 &isb,
sizeof(isb), &bytesReturned, NULL, NULL)) {
4392 setsockopt(sock, SOL_SOCKET, SO_SNDBUF, (
const char*)&isb,
sizeof(isb));
4421 socklen_t len=(socklen_t)
sizeof(e);
4423 ssize_t max_to_write;
4425 size_t n_read = 0, n_written = 0;
4426 int dont_stop_writing = 0;
4434 log_warn(
LD_BUG,
"called recursively from inside conn->in_flushed_some");
4444 if (getsockopt(conn->
s, SOL_SOCKET, SO_ERROR, (
void*)&e, &len) < 0) {
4445 log_warn(
LD_BUG,
"getsockopt() syscall failed");
4453 connection_mark_for_close(conn);
4459 if (!ERRNO_IS_CONN_EINPROGRESS(e)) {
4460 log_info(
LD_NET,
"in-progress connect failed. Removing. (%s)",
4461 tor_socket_strerror(e));
4467 tor_socket_strerror(e));
4474 connection_mark_for_close_internal(conn);
4488 if (connection_speaks_cells(conn) &&
4491 size_t initial_size;
4497 END_OR_CONN_REASON_MISC,
4498 "TLS error in connection_tls_"
4499 "continue_handshake()");
4505 connection_mark_for_close_internal(conn);
4510 return connection_handle_read(conn);
4531 log_info(
LD_NET, result != TOR_TLS_CLOSE ?
4532 "tls error. breaking.":
"TLS connection closed on flush");
4535 END_OR_CONN_REASON_MISC,
4536 result != TOR_TLS_CLOSE ?
4537 "TLS error in during flush" :
4538 "TLS closed during flush");
4544 connection_mark_for_close_internal(conn);
4546 case TOR_TLS_WANTWRITE:
4547 log_debug(
LD_NET,
"wanted write.");
4549 dont_stop_writing = 1;
4551 case TOR_TLS_WANTREAD:
4553 log_debug(
LD_NET,
"wanted read.");
4569 log_debug(
LD_GENERAL,
"After TLS write of %d: %ld read, %ld written",
4570 result, (
long)n_read, (
long)n_written);
4571 or_conn->bytes_xmitted += result;
4572 or_conn->bytes_xmitted_by_tls += n_written;
4592 connection_mark_for_close(conn);
4596 n_written = (size_t) result;
4603 if (PREDICT_LIKELY(UINT32_MAX - edge_conn->
n_written > n_written))
4627 if (connection_speaks_cells(conn)) {
4629 END_OR_CONN_REASON_MISC,
4630 "Got error back from "
4631 "connection_flushed_some()");
4638 connection_mark_for_close_internal(conn);
4643 !dont_stop_writing) {
4698 return connection_handle_write(conn, 1);
4728 "write_to_buf failed. Closing circuit (fd %d).", (
int)conn->
s);
4730 END_CIRC_REASON_INTERNAL);
4734 "write_to_buf failed on an orconn; notifying of error "
4735 "(fd %d)", (
int)(conn->
s));
4739 "write_to_buf failed. Closing connection (fd %d).",
4741 connection_mark_for_close(conn);
4776 if (!len && !(zlib<0))
4784 int done = zlib < 0;
4787 string, len, done));
4808 connection_buf_add_compress(
string, len, dir_conn, done);
4812 connection_buf_add(
string, len,
TO_CONN(dir_conn));
4816connection_buf_add_compress(
const char *
string,
size_t len,
4843#define CONN_GET_ALL_TEMPLATE(var, test) \
4845 smartlist_t *conns = get_connection_array(); \
4846 smartlist_t *ret_conns = smartlist_new(); \
4847 SMARTLIST_FOREACH_BEGIN(conns, connection_t *, var) { \
4848 if (var && (test) && !var->marked_for_close) \
4849 smartlist_add(ret_conns, var); \
4850 } SMARTLIST_FOREACH_END(var); \
4859connection_list_by_type_state(
int type,
int state)
4861 CONN_GET_ALL_TEMPLATE(conn, (conn->type == type && conn->state == state));
4869connection_list_by_type_purpose(
int type,
int purpose)
4871 CONN_GET_ALL_TEMPLATE(conn,
4872 (conn->type == type && conn->purpose == purpose));
4877#define CONN_GET_TEMPLATE(var, test) \
4879 smartlist_t *conns = get_connection_array(); \
4880 SMARTLIST_FOREACH(conns, connection_t *, var, \
4882 if (var && (test) && !var->marked_for_close) \
4897 (conn->type == type &&
4899 conn->port == port &&
4900 conn->purpose == purpose));
4943#define DIR_CONN_LIST_TEMPLATE(conn_var, conn_test, \
4944 dirconn_var, dirconn_test) \
4946 smartlist_t *conns = get_connection_array(); \
4947 smartlist_t *dir_conns = smartlist_new(); \
4948 SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn_var) { \
4949 if (conn_var && (conn_test) \
4950 && conn_var->type == CONN_TYPE_DIR \
4951 && !conn_var->marked_for_close) { \
4952 dir_connection_t *dirconn_var = TO_DIR_CONN(conn_var); \
4953 if (dirconn_var && (dirconn_test)) { \
4954 smartlist_add(dir_conns, dirconn_var); \
4957 } SMARTLIST_FOREACH_END(conn_var); \
4970 const char *resource)
4973 conn->purpose == purpose,
4976 dirconn->requested_resource));
4988 const char *resource,
4992 conn->purpose == purpose && conn->state == state,
4995 dirconn->requested_resource));
4998#undef DIR_CONN_LIST_TEMPLATE
5021 log_debug(
LD_DIR,
"%s: Found an OR connection: %s",
5029#undef CONN_GET_TEMPLATE
5100 const size_t authenticator_length = strlen(authenticator);
5101 const size_t base64_authenticator_length =
5103 char *base64_authenticator = tor_malloc(base64_authenticator_length);
5104 if (
base64_encode(base64_authenticator, base64_authenticator_length,
5105 authenticator, authenticator_length, 0) < 0) {
5108 return base64_authenticator;
5127 int e = tor_socket_errno(sock);
5128 log_warn(
LD_NET,
"getsockname() to check for address change failed: %s",
5129 tor_socket_strerror(e));
5134 if (family == AF_INET)
5136 else if (family == AF_INET6)
5137 last_interface_ip_ptr = &last_interface_ipv6;
5141 if (! *last_interface_ip_ptr) {
5144 *last_interface_ip_ptr = a;
5161 if (
tor_addr_eq(&iface_addr, *last_interface_ip_ptr)) {
5167 log_notice(
LD_NET,
"Our IP address has changed. Rotating keys...");
5189 void *sz = (
void*)&size;
5190 socklen_t sz_sz = (socklen_t)
sizeof(size);
5191 if (setsockopt(sock, SOL_SOCKET, SO_SNDBUF, sz, sz_sz) < 0) {
5192 int e = tor_socket_errno(sock);
5193 log_warn(
LD_NET,
"setsockopt() to constrain send "
5194 "buffer to %d bytes failed: %s", size, tor_socket_strerror(e));
5196 if (setsockopt(sock, SOL_SOCKET, SO_RCVBUF, sz, sz_sz) < 0) {
5197 int e = tor_socket_errno(sock);
5198 log_warn(
LD_NET,
"setsockopt() to constrain recv "
5199 "buffer to %d bytes failed: %s", size, tor_socket_strerror(e));
5214 switch (conn->
type) {
5230 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5245 r = connection_dirserv_flushed_some(
TO_DIR_CONN(conn));
5275 switch (conn->
type) {
5290 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5323 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5333 switch (conn->
type) {
5347 log_err(
LD_BUG,
"got unexpected conn type %d.", conn->
type);
5357 int a_circs, b_circs;
5363 if (a_circs < b_circs)
return 1;
5364 else if (a_circs > b_circs)
return -1;
5408 int conn_counts_by_type[CONN_TYPE_MAX_ + 1], i;
5434 memset(conn_counts_by_type, 0,
sizeof(conn_counts_by_type));
5438 ++(conn_counts_by_type[c->type]);
5459 } SMARTLIST_FOREACH_END(c);
5462 if (smartlist_len(conns) > 0) {
5464 log_info(
LD_NET,
"Some stats on conn types seen during OOS follow");
5465 for (i = CONN_TYPE_MIN_; i <= CONN_TYPE_MAX_; ++i) {
5467 if (conn_counts_by_type[i] > 0) {
5468 log_info(
LD_NET,
"%s: %d conns",
5470 conn_counts_by_type[i]);
5473 log_info(
LD_NET,
"Done with OOS conn type stats");
5477 if (smartlist_len(eligible) > n) {
5482 for (i = 0; i < n; ++i) {
5486 smartlist_free(eligible);
5506 connection_mark_for_close(c);
5508 } SMARTLIST_FOREACH_END(c);
5511 "OOS handler marked %d connections",
5512 smartlist_len(conns));
5537 int target_n_socks = 0, moribund_socks, socks_to_kill;
5553 "Running the OOS handler (%d open sockets, %s)",
5554 n_socks, (failed != 0) ?
"exhaustion seen" :
"no exhaustion");
5562 if (n_socks >=
get_options()->ConnLimit_high_thresh &&
5568 "Current number of sockets %d is greater than configured "
5569 "limit %d; OOS handler trying to get down to %d",
5572 }
else if (failed) {
5578 target_n_socks = (n_socks * 9) / 10;
5580 "We saw socket exhaustion at %d open sockets; OOS handler "
5581 "trying to get down to %d",
5582 n_socks, target_n_socks);
5585 if (target_n_socks > 0) {
5596 if (moribund_socks < n_socks - target_n_socks) {
5597 socks_to_kill = n_socks - target_n_socks - moribund_socks;
5603 "OOS handler killed %d conns", smartlist_len(conns));
5604 smartlist_free(conns);
5606 log_notice(
LD_NET,
"OOS handler failed to pick any victim conns");
5610 "Not killing any sockets for OOS because there are %d "
5611 "already moribund, and we only want to eliminate %d",
5612 moribund_socks, n_socks - target_n_socks);
5621 uint64_t used_by_type[CONN_TYPE_MAX_+1];
5622 uint64_t alloc_by_type[CONN_TYPE_MAX_+1];
5623 int n_conns_by_type[CONN_TYPE_MAX_+1];
5624 uint64_t total_alloc = 0;
5625 uint64_t total_used = 0;
5629 memset(used_by_type, 0,
sizeof(used_by_type));
5630 memset(alloc_by_type, 0,
sizeof(alloc_by_type));
5631 memset(n_conns_by_type, 0,
sizeof(n_conns_by_type));
5635 ++n_conns_by_type[tp];
5644 } SMARTLIST_FOREACH_END(c);
5645 for (i=0; i <= CONN_TYPE_MAX_; ++i) {
5646 total_used += used_by_type[i];
5647 total_alloc += alloc_by_type[i];
5651 "In buffers for %d connections: %"PRIu64
" used/%"PRIu64
" allocated",
5652 smartlist_len(conns),
5653 (total_used), (total_alloc));
5654 for (i=CONN_TYPE_MIN_; i <= CONN_TYPE_MAX_; ++i) {
5655 if (!n_conns_by_type[i])
5658 " For %d %s connections: %"PRIu64
" used/%"PRIu64
" allocated",
5660 (used_by_type[i]), (alloc_by_type[i]));
5675 switch (conn->
type) {
5692 CASE_ANY_LISTENER_TYPE:
5764 CASE_ANY_LISTENER_TYPE:
5832 *port = transport->
port;
5844 *proxy_type = PROXY_CONNECT;
5849 *proxy_type = PROXY_SOCKS4;
5854 *proxy_type = PROXY_SOCKS5;
5861 *proxy_type = PROXY_HAPROXY;
5867 *proxy_type = PROXY_NONE;
5877 uint16_t proxy_port;
5878 int proxy_type, is_pt;
5886 "The connection to the %s proxy server at %s just failed. "
5887 "Make sure that the proxy server is up and running.",
5896 switch (proxy_type) {
5897 case PROXY_CONNECT:
return "HTTP";
5898 case PROXY_SOCKS4:
return "SOCKS4";
5899 case PROXY_SOCKS5:
return "SOCKS5";
5900 case PROXY_HAPROXY:
return "HAPROXY";
5901 case PROXY_PLUGGABLE:
return "pluggable transports SOCKS";
5902 case PROXY_NONE:
return "NULL";
5958 const char *source))
5961 char *ext_source = NULL, *warn = NULL;
5967 ext_source = tor_strdup(source);
5969 "Received %s with skewed time (%s): "
5970 "It seems that our clock is %s by %s, or that theirs is %s%s. "
5971 "Tor requires an accurate clock to work: please check your time, "
5972 "timezone, and date settings.", received, ext_source,
5973 apparent_skew > 0 ?
"ahead" :
"behind", dbuf,
5974 apparent_skew > 0 ?
"behind" :
"ahead",
5975 (!conn || trusted) ?
"" :
", or they are sending us the wrong time");
5978 apparent_skew, ext_source);
5979 tor_asprintf(&warn,
"Clock skew %ld in %s from %s", apparent_skew,
socklen_t tor_addr_to_sockaddr(const tor_addr_t *a, uint16_t port, struct sockaddr *sa_out, socklen_t len)
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
void tor_addr_make_unspec(tor_addr_t *a)
tor_addr_port_t * tor_addr_port_new(const tor_addr_t *addr, uint16_t port)
int tor_addr_is_loopback(const tor_addr_t *addr)
int tor_addr_is_null(const tor_addr_t *addr)
char * tor_addr_to_str_dup(const tor_addr_t *addr)
int get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr)
const char * fmt_addrport(const tor_addr_t *addr, uint16_t port)
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
int tor_addr_from_sockaddr(tor_addr_t *a, const struct sockaddr *sa, uint16_t *port_out)
#define fmt_and_decorate_addr(a)
static uint32_t tor_addr_to_ipv4n(const tor_addr_t *a)
static sa_family_t tor_addr_family(const tor_addr_t *a)
#define tor_addr_to_in6_addr8(x)
#define tor_addr_eq(a, b)
Header file for directory authority mode.
int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen, int flags)
size_t base64_encode_size(size_t srclen, int flags)
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
int get_transport_by_bridge_addrport(const tor_addr_t *addr, uint16_t port, const transport_t **transport)
const smartlist_t * get_socks_args_by_bridge_addrport(const tor_addr_t *addr, uint16_t port)
Header file for circuitbuild.c.
size_t buf_move_all(buf_t *buf_out, buf_t *buf_in)
void buf_clear(buf_t *buf)
int buf_add(buf_t *buf, const char *string, size_t string_len)
size_t buf_allocation(const buf_t *buf)
size_t buf_datalen(const buf_t *buf)
void buf_assert_ok(buf_t *buf)
int buf_get_line(buf_t *buf, char *data_out, size_t *data_len)
size_t buf_slack(const buf_t *buf)
int buf_get_bytes(buf_t *buf, char *string, size_t string_len)
Header file for buffers.c.
int buf_flush_to_socket(buf_t *buf, tor_socket_t s, size_t sz)
int buf_read_from_socket(buf_t *buf, tor_socket_t s, size_t at_most, int *reached_eof, int *socket_error)
Header file for buffers_net.c.
int buf_read_from_tls(buf_t *buf, tor_tls_t *tls, size_t at_most)
int buf_flush_to_tls(buf_t *buf, tor_tls_t *tls, size_t flushlen)
Header for buffers_tls.c.
void bwhist_note_dir_bytes_written(uint64_t num_bytes, time_t when)
void bwhist_note_bytes_read(uint64_t num_bytes, time_t when, bool ipv6)
void bwhist_note_dir_bytes_read(uint64_t num_bytes, time_t when)
void bwhist_note_bytes_written(uint64_t num_bytes, time_t when, bool ipv6)
Header for feature/stats/bwhist.c.
void channel_close_for_error(channel_t *chan)
void channel_notify_flushed(channel_t *chan)
Header file for channel.c.
Header file for channeltls.c.
Header file for circuitbuild.c.
circuit_t * circuit_get_by_edge_conn(edge_connection_t *conn)
Header file for circuitlist.c.
Header file for circuituse.c.
int mainloop_event_schedule(mainloop_event_t *event, const struct timeval *tv)
mainloop_event_t * mainloop_event_new(void(*cb)(mainloop_event_t *, void *), void *userdata)
Header for compat_libevent.c.
uint32_t monotime_coarse_get_stamp(void)
int buf_add_compress(struct buf_t *buf, struct tor_compress_state_t *state, const char *data, size_t data_len, int done)
const smartlist_t * get_configured_ports(void)
const char * escaped_safe_str_client(const char *address)
const or_options_t * get_options(void)
Header file for config.c.
bool conn_uses_flow_control(connection_t *conn)
void flow_control_decide_xon(edge_connection_t *stream, size_t n_written)
APIs for stream flow control on congestion controlled circuits.
void connection_mark_all_noncontrol_listeners(void)
edge_connection_t * edge_connection_new(int type, int socket_family)
smartlist_t * connection_dir_list_by_purpose_and_resource(int purpose, const char *resource)
static void client_check_address_changed(tor_socket_t sock)
int connection_buf_get_bytes(char *string, size_t len, connection_t *conn)
connection_t * connection_get_by_type_nonlinked(int type)
void clock_skew_warning(const connection_t *conn, long apparent_skew, int trusted, log_domain_mask_t domain, const char *received, const char *source)
connection_t * connection_new(int type, int socket_family)
void connection_link_connections(connection_t *conn_a, connection_t *conn_b)
static mainloop_event_t * reenable_blocked_connections_ev
int connection_fetch_from_buf_http(connection_t *conn, char **headers_out, size_t max_headerlen, char **body_out, size_t *body_used, size_t max_bodylen, int force_complete)
static int connection_read_https_proxy_response(connection_t *conn)
int connection_outbuf_too_full(connection_t *conn)
listener_connection_t * listener_connection_new(int type, int socket_family)
bool connection_dir_is_global_write_low(const connection_t *conn, size_t attempt)
static int connection_reached_eof(connection_t *conn)
int connection_is_listener(connection_t *conn)
void connection_buf_add_buf(connection_t *conn, buf_t *buf)
static int connection_handle_listener_read(connection_t *conn, int new_type)
static int connection_flushed_some(connection_t *conn)
int get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type, int *is_pt_out, const connection_t *conn)
static int connection_is_rate_limited(const connection_t *conn)
int connection_buf_get_line(connection_t *conn, char *data, size_t *data_len)
int connection_wants_to_flush(connection_t *conn)
static smartlist_t * outgoing_addrs
STATIC smartlist_t * pick_oos_victims(int n)
static connection_t * connection_get_another_active_or_conn(const or_connection_t *this_conn)
void connection_mark_for_close_(connection_t *conn, int line, const char *file)
int connection_proxy_connect(connection_t *conn, int type)
int connection_is_moribund(connection_t *conn)
static void connection_write_to_buf_failed(connection_t *conn)
void connection_consider_empty_write_buckets(connection_t *conn)
static time_t last_recorded_accounting_at
static void record_num_bytes_transferred_impl(connection_t *conn, time_t now, size_t num_read, size_t num_written)
static void connection_write_to_buf_commit(connection_t *conn)
void connection_close_immediate(connection_t *conn)
static tor_addr_t * last_interface_ipv4
static int retry_listener_ports(smartlist_t *old_conns, const smartlist_t *ports, smartlist_t *new_conns, smartlist_t *replacements, int control_listeners_only)
static int conn_get_proxy_type(const connection_t *conn)
void connection_dump_buffer_mem_stats(int severity)
char * alloc_http_authenticator(const char *authenticator)
#define CONN_GET_TEMPLATE(var, test)
void connection_bucket_init(void)
static ssize_t connection_bucket_get_share(int base, int priority, ssize_t global_bucket_val, ssize_t conn_bucket)
#define DIR_CONN_LIST_TEMPLATE(conn_var, conn_test, dirconn_var, dirconn_test)
void connection_read_bw_exhausted(connection_t *conn, bool is_global_bw)
const char * conn_type_to_string(int type)
static int connection_https_proxy_connect(connection_t *conn)
static int connection_finished_connecting(connection_t *conn)
connection_t * connection_get_by_type_addr_port_purpose(int type, const tor_addr_t *addr, uint16_t port, int purpose)
static int connection_may_write_to_buf(connection_t *conn)
static int connection_buf_read_from_socket(connection_t *conn, ssize_t *max_to_read, int *socket_error)
static int connection_haproxy_proxy_connect(connection_t *conn)
int connection_flush(connection_t *conn)
void assert_connection_ok(connection_t *conn, time_t now)
connection_t * connection_get_by_type(int type)
int connection_read_proxy_handshake(connection_t *conn)
static int connection_finished_flushing(connection_t *conn)
int connection_process_inbuf(connection_t *conn, int package_partial)
static void reenable_blocked_connection_init(const or_options_t *options)
ssize_t connection_bucket_write_limit(connection_t *conn, time_t now)
static void reenable_blocked_connections_cb(mainloop_event_t *ev, void *arg)
static void connection_init(time_t now, connection_t *conn, int type, int socket_family)
int retry_all_listeners(smartlist_t *new_conns, int close_all_noncontrol)
const tor_addr_t * conn_get_outbound_address(sa_family_t family, const or_options_t *options, unsigned int conn_type)
static void connection_send_socks5_connect(connection_t *conn)
const listener_connection_t * CONST_TO_LISTENER_CONN(const connection_t *c)
static void set_constrained_socket_buffers(tor_socket_t sock, int size)
static void update_send_buffer_size(tor_socket_t sock)
void connection_write_to_buf_impl_(const char *string, size_t len, connection_t *conn, int zlib)
void connection_mark_for_close_internal_(connection_t *conn, int line, const char *file)
int connection_state_is_open(connection_t *conn)
static void connection_buckets_decrement(connection_t *conn, time_t now, size_t num_read, size_t num_written)
const char * connection_describe_peer(const connection_t *conn)
static connection_t * connection_listener_new_for_port(const port_cfg_t *port, int *defer, int *addr_in_use)
static struct timeval reenable_blocked_connections_delay
static connection_t * connection_listener_new(const struct sockaddr *listensockaddr, socklen_t listensocklen, int type, const char *address, const port_cfg_t *portcfg, int *addr_in_use)
STATIC void connection_free_minimal(connection_t *conn)
void connection_bucket_adjust(const or_options_t *options)
int any_other_active_or_conns(const or_connection_t *this_conn)
static const char * connection_describe_peer_internal(const connection_t *conn, bool include_preposition)
entry_connection_t * entry_connection_new(int type, int socket_family)
void connection_consider_empty_read_buckets(connection_t *conn)
static int connection_counts_as_relayed_traffic(connection_t *conn, time_t now)
static int oos_victim_comparator_for_orconns(or_connection_t *a, or_connection_t *b)
or_connection_t * or_connection_new(int type, int socket_family)
int conn_listener_type_supports_af_unix(int type)
static void socket_failed_from_tcp_port_exhaustion(void)
static uint32_t last_refilled_global_buckets_ts
void connection_free_all(void)
static time_t write_buckets_last_empty_at
static ssize_t connection_bucket_read_limit(connection_t *conn, time_t now)
smartlist_t * connection_dir_list_by_purpose_resource_and_state(int purpose, const char *resource, int state)
static int oos_victim_comparator(const void **a_v, const void **b_v)
static int connection_fetch_from_buf_socks_client(connection_t *conn, int state, char **reason)
static int connection_handle_write_impl(connection_t *conn, int force)
int connection_init_accepted_conn(connection_t *conn, const listener_connection_t *listener)
static void socket_failed_from_fd_exhaustion(void)
static int connection_handle_read_impl(connection_t *conn)
const char * connection_describe(const connection_t *conn)
connection_t * connection_get_by_type_state(int type, int state)
STATIC int connection_connect_sockaddr(connection_t *conn, const struct sockaddr *sa, socklen_t sa_len, const struct sockaddr *bindaddr, socklen_t bindaddr_len, int *socket_error)
void connection_mark_all_noncontrol_connections(void)
dir_connection_t * dir_connection_new(int socket_family)
void log_failed_proxy_connection(connection_t *conn)
void connection_write_bw_exhausted(connection_t *conn, bool is_global_bw)
static const char * connection_proxy_state_to_string(int state)
void connection_about_to_close_connection(connection_t *conn)
STATIC void kill_conn_list_for_oos(smartlist_t *conns)
#define CONN_IS_CLOSED(c)
static int reenable_blocked_connections_is_scheduled
static const char * proxy_type_to_string(int proxy_type)
void connection_free_(connection_t *conn)
listener_connection_t * TO_LISTENER_CONN(connection_t *c)
static void reenable_blocked_connection_schedule(void)
static int connection_socks4_proxy_connect(connection_t *conn)
int connection_state_is_connecting(connection_t *conn)
control_connection_t * control_connection_new(int socket_family)
static int connection_socks5_proxy_connect(connection_t *conn)
static int make_socket_reuseable(tor_socket_t sock)
void connection_dir_buf_add(const char *string, size_t len, dir_connection_t *dir_conn, int done)
#define CLIENT_IDLE_TIME_FOR_PRIORITY
static int check_sockaddr_family_match(sa_family_t got, connection_t *listener)
int connection_connect(connection_t *conn, const char *address, const tor_addr_t *addr, uint16_t port, int *socket_error)
void connection_expire_held_open(void)
const char * conn_state_to_string(int type, int state)
void connection_check_oos(int n_socks, int failed)
static void connection_bucket_refill_single(connection_t *conn, uint32_t now_ts)
connection_t * connection_get_by_global_id(uint64_t id)
static int check_sockaddr(const struct sockaddr *sa, int len, int level)
Header file for connection.c.
#define CONN_TYPE_METRICS
#define CONN_TYPE_AP_HTTP_CONNECT_LISTENER
#define CONN_TYPE_DIR_LISTENER
#define CONN_TYPE_OR_LISTENER
#define CONN_TYPE_METRICS_LISTENER
#define CONN_TYPE_CONTROL_LISTENER
#define CONN_TYPE_CONTROL
#define CONN_TYPE_EXT_OR_LISTENER
#define CONN_LOG_PROTECT(conn, stmt)
#define MAX_SOCKS5_AUTH_SIZE_TOTAL
#define MAX_SOCKS5_AUTH_FIELD_SIZE
#define CONN_TYPE_AP_NATD_LISTENER
#define LISTENER_STATE_READY
#define CONN_TYPE_AP_LISTENER
#define CONN_TYPE_AP_DNS_LISTENER
#define CONN_TYPE_AP_TRANS_LISTENER
const edge_connection_t * CONST_TO_EDGE_CONN(const connection_t *c)
int connection_ap_process_transparent(entry_connection_t *conn)
int connection_edge_finished_connecting(edge_connection_t *edge_conn)
int connection_edge_finished_flushing(edge_connection_t *conn)
void connection_exit_about_to_close(edge_connection_t *edge_conn)
int connection_edge_flushed_some(edge_connection_t *conn)
int connection_edge_reached_eof(edge_connection_t *conn)
int connection_edge_end_errno(edge_connection_t *conn)
void connection_ap_about_to_close(entry_connection_t *entry_conn)
entry_connection_t * TO_ENTRY_CONN(connection_t *c)
edge_connection_t * TO_EDGE_CONN(connection_t *c)
int connection_edge_process_inbuf(edge_connection_t *conn, int package_partial)
Header file for connection_edge.c.
#define AP_CONN_STATE_HTTP_CONNECT_WAIT
#define EXIT_CONN_STATE_CONNECTING
#define AP_CONN_STATE_CONTROLLER_WAIT
#define EXIT_CONN_STATE_OPEN
#define AP_CONN_STATE_SOCKS_WAIT
#define EXIT_CONN_STATE_RESOLVEFAILED
#define AP_CONN_STATE_CONNECT_WAIT
#define AP_CONN_STATE_OPEN
#define EXIT_PURPOSE_CONNECT
#define AP_CONN_STATE_RESOLVE_WAIT
#define AP_CONN_STATE_CIRCUIT_WAIT
#define EXIT_CONN_STATE_RESOLVING
#define AP_CONN_STATE_NATD_WAIT
#define AP_CONN_STATE_RENDDESC_WAIT
#define EXIT_PURPOSE_RESOLVE
void connection_or_event_status(or_connection_t *conn, or_conn_status_event_t tp, int reason)
or_connection_t * TO_OR_CONN(connection_t *c)
int connection_or_reached_eof(or_connection_t *conn)
int connection_tls_continue_handshake(or_connection_t *conn)
void connection_or_notify_error(or_connection_t *conn, int reason, const char *msg)
int connection_or_process_inbuf(or_connection_t *conn)
void connection_or_clear_identity(or_connection_t *conn)
time_t connection_or_client_used(or_connection_t *conn)
int connection_or_finished_flushing(or_connection_t *conn)
void clear_broken_connection_map(int stop_recording)
int connection_tls_start_handshake(or_connection_t *conn, int receiving)
int connection_or_get_num_circuits(or_connection_t *conn)
int connection_or_flushed_some(or_connection_t *conn)
const struct ed25519_public_key_t * connection_or_get_alleged_ed25519_id(const or_connection_t *conn)
void connection_or_close_for_error(or_connection_t *orconn, int flush)
const or_connection_t * CONST_TO_OR_CONN(const connection_t *c)
int connection_or_finished_connecting(or_connection_t *or_conn)
void connection_or_about_to_close(or_connection_t *or_conn)
void connection_or_clear_identity_map(void)
void connection_or_close_normally(or_connection_t *orconn, int flush)
Header file for connection_or.c.
#define DIR_CONN_IS_SERVER(conn)
void conn_stats_note_or_conn_bytes(uint64_t conn_id, size_t num_read, size_t num_written, time_t when, bool is_ipv6)
Header for feature/stats/connstats.c.
control_connection_t * TO_CONTROL_CONN(connection_t *c)
int connection_control_reached_eof(control_connection_t *conn)
void connection_control_closed(control_connection_t *conn)
int connection_control_finished_flushing(control_connection_t *conn)
int connection_control_process_inbuf(control_connection_t *conn)
Header file for control.c.
#define LOG_FN_CONN(conn, args)
#define CONTROL_CONN_STATE_OPEN
#define CONTROL_CONN_STATE_NEEDAUTH
void control_event_bootstrap_problem(const char *warn, const char *reason, const connection_t *conn, int dowarn)
Controller connection structure.
int control_event_general_status(int severity, const char *format,...)
void control_update_global_event_mask(void)
Header file for control_events.c.
void cpath_assert_layer_ok(const crypt_path_t *cp)
Header file for crypt_path.c.
void memwipe(void *mem, uint8_t byte, size_t sz)
Common functions for cryptographic routines.
#define tor_str_wipe_and_free(str)
Compile-time assertions: CTASSERT(expression).
int check_private_dir(const char *dirname, cpd_check_t check, const char *effective_user)
Client/server directory connection structure.
bool dirauth_should_reject_requests_under_load(void)
Header for feature/dirauth/dirauth_config.c.
int connection_dir_reached_eof(dir_connection_t *conn)
int connection_dir_finished_flushing(dir_connection_t *conn)
int connection_dir_finished_connecting(dir_connection_t *conn)
int parse_http_response(const char *headers, int *code, time_t *date, compress_method_t *compression, char **reason)
dir_connection_t * TO_DIR_CONN(connection_t *c)
void connection_dir_about_to_close(dir_connection_t *dir_conn)
int connection_dir_process_inbuf(dir_connection_t *conn)
Header file for directory.c.
#define DIR_CONN_STATE_CONNECTING
#define DIR_CONN_STATE_CLIENT_FINISHED
#define DIR_CONN_STATE_CLIENT_READING
#define DIR_CONN_STATE_SERVER_WRITING
#define DIR_CONN_STATE_SERVER_COMMAND_WAIT
#define DIR_PURPOSE_SERVER
#define DIR_CONN_STATE_CLIENT_SENDING
Header file for dirserv.c.
void dnsserv_configure_listener(connection_t *conn)
Header file for dnsserv.c.
Entry connection structure.
#define ENTRY_TO_EDGE_CONN(c)
void entry_guard_cancel(circuit_guard_state_t **guard_state_p)
CTASSERT(NUMBER_SECOND_GUARDS< 20)
Header file for circuitbuild.c.
char * esc_for_log(const char *s)
const char * escaped(const char *s)
int connection_ext_or_process_inbuf(or_connection_t *or_conn)
int connection_ext_or_start_auth(or_connection_t *or_conn)
int connection_ext_or_finished_flushing(or_connection_t *conn)
#define EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_HASH
#define EXT_OR_CONN_STATE_OPEN
#define EXT_OR_CONN_STATE_MIN_
#define EXT_OR_CONN_STATE_FLUSHING
#define EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_NONCE
#define EXT_OR_CONN_STATE_AUTH_WAIT_AUTH_TYPE
void accounting_add_bytes(size_t n_read, size_t n_written, int seconds)
int accounting_is_enabled(const or_options_t *options)
Header file for hibernate.c.
Header file containing common data for the whole HS subsystem.
Header file containing circuit and connection identifier data for the whole HS subsystem.
Header for feature/hs/hs_metrics.c.
#define hs_metrics_app_read_bytes(i, port, n)
Listener connection structure.
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
#define log_fn(severity, domain, args,...)
#define log_fn_ratelim(ratelim, severity, domain, args,...)
uint64_t log_domain_mask_t
void stats_increment_bytes_read_and_written(uint64_t r, uint64_t w)
void connection_stop_reading(connection_t *conn)
void connection_stop_reading_from_linked_conn(connection_t *conn)
int connection_in_array(connection_t *conn)
void ip_address_changed(int on_client_conn)
void connection_unregister_events(connection_t *conn)
void add_connection_to_closeable_list(connection_t *conn)
int connection_is_on_closeable_list(connection_t *conn)
void connection_start_reading(connection_t *conn)
void update_current_time(time_t now)
int connection_is_writing(connection_t *conn)
int connection_is_reading(const connection_t *conn)
void connection_start_writing(connection_t *conn)
smartlist_t * get_connection_array(void)
int connection_count_moribund(void)
void connection_stop_writing(connection_t *conn)
unsigned get_signewnym_epoch(void)
Header file for mainloop.c.
int metrics_connection_process_inbuf(connection_t *conn)
int metrics_connection_reached_eof(connection_t *conn)
int metrics_connection_finished_flushing(connection_t *conn)
Header for feature/metrics/metrics.c.
int net_is_completely_disabled(void)
void note_user_activity(time_t now)
#define TOR_INVALID_SOCKET
int nodelist_probably_contains_address(const tor_addr_t *addr)
Header file for nodelist.c.
Master header file for Tor-specific functionality.
#define CELL_PAYLOAD_SIZE
#define DOWNCAST(to, ptr)
#define RELAY_PAYLOAD_SIZE_MAX
#define SESSION_GROUP_FIRST_AUTO
@ TCP_PROXY_PROTOCOL_HAPROXY
#define OR_CONN_STATE_SERVER_VERSIONS_WAIT
#define OR_CONN_STATE_CONNECTING
#define OR_CONN_STATE_PROXY_HANDSHAKING
#define OR_CONN_STATE_TLS_HANDSHAKING
#define OR_CONN_STATE_OR_HANDSHAKING_V3
#define OR_CONN_STATE_OPEN
int get_parent_directory(char *fname)
int reachable_addr_prefer_ipv6_dirport(const or_options_t *options)
int reachable_addr_prefer_ipv6_orport(const or_options_t *options)
int reachable_addr_use_ipv6(const or_options_t *options)
int dir_policy_permits_address(const tor_addr_t *addr)
int socks_policy_permits_address(const tor_addr_t *addr)
Header file for policies.c.
Listener port configuration structure.
int tor_asprintf(char **strp, const char *fmt,...)
int tor_snprintf(char *str, size_t size, const char *format,...)
int fetch_from_buf_http(buf_t *buf, char **headers_out, size_t max_headerlen, char **body_out, size_t *body_used, size_t max_bodylen, int force_complete)
socks_request_t * socks_request_new(void)
int fetch_from_buf_socks_client(buf_t *buf, int state, char **reason)
Header for proto_socks.c.
char * rate_limit_log(ratelim_t *lim, time_t now)
int errno_to_orconn_end_reason(int e)
Header file for reasons.c.
Header file for rendcommon.c.
void rep_hist_note_exit_bytes(uint16_t port, size_t num_written, size_t num_read)
void rep_hist_note_conn_closed(bool from_listener, unsigned int type, int af)
void rep_hist_note_conn_rejected(unsigned int type, int af)
void rep_hist_note_conn_opened(bool from_listener, unsigned int type, int af)
void rep_hist_note_overload(overload_type_t overload)
void rep_hist_note_tcp_exhaustion(void)
Header file for rephist.c.
void resolved_addr_reset_last(int family)
Header file for resolve_addr.c.
uint16_t routerconf_find_or_port(const or_options_t *options, sa_family_t family)
void mark_my_descriptor_dirty(const char *reason)
uint16_t routerconf_find_dir_port(const or_options_t *options, uint16_t dirport)
Router descriptor structure.
Header file for routerlist.c.
int server_mode(const or_options_t *options)
Header file for routermode.c.
Header file for sandbox.c.
#define sandbox_intern_string(s)
void smartlist_sort(smartlist_t *sl, int(*compare)(const void **a, const void **b))
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
smartlist_t * smartlist_new(void)
void smartlist_add(smartlist_t *sl, void *element)
void smartlist_clear(smartlist_t *sl)
void smartlist_remove(smartlist_t *sl, const void *element)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
#define SMARTLIST_DEL_CURRENT(sl, var)
tor_socket_t tor_accept_socket_nonblocking(tor_socket_t sockfd, struct sockaddr *addr, socklen_t *len)
int tor_close_socket(tor_socket_t s)
int get_n_open_sockets(void)
void tor_release_socket_ownership(tor_socket_t s)
int tor_addr_from_getsockname(struct tor_addr_t *addr_out, tor_socket_t sock)
tor_socket_t tor_open_socket_nonblocking(int domain, int type, int protocol)
Client request structure.
#define SOCKS_COMMAND_CONNECT
void note_connection(bool inbound, const connection_t *conn)
uint64_t global_identifier
time_t timestamp_last_read_allowed
unsigned int in_connection_handle_write
struct event * write_event
unsigned int inbuf_reached_eof
struct connection_t * linked_conn
unsigned int hold_open_until_flushed
unsigned int reading_from_linked_conn
unsigned int from_listener
uint64_t global_identifier
unsigned int read_blocked_on_bw
uint16_t marked_for_close
const char * marked_for_close_file
uint32_t n_written_conn_bw
unsigned int linked_conn_is_closed
unsigned int in_flushed_some
unsigned int always_rate_limit_as_remote
unsigned int active_on_link
unsigned int write_blocked_on_bw
struct event * read_event
time_t timestamp_last_write_allowed
smartlist_t * ephemeral_onion_services
char * safecookie_client_hash
char * requested_resource
struct tor_compress_state_t * compress_state
struct circuit_guard_state_t * guard_state
unsigned int is_transparent_ap
socks_request_t * socks_request
unsigned int chosen_exit_optional
char * original_dest_address
unsigned int chosen_exit_retries
struct buf_t * pending_optimistic_data
unsigned int socks_prefer_no_auth
unsigned int extended_socks5_codes
ed25519_public_key_t identity_pk
uint16_t orig_virtual_port
char identity_digest[DIGEST_LEN]
or_handshake_state_t * handshake_state
tor_addr_port_t canonical_orport
tor_addr_t Socks4ProxyAddr
uint64_t RelayBandwidthBurst
int ClientPreferIPv6DirPort
tor_addr_t HTTPSProxyAddr
int TestingEnableConnBwEvent
tcp_proxy_protocol_t TCPProxyProtocol
struct config_line_t * ClientTransportPlugin
uint64_t ConstrainedSockSize
int TokenBucketRefillInterval
int ClientPreferIPv6ORPort
char * Socks5ProxyUsername
char * Socks5ProxyPassword
int CountPrivateBandwidth
tor_addr_t Socks5ProxyAddr
uint64_t RelayBandwidthRate
tor_addr_t OutboundBindAddresses[OUTBOUND_ADDR_MAX][2]
enum or_options_t::@2 TransProxyType_parsed
char * HTTPSProxyAuthenticator
char unix_addr[FLEXIBLE_ARRAY_MEMBER]
entry_port_cfg_t entry_cfg
unsigned int has_finished
unsigned int socks_prefer_no_auth
unsigned int socks_use_extended_errors
#define MOCK_IMPL(rv, funcname, arglist)
int format_time_interval(char *out, size_t out_len, long interval)
int token_bucket_rw_dec(token_bucket_rw_t *bucket, ssize_t n_read, ssize_t n_written)
int token_bucket_rw_refill(token_bucket_rw_t *bucket, uint32_t now_ts_stamp)
void token_bucket_rw_adjust(token_bucket_rw_t *bucket, uint32_t rate, uint32_t burst)
void token_bucket_rw_init(token_bucket_rw_t *bucket, uint32_t rate, uint32_t burst, uint32_t now_ts_stamp)
const char * tor_tls_err_to_string(int err)
void tor_tls_get_n_raw_bytes(tor_tls_t *tls, size_t *n_read, size_t *n_written)
#define CASE_TOR_TLS_ERROR_ANY
#define CASE_TOR_TLS_ERROR_ANY_NONIO
int tor_tls_get_pending_bytes(tor_tls_t *tls)
void tor_tls_release_socket(tor_tls_t *tls)
char * pt_get_socks_args_for_proxy_addrport(const tor_addr_t *addr, uint16_t port)
Headers for transports.c.
const struct passwd * tor_getpwnam(const char *username)
#define tor_assert_nonfatal_unreached()
#define tor_fragile_assert()
#define IF_BUG_ONCE(cond)
int strcmp_opt(const char *s1, const char *s2)
int fast_mem_is_zero(const char *mem, size_t len)
int tor_digest_is_zero(const char *digest)
#define ED25519_BASE64_LEN