Tor  0.4.8.0-alpha-dev
connection_or.c
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * \file connection_or.c
9  * \brief Functions to handle OR connections, TLS handshaking, and
10  * cells on the network.
11  *
12  * An or_connection_t is a subtype of connection_t (as implemented in
13  * connection.c) that uses a TLS connection to send and receive cells on the
14  * Tor network. (By sending and receiving cells connection_or.c, it cooperates
15  * with channeltls.c to implement a the channel interface of channel.c.)
16  *
17  * Every OR connection has an underlying tortls_t object (as implemented in
18  * tortls.c) which it uses as its TLS stream. It is responsible for
19  * sending and receiving cells over that TLS.
20  *
21  * This module also implements the client side of the v3 (and greater) Tor
22  * link handshake.
23  **/
24 #include "core/or/or.h"
25 #include "feature/client/bridges.h"
26 #include "lib/buf/buffers.h"
27 /*
28  * Define this so we get channel internal functions, since we're implementing
29  * part of a subclass (channel_tls_t).
30  */
31 #define CHANNEL_OBJECT_PRIVATE
32 #define CONNECTION_OR_PRIVATE
33 #define ORCONN_EVENT_PRIVATE
34 #include "core/or/channel.h"
35 #include "core/or/channeltls.h"
36 #include "core/or/circuitbuild.h"
37 #include "core/or/circuitlist.h"
38 #include "core/or/circuitstats.h"
39 #include "core/or/command.h"
40 #include "app/config/config.h"
42 #include "core/or/connection_or.h"
48 #include "lib/geoip/geoip.h"
49 #include "core/mainloop/mainloop.h"
50 #include "trunnel/netinfo.h"
54 #include "core/proto/proto_cell.h"
55 #include "core/or/reasons.h"
56 #include "core/or/relay.h"
58 #include "feature/stats/rephist.h"
59 #include "feature/relay/router.h"
65 #include "core/or/scheduler.h"
67 #include "core/or/channelpadding.h"
70 #include "feature/hs/hs_service.h"
71 
72 #include "core/or/cell_st.h"
73 #include "core/or/cell_queue_st.h"
77 #include "app/config/or_state_st.h"
79 #include "core/or/var_cell_st.h"
81 
82 #include "lib/tls/tortls.h"
83 
84 #include "core/or/orconn_event.h"
85 
90  int started_here,
91  char *digest_rcvd_out);
92 
93 static void connection_or_tls_renegotiated_cb(tor_tls_t *tls, void *_conn);
94 
95 static unsigned int
97 static void connection_or_mark_bad_for_new_circs(or_connection_t *or_conn);
98 
100  int started_here);
101 
102 /**************************************************************/
103 
104 /**
105  * Cast a `connection_t *` to an `or_connection_t *`.
106  *
107  * Exit with an assertion failure if the input is not an `or_connnection_t`.
108  **/
111 {
112  tor_assert(c->magic == OR_CONNECTION_MAGIC);
113  return DOWNCAST(or_connection_t, c);
114 }
115 
116 /**
117  * Cast a `const connection_t *` to a `const or_connection_t *`.
118  *
119  * Exit with an assertion failure if the input is not an `or_connnection_t`.
120  **/
121 const or_connection_t *
123 {
124  return TO_OR_CONN((connection_t *)c);
125 }
126 
127 /** Clear clear conn->identity_digest and update other data
128  * structures as appropriate.*/
129 void
131 {
132  tor_assert(conn);
133  memset(conn->identity_digest, 0, DIGEST_LEN);
134 }
135 
136 /** Clear all identities in OR conns.*/
137 void
139 {
141  SMARTLIST_FOREACH(conns, connection_t *, conn,
142  {
143  if (conn->type == CONN_TYPE_OR) {
144  connection_or_clear_identity(TO_OR_CONN(conn));
145  }
146  });
147 }
148 
149 /** Change conn->identity_digest to digest, and add conn into
150  * the appropriate digest maps.
151  *
152  * NOTE that this function only allows two kinds of transitions: from
153  * unset identity to set identity, and from idempotent re-settings
154  * of the same identity. It's not allowed to clear an identity or to
155  * change an identity. Return 0 on success, and -1 if the transition
156  * is not allowed.
157  **/
158 static void
160  const char *rsa_digest,
161  const ed25519_public_key_t *ed_id)
162 {
163  channel_t *chan = NULL;
164  tor_assert(conn);
165  tor_assert(rsa_digest);
166 
167  if (conn->chan)
168  chan = TLS_CHAN_TO_BASE(conn->chan);
169 
170  log_info(LD_HANDSHAKE, "Set identity digest for %s at %p: %s %s.",
172  conn,
173  hex_str(rsa_digest, DIGEST_LEN),
174  ed25519_fmt(ed_id));
175  log_info(LD_HANDSHAKE, " (Previously: %s %s)",
177  chan ? ed25519_fmt(&chan->ed25519_identity) : "<null>");
178 
179  const int rsa_id_was_set = ! tor_digest_is_zero(conn->identity_digest);
180  const int ed_id_was_set =
182  const int new_ed_id_is_set =
183  (ed_id && !ed25519_public_key_is_zero(ed_id));
184  const int rsa_changed =
185  tor_memneq(conn->identity_digest, rsa_digest, DIGEST_LEN);
186  const int ed_changed = bool_neq(ed_id_was_set, new_ed_id_is_set) ||
187  (ed_id_was_set && new_ed_id_is_set && chan &&
188  !ed25519_pubkey_eq(ed_id, &chan->ed25519_identity));
189 
190  if (BUG(rsa_changed && rsa_id_was_set))
191  return;
192  if (BUG(ed_changed && ed_id_was_set))
193  return;
194 
195  if (!rsa_changed && !ed_changed)
196  return;
197 
198  /* If the identity was set previously, remove the old mapping. */
199  if (rsa_id_was_set) {
201  if (chan)
203  }
204 
205  memcpy(conn->identity_digest, rsa_digest, DIGEST_LEN);
206 
207  /* If we're initializing the IDs to zero, don't add a mapping yet. */
208  if (tor_digest_is_zero(rsa_digest) && !new_ed_id_is_set)
209  return;
210 
211  /* Deal with channels */
212  if (chan)
213  channel_set_identity_digest(chan, rsa_digest, ed_id);
214 }
215 
216 /**
217  * Return the Ed25519 identity of the peer for this connection (if any).
218  *
219  * Note that this ID may not be the _actual_ identity for the peer if
220  * authentication is not complete.
221  **/
222 const struct ed25519_public_key_t *
224 {
225  if (conn && conn->chan) {
226  const channel_t *chan = NULL;
227  chan = TLS_CHAN_TO_BASE(conn->chan);
229  return &chan->ed25519_identity;
230  }
231  }
232 
233  return NULL;
234 }
235 
236 /**************************************************************/
237 
238 /** Map from a string describing what a non-open OR connection was doing when
239  * failed, to an intptr_t describing the count of connections that failed that
240  * way. Note that the count is stored _as_ the pointer.
241  */
242 static strmap_t *broken_connection_counts;
243 
244 /** If true, do not record information in <b>broken_connection_counts</b>. */
246 
247 /** Record that an OR connection failed in <b>state</b>. */
248 static void
249 note_broken_connection(const char *state)
250 {
251  void *ptr;
252  intptr_t val;
254  return;
255 
257  broken_connection_counts = strmap_new();
258 
259  ptr = strmap_get(broken_connection_counts, state);
260  val = (intptr_t)ptr;
261  val++;
262  ptr = (void*)val;
263  strmap_set(broken_connection_counts, state, ptr);
264 }
265 
266 /** Forget all recorded states for failed connections. If
267  * <b>stop_recording</b> is true, don't record any more. */
268 void
269 clear_broken_connection_map(int stop_recording)
270 {
272  strmap_free(broken_connection_counts, NULL);
274  if (stop_recording)
276 }
277 
278 /** Write a detailed description the state of <b>orconn</b> into the
279  * <b>buflen</b>-byte buffer at <b>buf</b>. This description includes not
280  * only the OR-conn level state but also the TLS state. It's useful for
281  * diagnosing broken handshakes. */
282 static void
284  char *buf, size_t buflen)
285 {
286  connection_t *conn = TO_CONN(orconn);
287  const char *conn_state;
288  char tls_state[256];
289 
290  tor_assert(conn->type == CONN_TYPE_OR || conn->type == CONN_TYPE_EXT_OR);
291 
292  conn_state = conn_state_to_string(conn->type, conn->state);
293  tor_tls_get_state_description(orconn->tls, tls_state, sizeof(tls_state));
294 
295  tor_snprintf(buf, buflen, "%s with SSL state %s", conn_state, tls_state);
296 }
297 
298 /** Record the current state of <b>orconn</b> as the state of a broken
299  * connection. */
300 static void
302 {
303  char buf[256];
305  return;
306  connection_or_get_state_description(orconn, buf, sizeof(buf));
307  log_info(LD_HANDSHAKE,"Connection died in state '%s'", buf);
309 }
310 
311 /** Helper type used to sort connection states and find the most frequent. */
312 typedef struct broken_state_count_t {
313  intptr_t count;
314  const char *state;
316 
317 /** Helper function used to sort broken_state_count_t by frequency. */
318 static int
319 broken_state_count_compare(const void **a_ptr, const void **b_ptr)
320 {
321  const broken_state_count_t *a = *a_ptr, *b = *b_ptr;
322  if (b->count < a->count)
323  return -1;
324  else if (b->count == a->count)
325  return 0;
326  else
327  return 1;
328 }
329 
330 /** Upper limit on the number of different states to report for connection
331  * failure. */
332 #define MAX_REASONS_TO_REPORT 10
333 
334 /** Report a list of the top states for failed OR connections at log level
335  * <b>severity</b>, in log domain <b>domain</b>. */
336 void
337 connection_or_report_broken_states(int severity, int domain)
338 {
339  int total = 0;
340  smartlist_t *items;
341 
343  return;
344 
345  items = smartlist_new();
346  STRMAP_FOREACH(broken_connection_counts, state, void *, countptr) {
347  broken_state_count_t *c = tor_malloc(sizeof(broken_state_count_t));
348  c->count = (intptr_t)countptr;
349  total += (int)c->count;
350  c->state = state;
351  smartlist_add(items, c);
352  } STRMAP_FOREACH_END;
353 
355 
356  tor_log(severity, domain, "%d connections have failed%s", total,
357  smartlist_len(items) > MAX_REASONS_TO_REPORT ? ". Top reasons:" : ":");
358 
359  SMARTLIST_FOREACH_BEGIN(items, const broken_state_count_t *, c) {
360  if (c_sl_idx > MAX_REASONS_TO_REPORT)
361  break;
362  tor_log(severity, domain,
363  " %d connections died in state %s", (int)c->count, c->state);
364  } SMARTLIST_FOREACH_END(c);
365 
367  smartlist_free(items);
368 }
369 
370 /**
371  * Helper function to publish an OR connection status event
372  *
373  * Publishes a messages to subscribers of ORCONN messages, and sends
374  * the control event.
375  **/
376 void
378  int reason)
379 {
380  orconn_status_msg_t *msg = tor_malloc(sizeof(*msg));
381 
382  msg->gid = conn->base_.global_identifier;
383  msg->status = tp;
384  msg->reason = reason;
385  orconn_status_publish(msg);
386  control_event_or_conn_status(conn, tp, reason);
387 }
388 
389 /**
390  * Helper function to publish a state change message
391  *
392  * connection_or_change_state() calls this to notify subscribers about
393  * a change of an OR connection state.
394  **/
395 static void
396 connection_or_state_publish(const or_connection_t *conn, uint8_t state)
397 {
398  orconn_state_msg_t *msg = tor_malloc(sizeof(*msg));
399 
400  msg->gid = conn->base_.global_identifier;
401  if (conn->is_pt) {
402  /* Do extra decoding because conn->proxy_type indicates the proxy
403  * protocol that tor uses to talk with the transport plugin,
404  * instead of PROXY_PLUGGABLE. */
405  tor_assert_nonfatal(conn->proxy_type != PROXY_NONE);
406  msg->proxy_type = PROXY_PLUGGABLE;
407  } else {
408  msg->proxy_type = conn->proxy_type;
409  }
410  msg->state = state;
411  if (conn->chan) {
412  msg->chan = TLS_CHAN_TO_BASE(conn->chan)->global_identifier;
413  } else {
414  msg->chan = 0;
415  }
416  orconn_state_publish(msg);
417 }
418 
419 /** Call this to change or_connection_t states, so the owning channel_tls_t can
420  * be notified.
421  */
422 
423 MOCK_IMPL(void,
425 {
426  tor_assert(conn);
427 
428  conn->base_.state = state;
429 
430  connection_or_state_publish(conn, state);
431  if (conn->chan)
433 }
434 
435 /** Return the number of circuits using an or_connection_t; this used to
436  * be an or_connection_t field, but it got moved to channel_t and we
437  * shouldn't maintain two copies. */
438 
439 MOCK_IMPL(int,
441 {
442  tor_assert(conn);
443 
444  if (conn->chan) {
445  return channel_num_circuits(TLS_CHAN_TO_BASE(conn->chan));
446  } else return 0;
447 }
448 
449 /**************************************************************/
450 
451 /** Pack the cell_t host-order structure <b>src</b> into network-order
452  * in the buffer <b>dest</b>. See tor-spec.txt for details about the
453  * wire format.
454  *
455  * Note that this function doesn't touch <b>dst</b>->next: the caller
456  * should set it or clear it as appropriate.
457  */
458 void
459 cell_pack(packed_cell_t *dst, const cell_t *src, int wide_circ_ids)
460 {
461  char *dest = dst->body;
462  if (wide_circ_ids) {
463  set_uint32(dest, htonl(src->circ_id));
464  dest += 4;
465  } else {
466  /* Clear the last two bytes of dest, in case we can accidentally
467  * send them to the network somehow. */
468  memset(dest+CELL_MAX_NETWORK_SIZE-2, 0, 2);
469  set_uint16(dest, htons(src->circ_id));
470  dest += 2;
471  }
472  set_uint8(dest, src->command);
473  memcpy(dest+1, src->payload, CELL_PAYLOAD_SIZE);
474 }
475 
476 /** Unpack the network-order buffer <b>src</b> into a host-order
477  * cell_t structure <b>dest</b>.
478  */
479 static void
480 cell_unpack(cell_t *dest, const char *src, int wide_circ_ids)
481 {
482  if (wide_circ_ids) {
483  dest->circ_id = ntohl(get_uint32(src));
484  src += 4;
485  } else {
486  dest->circ_id = ntohs(get_uint16(src));
487  src += 2;
488  }
489  dest->command = get_uint8(src);
490  memcpy(dest->payload, src+1, CELL_PAYLOAD_SIZE);
491 }
492 
493 /** Write the header of <b>cell</b> into the first VAR_CELL_MAX_HEADER_SIZE
494  * bytes of <b>hdr_out</b>. Returns number of bytes used. */
495 int
496 var_cell_pack_header(const var_cell_t *cell, char *hdr_out, int wide_circ_ids)
497 {
498  int r;
499  if (wide_circ_ids) {
500  set_uint32(hdr_out, htonl(cell->circ_id));
501  hdr_out += 4;
503  } else {
504  set_uint16(hdr_out, htons(cell->circ_id));
505  hdr_out += 2;
506  r = VAR_CELL_MAX_HEADER_SIZE - 2;
507  }
508  set_uint8(hdr_out, cell->command);
509  set_uint16(hdr_out+1, htons(cell->payload_len));
510  return r;
511 }
512 
513 /** Allocate and return a new var_cell_t with <b>payload_len</b> bytes of
514  * payload space. */
515 var_cell_t *
516 var_cell_new(uint16_t payload_len)
517 {
518  size_t size = offsetof(var_cell_t, payload) + payload_len;
519  var_cell_t *cell = tor_malloc_zero(size);
520  cell->payload_len = payload_len;
521  cell->command = 0;
522  cell->circ_id = 0;
523  return cell;
524 }
525 
526 /**
527  * Copy a var_cell_t
528  */
529 
530 var_cell_t *
532 {
533  var_cell_t *copy = NULL;
534  size_t size = 0;
535 
536  if (src != NULL) {
537  size = offsetof(var_cell_t, payload) + src->payload_len;
538  copy = tor_malloc_zero(size);
539  copy->payload_len = src->payload_len;
540  copy->command = src->command;
541  copy->circ_id = src->circ_id;
542  memcpy(copy->payload, src->payload, copy->payload_len);
543  }
544 
545  return copy;
546 }
547 
548 /** Release all space held by <b>cell</b>. */
549 void
551 {
552  tor_free(cell);
553 }
554 
555 /** We've received an EOF from <b>conn</b>. Mark it for close and return. */
556 int
558 {
559  tor_assert(conn);
560 
561  log_info(LD_OR,"OR connection reached EOF. Closing.");
563 
564  return 0;
565 }
566 
567 /** Handle any new bytes that have come in on connection <b>conn</b>.
568  * If conn is in 'open' state, hand it to
569  * connection_or_process_cells_from_inbuf()
570  * (else do nothing).
571  */
572 int
574 {
575  int ret = 0;
576  tor_assert(conn);
577 
578  switch (conn->base_.state) {
581 
582  /* start TLS after handshake completion, or deal with error */
583  if (ret == 1) {
584  tor_assert(TO_CONN(conn)->proxy_state == PROXY_CONNECTED);
585  if (buf_datalen(conn->base_.inbuf) != 0) {
586  log_fn(LOG_PROTOCOL_WARN, LD_NET, "Found leftover (%d bytes) "
587  "when transitioning from PROXY_HANDSHAKING state on %s: "
588  "closing.",
589  (int)buf_datalen(conn->base_.inbuf),
592  return -1;
593  }
594  if (connection_tls_start_handshake(conn, 0) < 0)
595  ret = -1;
596  /* Touch the channel's active timestamp if there is one */
597  if (conn->chan)
598  channel_timestamp_active(TLS_CHAN_TO_BASE(conn->chan));
599  }
600  if (ret < 0) {
602  }
603 
604  return ret;
606  case OR_CONN_STATE_OPEN:
610  default:
611  break; /* don't do anything */
612  }
613 
614  /* This check makes sure that we don't have any data on the inbuf if we're
615  * doing our TLS handshake: if we did, they were probably put there by a
616  * SOCKS proxy trying to trick us into accepting unauthenticated data.
617  */
618  if (buf_datalen(conn->base_.inbuf) != 0) {
619  log_fn(LOG_PROTOCOL_WARN, LD_NET, "Accumulated data (%d bytes) "
620  "on non-open %s; closing.",
621  (int)buf_datalen(conn->base_.inbuf),
624  ret = -1;
625  }
626 
627  return ret;
628 }
629 
630 /** Called whenever we have flushed some data on an or_conn: add more data
631  * from active circuits. */
632 int
634 {
635  size_t datalen;
636 
637  /* Update the channel's active timestamp if there is one */
638  if (conn->chan)
639  channel_timestamp_active(TLS_CHAN_TO_BASE(conn->chan));
640 
641  /* If we're under the low water mark, add cells until we're just over the
642  * high water mark. */
643  datalen = connection_get_outbuf_len(TO_CONN(conn));
644  if (datalen < or_conn_lowwatermark()) {
645  /* Let the scheduler know */
646  scheduler_channel_wants_writes(TLS_CHAN_TO_BASE(conn->chan));
647  }
648 
649  return 0;
650 }
651 
652 /** This is for channeltls.c to ask how many cells we could accept if
653  * they were available. */
654 ssize_t
656 {
657  size_t datalen, cell_network_size;
658  ssize_t n = 0;
659 
660  tor_assert(conn);
661 
662  /*
663  * If we're under the high water mark, we're potentially
664  * writeable; note this is different from the calculation above
665  * used to trigger when to start writing after we've stopped.
666  */
667  datalen = connection_get_outbuf_len(TO_CONN(conn));
668  if (datalen < or_conn_highwatermark()) {
669  cell_network_size = get_cell_network_size(conn->wide_circ_ids);
670  n = CEIL_DIV(or_conn_highwatermark() - datalen, cell_network_size);
671  }
672 
673  return n;
674 }
675 
676 /** Connection <b>conn</b> has finished writing and has no bytes left on
677  * its outbuf.
678  *
679  * Otherwise it's in state "open": stop writing and return.
680  *
681  * If <b>conn</b> is broken, mark it for close and return -1, else
682  * return 0.
683  */
684 int
686 {
687  tor_assert(conn);
688  assert_connection_ok(TO_CONN(conn),0);
689 
690  switch (conn->base_.state) {
692  /* PROXY_HAPROXY gets connected by receiving an ack. */
693  if (conn->proxy_type == PROXY_HAPROXY) {
694  tor_assert(TO_CONN(conn)->proxy_state == PROXY_HAPROXY_WAIT_FOR_FLUSH);
695  IF_BUG_ONCE(buf_datalen(TO_CONN(conn)->inbuf) != 0) {
696  /* This should be impossible; we're not even reading. */
698  return -1;
699  }
700  TO_CONN(conn)->proxy_state = PROXY_CONNECTED;
701 
702  if (connection_tls_start_handshake(conn, 0) < 0) {
703  /* TLS handshaking error of some kind. */
705  return -1;
706  }
707  break;
708  }
709  break;
710  case OR_CONN_STATE_OPEN:
713  break;
714  default:
715  log_err(LD_BUG,"Called in unexpected state %d.", conn->base_.state);
717  return -1;
718  }
719 
720  /* Update the channel's active timestamp if there is one */
721  if (conn->chan)
722  channel_timestamp_active(TLS_CHAN_TO_BASE(conn->chan));
723 
724  return 0;
725 }
726 
727 /** Connected handler for OR connections: begin the TLS handshake.
728  */
729 int
731 {
732  const int proxy_type = or_conn->proxy_type;
733  connection_t *conn;
734 
735  tor_assert(or_conn);
736  conn = TO_CONN(or_conn);
738 
739  log_debug(LD_HANDSHAKE,"connect finished for %s",
740  connection_describe(conn));
741 
742  if (proxy_type != PROXY_NONE) {
743  /* start proxy handshake */
744  if (connection_proxy_connect(conn, proxy_type) < 0) {
745  connection_or_close_for_error(or_conn, 0);
746  return -1;
747  }
748 
751 
752  return 0;
753  }
754 
755  if (connection_tls_start_handshake(or_conn, 0) < 0) {
756  /* TLS handshaking error of some kind. */
757  connection_or_close_for_error(or_conn, 0);
758  return -1;
759  }
760  return 0;
761 }
762 
763 /** Called when we're about to finally unlink and free an OR connection:
764  * perform necessary accounting and cleanup */
765 void
767 {
768  connection_t *conn = TO_CONN(or_conn);
769 
770  /* Tell the controlling channel we're closed */
771  if (or_conn->chan) {
772  channel_closed(TLS_CHAN_TO_BASE(or_conn->chan));
773  /*
774  * NULL this out because the channel might hang around a little
775  * longer before channel_run_cleanup() gets it.
776  */
777  or_conn->chan->conn = NULL;
778  or_conn->chan = NULL;
779  }
780 
781  /* Remember why we're closing this connection. */
782  if (conn->state != OR_CONN_STATE_OPEN) {
783  /* now mark things down as needed */
785  const or_options_t *options = get_options();
787  /* Tell the new guard API about the channel failure */
788  entry_guard_chan_failed(TLS_CHAN_TO_BASE(or_conn->chan));
789  if (conn->state >= OR_CONN_STATE_TLS_HANDSHAKING) {
790  int reason = tls_error_to_orconn_end_reason(or_conn->tls_error);
791  connection_or_event_status(or_conn, OR_CONN_EVENT_FAILED,
792  reason);
793  if (!authdir_mode_tests_reachability(options)) {
794  const char *warning = NULL;
795  if (reason == END_OR_CONN_REASON_TLS_ERROR && or_conn->tls) {
796  warning = tor_tls_get_last_error_msg(or_conn->tls);
797  }
798  if (warning == NULL) {
799  warning = orconn_end_reason_to_control_string(reason);
800  }
801  control_event_bootstrap_prob_or(warning, reason, or_conn);
802  }
803  }
804  }
805  } else if (conn->hold_open_until_flushed) {
806  /* We only set hold_open_until_flushed when we're intentionally
807  * closing a connection. */
808  connection_or_event_status(or_conn, OR_CONN_EVENT_CLOSED,
810  } else if (!tor_digest_is_zero(or_conn->identity_digest)) {
811  connection_or_event_status(or_conn, OR_CONN_EVENT_CLOSED,
813  } else {
814  /* Normal close, we notify of a done connection. */
815  connection_or_event_status(or_conn, OR_CONN_EVENT_CLOSED,
816  END_OR_CONN_REASON_DONE);
817  }
818 }
819 
820 /** Return 1 if identity digest <b>id_digest</b> is known to be a
821  * currently or recently running relay. Otherwise return 0. */
822 int
824 {
825  if (router_get_consensus_status_by_id(id_digest))
826  return 1; /* It's in the consensus: "yes" */
827  if (router_get_by_id_digest(id_digest))
828  return 1; /* Not in the consensus, but we have a descriptor for
829  * it. Probably it was in a recent consensus. "Yes". */
830  return 0;
831 }
832 
833 /** Set the per-conn read and write limits for <b>conn</b>. If it's a known
834  * relay, we will rely on the global read and write buckets, so give it
835  * per-conn limits that are big enough they'll never matter. But if it's
836  * not a known relay, first check if we set PerConnBwRate/Burst, then
837  * check if the consensus sets them, else default to 'big enough'.
838  *
839  * If <b>reset</b> is true, set the bucket to be full. Otherwise, just
840  * clip the bucket if it happens to be <em>too</em> full.
841  */
842 static void
844  const or_options_t *options)
845 {
846  int rate, burst; /* per-connection rate limiting params */
848  /* It's in the consensus, or we have a descriptor for it meaning it
849  * was probably in a recent consensus. It's a recognized relay:
850  * give it full bandwidth. */
851  rate = (int)options->BandwidthRate;
852  burst = (int)options->BandwidthBurst;
853  } else {
854  /* Not a recognized relay. Squeeze it down based on the suggested
855  * bandwidth parameters in the consensus, but allow local config
856  * options to override. */
857  rate = options->PerConnBWRate ? (int)options->PerConnBWRate :
858  networkstatus_get_param(NULL, "perconnbwrate",
859  (int)options->BandwidthRate, 1, INT32_MAX);
860  burst = options->PerConnBWBurst ? (int)options->PerConnBWBurst :
861  networkstatus_get_param(NULL, "perconnbwburst",
862  (int)options->BandwidthBurst, 1, INT32_MAX);
863  }
864 
865  token_bucket_rw_adjust(&conn->bucket, rate, burst);
866  if (reset) {
868  }
869 }
870 
871 /** Either our set of relays or our per-conn rate limits have changed.
872  * Go through all the OR connections and update their token buckets to make
873  * sure they don't exceed their maximum values. */
874 void
876  const or_options_t *options)
877 {
878  SMARTLIST_FOREACH(conns, connection_t *, conn,
879  {
880  if (connection_speaks_cells(conn))
882  });
883 }
884 
885 /* Mark <b>or_conn</b> as canonical if <b>is_canonical</b> is set, and
886  * non-canonical otherwise. Adjust idle_timeout accordingly.
887  */
888 void
889 connection_or_set_canonical(or_connection_t *or_conn,
890  int is_canonical)
891 {
892  if (bool_eq(is_canonical, or_conn->is_canonical) &&
893  or_conn->idle_timeout != 0) {
894  /* Don't recalculate an existing idle_timeout unless the canonical
895  * status changed. */
896  return;
897  }
898 
899  or_conn->is_canonical = !! is_canonical; /* force to a 1-bit boolean */
901  TLS_CHAN_TO_BASE(or_conn->chan), is_canonical);
902 
903  log_info(LD_CIRC,
904  "Channel %"PRIu64 " chose an idle timeout of %d.",
905  or_conn->chan ?
906  (TLS_CHAN_TO_BASE(or_conn->chan)->global_identifier):0,
907  or_conn->idle_timeout);
908 }
909 
910 /** If we don't necessarily know the router we're connecting to, but we
911  * have an addr/port/id_digest, then fill in as much as we can. Start
912  * by checking to see if this describes a router we know.
913  * <b>started_here</b> is 1 if we are the initiator of <b>conn</b> and
914  * 0 if it's an incoming connection. */
915 void
917  const tor_addr_t *addr, uint16_t port,
918  const char *id_digest,
919  const ed25519_public_key_t *ed_id,
920  int started_here)
921 {
922  log_debug(LD_HANDSHAKE, "init conn from address %s: %s, %s (%d)",
923  fmt_addr(addr),
924  hex_str((const char*)id_digest, DIGEST_LEN),
925  ed25519_fmt(ed_id),
926  started_here);
927 
928  connection_or_set_identity_digest(conn, id_digest, ed_id);
930 
931  conn->base_.port = port;
932  tor_addr_copy(&conn->base_.addr, addr);
933  if (! conn->base_.address) {
934  conn->base_.address = tor_strdup(fmt_addr(addr));
935  }
936 
937  connection_or_check_canonicity(conn, started_here);
938 }
939 
940 /** Check whether the identity of <b>conn</b> matches a known node. If it
941  * does, check whether the address of conn matches the expected address, and
942  * update the connection's is_canonical flag, nickname, and address fields as
943  * appropriate. */
944 static void
946 {
947  (void) started_here;
948 
949  const char *id_digest = conn->identity_digest;
950  const ed25519_public_key_t *ed_id = NULL;
951  if (conn->chan)
952  ed_id = & TLS_CHAN_TO_BASE(conn->chan)->ed25519_identity;
953 
954  const node_t *r = node_get_by_id(id_digest);
955  if (r &&
957  ! node_ed25519_id_matches(r, ed_id)) {
958  /* If this node is capable of proving an ed25519 ID,
959  * we can't call this a canonical connection unless both IDs match. */
960  r = NULL;
961  }
962 
963  if (r) {
964  tor_addr_port_t node_ipv4_ap;
965  tor_addr_port_t node_ipv6_ap;
966  node_get_prim_orport(r, &node_ipv4_ap);
967  node_get_pref_ipv6_orport(r, &node_ipv6_ap);
968  if (tor_addr_eq(&conn->base_.addr, &node_ipv4_ap.addr) ||
969  tor_addr_eq(&conn->base_.addr, &node_ipv6_ap.addr)) {
970  connection_or_set_canonical(conn, 1);
971  }
972  /* Choose the correct canonical address and port. */
973  tor_addr_port_t *node_ap;
974  if (tor_addr_family(&conn->base_.addr) == AF_INET) {
975  node_ap = &node_ipv4_ap;
976  } else {
977  node_ap = &node_ipv6_ap;
978  }
979  /* Remember the canonical addr/port so our log messages will make
980  sense. */
981  tor_addr_port_copy(&conn->canonical_orport, node_ap);
982  tor_free(conn->nickname);
983  conn->nickname = tor_strdup(node_get_nickname(r));
984  } else {
985  tor_free(conn->nickname);
986  conn->nickname = tor_malloc(HEX_DIGEST_LEN+2);
987  conn->nickname[0] = '$';
989  conn->identity_digest, DIGEST_LEN);
990  }
991 
992  /*
993  * We have to tell channeltls.c to update the channel marks (local, in
994  * particular), since we may have changed the address.
995  */
996 
997  if (conn->chan) {
999  }
1000 }
1001 
1002 /** These just pass all the is_bad_for_new_circs manipulation on to
1003  * channel_t */
1004 
1005 static unsigned int
1007 {
1008  tor_assert(or_conn);
1009 
1010  if (or_conn->chan)
1011  return channel_is_bad_for_new_circs(TLS_CHAN_TO_BASE(or_conn->chan));
1012  else return 0;
1013 }
1014 
1015 static void
1016 connection_or_mark_bad_for_new_circs(or_connection_t *or_conn)
1017 {
1018  tor_assert(or_conn);
1019 
1020  if (or_conn->chan)
1021  channel_mark_bad_for_new_circs(TLS_CHAN_TO_BASE(or_conn->chan));
1022 }
1023 
1024 /** How old do we let a connection to an OR get before deciding it's
1025  * too old for new circuits? */
1026 #define TIME_BEFORE_OR_CONN_IS_TOO_OLD (60*60*24*7)
1027 
1028 /** Expire an or_connection if it is too old. Helper for
1029  * connection_or_group_set_badness_ and fast path for
1030  * channel_rsa_id_group_set_badness.
1031  *
1032  * Returns 1 if the connection was already expired, else 0.
1033  */
1034 int
1036  or_connection_t *or_conn,
1037  int force)
1038 {
1039  /* XXXX this function should also be about channels? */
1040  if (or_conn->base_.marked_for_close ||
1042  return 1;
1043 
1044  if (force ||
1046  < now) {
1047  log_info(LD_OR,
1048  "Marking %s as too old for new circuits "
1049  "(fd "TOR_SOCKET_T_FORMAT", %d secs old).",
1050  connection_describe(TO_CONN(or_conn)),
1051  or_conn->base_.s,
1052  (int)(now - or_conn->base_.timestamp_created));
1053  connection_or_mark_bad_for_new_circs(or_conn);
1054  }
1055 
1056  return 0;
1057 }
1058 
1059 /** Given a list of all the or_connections with a given
1060  * identity, set elements of that list as is_bad_for_new_circs as
1061  * appropriate. Helper for connection_or_set_bad_connections().
1062  *
1063  * Specifically, we set the is_bad_for_new_circs flag on:
1064  * - all connections if <b>force</b> is true.
1065  * - all connections that are too old.
1066  * - all open non-canonical connections for which a canonical connection
1067  * exists to the same router.
1068  * - all open canonical connections for which a 'better' canonical
1069  * connection exists to the same router.
1070  * - all open non-canonical connections for which a 'better' non-canonical
1071  * connection exists to the same router at the same address.
1072  *
1073  * See channel_is_better() in channel.c for our idea of what makes one OR
1074  * connection better than another.
1075  */
1076 void
1078 {
1079  /* XXXX this function should be entirely about channels, not OR
1080  * XXXX connections. */
1081 
1082  or_connection_t *best = NULL;
1083  int n_canonical = 0;
1084  time_t now = time(NULL);
1085 
1086  /* Pass 1: expire everything that's old, and see what the status of
1087  * everything else is. */
1088  SMARTLIST_FOREACH_BEGIN(group, or_connection_t *, or_conn) {
1089  if (connection_or_single_set_badness_(now, or_conn, force))
1090  continue;
1091 
1092  if (or_conn->is_canonical) {
1093  ++n_canonical;
1094  }
1095  } SMARTLIST_FOREACH_END(or_conn);
1096 
1097  /* Pass 2: We know how about how good the best connection is.
1098  * expire everything that's worse, and find the very best if we can. */
1099  SMARTLIST_FOREACH_BEGIN(group, or_connection_t *, or_conn) {
1100  if (or_conn->base_.marked_for_close ||
1102  continue; /* This one doesn't need to be marked bad. */
1103  if (or_conn->base_.state != OR_CONN_STATE_OPEN)
1104  continue; /* Don't mark anything bad until we have seen what happens
1105  * when the connection finishes. */
1106  if (n_canonical && !or_conn->is_canonical) {
1107  /* We have at least one open canonical connection to this router,
1108  * and this one is open but not canonical. Mark it bad. */
1109  log_info(LD_OR,
1110  "Marking %s unsuitable for new circuits: "
1111  "(fd "TOR_SOCKET_T_FORMAT", %d secs old). It is not "
1112  "canonical, and we have another connection to that OR that is.",
1113  connection_describe(TO_CONN(or_conn)),
1114  or_conn->base_.s,
1115  (int)(now - or_conn->base_.timestamp_created));
1116  connection_or_mark_bad_for_new_circs(or_conn);
1117  continue;
1118  }
1119 
1120  if (!best ||
1121  channel_is_better(TLS_CHAN_TO_BASE(or_conn->chan),
1122  TLS_CHAN_TO_BASE(best->chan))) {
1123  best = or_conn;
1124  }
1125  } SMARTLIST_FOREACH_END(or_conn);
1126 
1127  if (!best)
1128  return;
1129 
1130  /* Pass 3: One connection to OR is best. If it's canonical, mark as bad
1131  * every other open connection. If it's non-canonical, mark as bad
1132  * every other open connection to the same address.
1133  *
1134  * XXXX This isn't optimal; if we have connections to an OR at multiple
1135  * addresses, we'd like to pick the best _for each address_, and mark as
1136  * bad every open connection that isn't best for its address. But this
1137  * can only occur in cases where the other OR is old (so we have no
1138  * canonical connection to it), or where all the connections to the OR are
1139  * at noncanonical addresses and we have no good direct connection (which
1140  * means we aren't at risk of attaching circuits to it anyway). As
1141  * 0.1.2.x dies out, the first case will go away, and the second one is
1142  * "mostly harmless", so a fix can wait until somebody is bored.
1143  */
1144  SMARTLIST_FOREACH_BEGIN(group, or_connection_t *, or_conn) {
1145  if (or_conn->base_.marked_for_close ||
1147  or_conn->base_.state != OR_CONN_STATE_OPEN)
1148  continue;
1149  if (or_conn != best &&
1150  channel_is_better(TLS_CHAN_TO_BASE(best->chan),
1151  TLS_CHAN_TO_BASE(or_conn->chan))) {
1152  /* This isn't the best conn, _and_ the best conn is better than it */
1153  if (best->is_canonical) {
1154  log_info(LD_OR,
1155  "Marking %s as unsuitable for new circuits: "
1156  "(fd "TOR_SOCKET_T_FORMAT", %d secs old). "
1157  "We have a better canonical one "
1158  "(fd "TOR_SOCKET_T_FORMAT"; %d secs old).",
1159  connection_describe(TO_CONN(or_conn)),
1160  or_conn->base_.s,
1161  (int)(now - or_conn->base_.timestamp_created),
1162  best->base_.s, (int)(now - best->base_.timestamp_created));
1163  connection_or_mark_bad_for_new_circs(or_conn);
1164  } else if (tor_addr_eq(&TO_CONN(or_conn)->addr,
1165  &TO_CONN(best)->addr)) {
1166  log_info(LD_OR,
1167  "Marking %s unsuitable for new circuits: "
1168  "(fd "TOR_SOCKET_T_FORMAT", %d secs old). We have a better "
1169  "one with the "
1170  "same address (fd "TOR_SOCKET_T_FORMAT"; %d secs old).",
1171  connection_describe(TO_CONN(or_conn)),
1172  or_conn->base_.s,
1173  (int)(now - or_conn->base_.timestamp_created),
1174  best->base_.s, (int)(now - best->base_.timestamp_created));
1175  connection_or_mark_bad_for_new_circs(or_conn);
1176  }
1177  }
1178  } SMARTLIST_FOREACH_END(or_conn);
1179 }
1180 
1181 /* Lifetime of a connection failure. After that, we'll retry. This is in
1182  * seconds. */
1183 #define OR_CONNECT_FAILURE_LIFETIME 60
1184 /* The interval to use with when to clean up the failure cache. */
1185 #define OR_CONNECT_FAILURE_CLEANUP_INTERVAL 60
1186 
1187 /* When is the next time we have to cleanup the failure map. We keep this
1188  * because we clean it opportunistically. */
1189 static time_t or_connect_failure_map_next_cleanup_ts = 0;
1190 
1191 /* OR connection failure entry data structure. It is kept in the connection
1192  * failure map defined below and indexed by OR identity digest, address and
1193  * port.
1194  *
1195  * We need to identify a connection failure with these three values because we
1196  * want to avoid to wrongfully block a relay if someone is trying to
1197  * extend to a known identity digest but with the wrong IP/port. For instance,
1198  * it can happen if a relay changed its port but the client still has an old
1199  * descriptor with the old port. We want to stop connecting to that
1200  * IP/port/identity all together, not only the relay identity. */
1202  HT_ENTRY(or_connect_failure_entry_t) node;
1203  /* Identity digest of the connection where it is connecting to. */
1204  uint8_t identity_digest[DIGEST_LEN];
1205  /* This is the connection address from the base connection_t. After the
1206  * connection is checked for canonicity, the base address should represent
1207  * what we know instead of where we are connecting to. This is what we need
1208  * so we can correlate known relays within the consensus. */
1209  tor_addr_t addr;
1210  uint16_t port;
1211  /* Last time we were unable to connect. */
1212  time_t last_failed_connect_ts;
1214 
1215 /* Map where we keep connection failure entries. They are indexed by addr,
1216  * port and identity digest. */
1217 static HT_HEAD(or_connect_failure_ht, or_connect_failure_entry_t)
1218  or_connect_failures_map = HT_INITIALIZER();
1219 
1220 /* Helper: Hashtable equal function. Return 1 if equal else 0. */
1221 static int
1222 or_connect_failure_ht_eq(const or_connect_failure_entry_t *a,
1223  const or_connect_failure_entry_t *b)
1224 {
1225  return fast_memeq(a->identity_digest, b->identity_digest, DIGEST_LEN) &&
1226  tor_addr_eq(&a->addr, &b->addr) &&
1227  a->port == b->port;
1228 }
1229 
1230 /* Helper: Return the hash for the hashtable of the given entry. For this
1231  * table, it is a combination of address, port and identity digest. */
1232 static unsigned int
1233 or_connect_failure_ht_hash(const or_connect_failure_entry_t *entry)
1234 {
1235  size_t offset = 0, addr_size;
1236  const void *addr_ptr;
1237  /* Largest size is IPv6 and IPv4 is smaller so it is fine. */
1238  uint8_t data[16 + sizeof(uint16_t) + DIGEST_LEN];
1239 
1240  /* Get the right address bytes depending on the family. */
1241  switch (tor_addr_family(&entry->addr)) {
1242  case AF_INET:
1243  addr_size = 4;
1244  addr_ptr = &entry->addr.addr.in_addr.s_addr;
1245  break;
1246  case AF_INET6:
1247  addr_size = 16;
1248  addr_ptr = &entry->addr.addr.in6_addr.s6_addr;
1249  break;
1250  default:
1252  return 0;
1253  }
1254 
1255  memcpy(data, addr_ptr, addr_size);
1256  offset += addr_size;
1257  memcpy(data + offset, entry->identity_digest, DIGEST_LEN);
1258  offset += DIGEST_LEN;
1259  set_uint16(data + offset, entry->port);
1260  offset += sizeof(uint16_t);
1261 
1262  return (unsigned int) siphash24g(data, offset);
1263 }
1264 
1265 HT_PROTOTYPE(or_connect_failure_ht, or_connect_failure_entry_t, node,
1266  or_connect_failure_ht_hash, or_connect_failure_ht_eq);
1267 
1268 HT_GENERATE2(or_connect_failure_ht, or_connect_failure_entry_t, node,
1269  or_connect_failure_ht_hash, or_connect_failure_ht_eq,
1271 
1272 /* Initialize a given connect failure entry with the given identity_digest,
1273  * addr and port. All field are optional except ocf. */
1274 static void
1275 or_connect_failure_init(const char *identity_digest, const tor_addr_t *addr,
1276  uint16_t port, or_connect_failure_entry_t *ocf)
1277 {
1278  tor_assert(ocf);
1279  if (identity_digest) {
1280  memcpy(ocf->identity_digest, identity_digest,
1281  sizeof(ocf->identity_digest));
1282  }
1283  if (addr) {
1284  tor_addr_copy(&ocf->addr, addr);
1285  }
1286  ocf->port = port;
1287 }
1288 
1289 /* Return a newly allocated connection failure entry. It is initialized with
1290  * the given or_conn data. This can't fail. */
1292 or_connect_failure_new(const or_connection_t *or_conn)
1293 {
1294  or_connect_failure_entry_t *ocf = tor_malloc_zero(sizeof(*ocf));
1295  or_connect_failure_init(or_conn->identity_digest, &TO_CONN(or_conn)->addr,
1296  TO_CONN(or_conn)->port, ocf);
1297  return ocf;
1298 }
1299 
1300 /* Return a connection failure entry matching the given or_conn. NULL is
1301  * returned if not found. */
1303 or_connect_failure_find(const or_connection_t *or_conn)
1304 {
1306  tor_assert(or_conn);
1307  or_connect_failure_init(or_conn->identity_digest, &TO_CONN(or_conn)->addr,
1308  TO_CONN(or_conn)->port, &lookup);
1309  return HT_FIND(or_connect_failure_ht, &or_connect_failures_map, &lookup);
1310 }
1311 
1312 /* Note down in the connection failure cache that a failure occurred on the
1313  * given or_conn. */
1314 STATIC void
1315 note_or_connect_failed(const or_connection_t *or_conn)
1316 {
1317  or_connect_failure_entry_t *ocf = NULL;
1318 
1319  tor_assert(or_conn);
1320 
1321  if (or_conn->potentially_used_for_bootstrapping) {
1322  /* Don't cache connection failures for connections we initiated ourself.
1323  * If these direct connections fail, we're supposed to recognize that
1324  * the destination is down and stop trying. See ticket 40499. */
1325  return;
1326  }
1327 
1328  ocf = or_connect_failure_find(or_conn);
1329  if (ocf == NULL) {
1330  ocf = or_connect_failure_new(or_conn);
1331  HT_INSERT(or_connect_failure_ht, &or_connect_failures_map, ocf);
1332  }
1333  ocf->last_failed_connect_ts = approx_time();
1334 }
1335 
1336 /* Cleanup the connection failure cache and remove all entries below the
1337  * given cutoff. */
1338 static void
1339 or_connect_failure_map_cleanup(time_t cutoff)
1340 {
1341  or_connect_failure_entry_t **ptr, **next, *entry;
1342 
1343  for (ptr = HT_START(or_connect_failure_ht, &or_connect_failures_map);
1344  ptr != NULL; ptr = next) {
1345  entry = *ptr;
1346  if (entry->last_failed_connect_ts <= cutoff) {
1347  next = HT_NEXT_RMV(or_connect_failure_ht, &or_connect_failures_map, ptr);
1348  tor_free(entry);
1349  } else {
1350  next = HT_NEXT(or_connect_failure_ht, &or_connect_failures_map, ptr);
1351  }
1352  }
1353 }
1354 
1355 /* Return true iff the given OR connection can connect to its destination that
1356  * is the triplet identity_digest, address and port.
1357  *
1358  * The or_conn MUST have gone through connection_or_check_canonicity() so the
1359  * base address is properly set to what we know or doesn't know. */
1360 STATIC int
1361 should_connect_to_relay(const or_connection_t *or_conn)
1362 {
1363  time_t now, cutoff;
1364  time_t connect_failed_since_ts = 0;
1366 
1367  tor_assert(or_conn);
1368 
1369  now = approx_time();
1370  cutoff = now - OR_CONNECT_FAILURE_LIFETIME;
1371 
1372  /* Opportunistically try to cleanup the failure cache. We do that at regular
1373  * interval so it doesn't grow too big. */
1374  if (or_connect_failure_map_next_cleanup_ts <= now) {
1375  or_connect_failure_map_cleanup(cutoff);
1376  or_connect_failure_map_next_cleanup_ts =
1377  now + OR_CONNECT_FAILURE_CLEANUP_INTERVAL;
1378  }
1379 
1380  /* Look if we have failed previously to the same destination as this
1381  * OR connection. */
1382  ocf = or_connect_failure_find(or_conn);
1383  if (ocf) {
1384  connect_failed_since_ts = ocf->last_failed_connect_ts;
1385  }
1386  /* If we do have an unable to connect timestamp and it is below cutoff, we
1387  * can connect. Or we have never failed before so let it connect. */
1388  if (connect_failed_since_ts > cutoff) {
1389  goto no_connect;
1390  }
1391 
1392  /* Ok we can connect! */
1393  return 1;
1394  no_connect:
1395  return 0;
1396 }
1397 
1398 /** <b>conn</b> is in the 'connecting' state, and it failed to complete
1399  * a TCP connection. Send notifications appropriately.
1400  *
1401  * <b>reason</b> specifies the or_conn_end_reason for the failure;
1402  * <b>msg</b> specifies the strerror-style error message.
1403  */
1404 void
1406  int reason, const char *msg)
1407 {
1408  connection_or_event_status(conn, OR_CONN_EVENT_FAILED, reason);
1410  control_event_bootstrap_prob_or(msg, reason, conn);
1411  note_or_connect_failed(conn);
1412 }
1413 
1414 /** <b>conn</b> got an error in connection_handle_read_impl() or
1415  * connection_handle_write_impl() and is going to die soon.
1416  *
1417  * <b>reason</b> specifies the or_conn_end_reason for the failure;
1418  * <b>msg</b> specifies the strerror-style error message.
1419  */
1420 void
1422  int reason, const char *msg)
1423 {
1424  channel_t *chan;
1425 
1426  tor_assert(conn);
1427 
1428  /* If we're connecting, call connect_failed() too */
1429  if (TO_CONN(conn)->state == OR_CONN_STATE_CONNECTING)
1430  connection_or_connect_failed(conn, reason, msg);
1431 
1432  /* Tell the controlling channel if we have one */
1433  if (conn->chan) {
1434  chan = TLS_CHAN_TO_BASE(conn->chan);
1435  /* Don't transition if we're already in closing, closed or error */
1436  if (!CHANNEL_CONDEMNED(chan)) {
1438  }
1439  }
1440 
1441  /* No need to mark for error because connection.c is about to do that */
1442 }
1443 
1444 /** Launch a new OR connection to <b>addr</b>:<b>port</b> and expect to
1445  * handshake with an OR with identity digest <b>id_digest</b>. Optionally,
1446  * pass in a pointer to a channel using this connection.
1447  *
1448  * If <b>id_digest</b> is me, do nothing. If we're already connected to it,
1449  * return that connection. If the connect() is in progress, set the
1450  * new conn's state to 'connecting' and return it. If connect() succeeds,
1451  * call connection_tls_start_handshake() on it.
1452  *
1453  * This function is called from router_retry_connections(), for
1454  * ORs connecting to ORs, and circuit_establish_circuit(), for
1455  * OPs connecting to ORs.
1456  *
1457  * Return the launched conn, or NULL if it failed.
1458  */
1459 
1461 connection_or_connect, (const tor_addr_t *_addr, uint16_t port,
1462  const char *id_digest,
1463  const ed25519_public_key_t *ed_id,
1464  channel_tls_t *chan))
1465 {
1466  or_connection_t *conn;
1467  const or_options_t *options = get_options();
1468  int socket_error = 0;
1469  tor_addr_t addr;
1470 
1471  int r;
1472  tor_addr_t proxy_addr;
1473  uint16_t proxy_port;
1474  int proxy_type, is_pt = 0;
1475 
1476  tor_assert(_addr);
1477  tor_assert(id_digest);
1478  tor_addr_copy(&addr, _addr);
1479 
1480  if (server_mode(options) && router_digest_is_me(id_digest)) {
1481  log_info(LD_PROTOCOL,"Client asked me to connect to myself. Refusing.");
1482  return NULL;
1483  }
1484  if (server_mode(options) && router_ed25519_id_is_me(ed_id)) {
1485  log_info(LD_PROTOCOL,"Client asked me to connect to myself by Ed25519 "
1486  "identity. Refusing.");
1487  return NULL;
1488  }
1489 
1491 
1492  /*
1493  * Set up conn so it's got all the data we need to remember for channels
1494  *
1495  * This stuff needs to happen before connection_or_init_conn_from_address()
1496  * so connection_or_set_identity_digest() and such know where to look to
1497  * keep the channel up to date.
1498  */
1499  conn->chan = chan;
1500  chan->conn = conn;
1501  connection_or_init_conn_from_address(conn, &addr, port, id_digest, ed_id, 1);
1502 
1503  /* We have a proper OR connection setup, now check if we can connect to it
1504  * that is we haven't had a failure earlier. This is to avoid to try to
1505  * constantly connect to relays that we think are not reachable. */
1506  if (!should_connect_to_relay(conn)) {
1507  log_info(LD_GENERAL, "Can't connect to %s because we "
1508  "failed earlier. Refusing.",
1510  connection_free_(TO_CONN(conn));
1511  return NULL;
1512  }
1513 
1514  conn->is_outgoing = 1;
1515 
1516  /* If we are using a proxy server, find it and use it. */
1517  r = get_proxy_addrport(&proxy_addr, &proxy_port, &proxy_type, &is_pt,
1518  TO_CONN(conn));
1519  if (r == 0) {
1520  conn->proxy_type = proxy_type;
1521  if (proxy_type != PROXY_NONE) {
1522  tor_addr_copy(&addr, &proxy_addr);
1523  port = proxy_port;
1524  conn->base_.proxy_state = PROXY_INFANT;
1525  conn->is_pt = is_pt;
1526  }
1528  connection_or_event_status(conn, OR_CONN_EVENT_LAUNCHED, 0);
1529  } else {
1530  /* This duplication of state change calls is necessary in case we
1531  * run into an error condition below */
1533  connection_or_event_status(conn, OR_CONN_EVENT_LAUNCHED, 0);
1534 
1535  /* get_proxy_addrport() might fail if we have a Bridge line that
1536  references a transport, but no ClientTransportPlugin lines
1537  defining its transport proxy. If this is the case, let's try to
1538  output a useful log message to the user. */
1539  const char *transport_name =
1541  TO_CONN(conn)->port);
1542 
1543  if (transport_name) {
1544  log_warn(LD_GENERAL, "We were supposed to connect to bridge '%s' "
1545  "using pluggable transport '%s', but we can't find a pluggable "
1546  "transport proxy supporting '%s'. This can happen if you "
1547  "haven't provided a ClientTransportPlugin line, or if "
1548  "your pluggable transport proxy stopped running.",
1550  transport_name, transport_name);
1551 
1553  "Can't connect to bridge",
1554  END_OR_CONN_REASON_PT_MISSING,
1555  conn);
1556 
1557  } else {
1558  log_warn(LD_GENERAL, "Tried to connect to %s through a proxy, but "
1559  "the proxy address could not be found.",
1561  }
1562 
1563  connection_free_(TO_CONN(conn));
1564  return NULL;
1565  }
1566 
1567  switch (connection_connect(TO_CONN(conn), conn->base_.address,
1568  &addr, port, &socket_error)) {
1569  case -1:
1570  /* We failed to establish a connection probably because of a local
1571  * error. No need to blame the guard in this case. Notify the networking
1572  * system of this failure. */
1574  errno_to_orconn_end_reason(socket_error),
1575  tor_socket_strerror(socket_error));
1576  connection_free_(TO_CONN(conn));
1577  return NULL;
1578  case 0:
1580  /* writable indicates finish, readable indicates broken link,
1581  error indicates broken link on windows */
1582  return conn;
1583  /* case 1: fall through */
1584  }
1585 
1586  if (connection_or_finished_connecting(conn) < 0) {
1587  /* already marked for close */
1588  return NULL;
1589  }
1590  return conn;
1591 }
1592 
1593 /** Mark orconn for close and transition the associated channel, if any, to
1594  * the closing state.
1595  *
1596  * It's safe to call this and connection_or_close_for_error() any time, and
1597  * channel layer will treat it as a connection closing for reasons outside
1598  * its control, like the remote end closing it. It can also be a local
1599  * reason that's specific to connection_t/or_connection_t rather than
1600  * the channel mechanism, such as expiration of old connections in
1601  * run_connection_housekeeping(). If you want to close a channel_t
1602  * from somewhere that logically works in terms of generic channels
1603  * rather than connections, use channel_mark_for_close(); see also
1604  * the comment on that function in channel.c.
1605  */
1606 
1607 void
1609 {
1610  channel_t *chan = NULL;
1611 
1612  tor_assert(orconn);
1613  if (flush) connection_mark_and_flush_internal(TO_CONN(orconn));
1614  else connection_mark_for_close_internal(TO_CONN(orconn));
1615  if (orconn->chan) {
1616  chan = TLS_CHAN_TO_BASE(orconn->chan);
1617  /* Don't transition if we're already in closing, closed or error */
1618  if (!CHANNEL_CONDEMNED(chan)) {
1620  }
1621  }
1622 }
1623 
1624 /** Mark orconn for close and transition the associated channel, if any, to
1625  * the error state.
1626  */
1627 
1628 MOCK_IMPL(void,
1630 {
1631  channel_t *chan = NULL;
1632 
1633  tor_assert(orconn);
1634  if (flush) connection_mark_and_flush_internal(TO_CONN(orconn));
1635  else connection_mark_for_close_internal(TO_CONN(orconn));
1636  if (orconn->chan) {
1637  chan = TLS_CHAN_TO_BASE(orconn->chan);
1638  /* Don't transition if we're already in closing, closed or error */
1639  if (!CHANNEL_CONDEMNED(chan)) {
1641  }
1642  }
1643 }
1644 
1645 /** Begin the tls handshake with <b>conn</b>. <b>receiving</b> is 0 if
1646  * we initiated the connection, else it's 1.
1647  *
1648  * Assign a new tls object to conn->tls, begin reading on <b>conn</b>, and
1649  * pass <b>conn</b> to connection_tls_continue_handshake().
1650  *
1651  * Return -1 if <b>conn</b> is broken, else return 0.
1652  */
1653 MOCK_IMPL(int,
1655 {
1656  channel_listener_t *chan_listener;
1657  channel_t *chan;
1658 
1659  /* Incoming connections will need a new channel passed to the
1660  * channel_tls_listener */
1661  if (receiving) {
1662  /* It shouldn't already be set */
1663  tor_assert(!(conn->chan));
1664  chan_listener = channel_tls_get_listener();
1665  if (!chan_listener) {
1666  chan_listener = channel_tls_start_listener();
1667  command_setup_listener(chan_listener);
1668  }
1669  chan = channel_tls_handle_incoming(conn);
1670  channel_listener_queue_incoming(chan_listener, chan);
1671  }
1672 
1674  tor_assert(!conn->tls);
1675  conn->tls = tor_tls_new(conn->base_.s, receiving);
1676  if (!conn->tls) {
1677  log_warn(LD_BUG,"tor_tls_new failed. Closing.");
1678  return -1;
1679  }
1682 
1684  log_debug(LD_HANDSHAKE,"starting TLS handshake on fd "TOR_SOCKET_T_FORMAT,
1685  conn->base_.s);
1686 
1687  if (connection_tls_continue_handshake(conn) < 0)
1688  return -1;
1689 
1690  return 0;
1691 }
1692 
1693 /** Block all future attempts to renegotiate on 'conn' */
1694 void
1696 {
1697  tor_tls_t *tls = conn->tls;
1698  if (!tls)
1699  return;
1700  tor_tls_set_renegotiate_callback(tls, NULL, NULL);
1702 }
1703 
1704 /** Invoked on the server side from inside tor_tls_read() when the server
1705  * gets a successful TLS renegotiation from the client. */
1706 static void
1708 {
1709  or_connection_t *conn = _conn;
1710  (void)tls;
1711 
1712  /* Don't invoke this again. */
1714 
1715  if (connection_tls_finish_handshake(conn) < 0) {
1716  /* XXXX_TLS double-check that it's ok to do this from inside read. */
1717  /* XXXX_TLS double-check that this verifies certificates. */
1719  }
1720 }
1721 
1722 /** Move forward with the tls handshake. If it finishes, hand
1723  * <b>conn</b> to connection_tls_finish_handshake().
1724  *
1725  * Return -1 if <b>conn</b> is broken, else return 0.
1726  */
1727 int
1729 {
1730  int result;
1731  check_no_tls_errors();
1732 
1734  // log_notice(LD_OR, "Continue handshake with %p", conn->tls);
1735  result = tor_tls_handshake(conn->tls);
1736  // log_notice(LD_OR, "Result: %d", result);
1737 
1738  switch (result) {
1740  conn->tls_error = result;
1741  log_info(LD_OR,"tls error [%s]. breaking connection.",
1742  tor_tls_err_to_string(result));
1743  return -1;
1744  case TOR_TLS_DONE:
1745  if (! tor_tls_used_v1_handshake(conn->tls)) {
1746  if (!tor_tls_is_server(conn->tls)) {
1749  } else {
1750  /* v2/v3 handshake, but we are not a client. */
1751  log_debug(LD_OR, "Done with initial SSL handshake (server-side). "
1752  "Expecting renegotiation or VERSIONS cell");
1755  conn);
1760  return 0;
1761  }
1762  }
1764  return connection_tls_finish_handshake(conn);
1765  case TOR_TLS_WANTWRITE:
1767  log_debug(LD_OR,"wanted write");
1768  return 0;
1769  case TOR_TLS_WANTREAD: /* handshaking conns are *always* reading */
1770  log_debug(LD_OR,"wanted read");
1771  return 0;
1772  case TOR_TLS_CLOSE:
1773  conn->tls_error = result;
1774  log_info(LD_OR,"tls closed. breaking connection.");
1775  return -1;
1776  }
1777  return 0;
1778 }
1779 
1780 /** Return 1 if we initiated this connection, or 0 if it started
1781  * out as an incoming connection.
1782  */
1783 int
1785 {
1786  tor_assert(conn->base_.type == CONN_TYPE_OR ||
1787  conn->base_.type == CONN_TYPE_EXT_OR);
1788  if (!conn->tls)
1789  return 1; /* it's still in proxy states or something */
1790  if (conn->handshake_state)
1791  return conn->handshake_state->started_here;
1792  return !tor_tls_is_server(conn->tls);
1793 }
1794 
1795 /** <b>Conn</b> just completed its handshake. Return 0 if all is well, and
1796  * return -1 if they are lying, broken, or otherwise something is wrong.
1797  *
1798  * If we initiated this connection (<b>started_here</b> is true), make sure
1799  * the other side sent a correctly formed certificate. If I initiated the
1800  * connection, make sure it's the right relay by checking the certificate.
1801  *
1802  * Otherwise (if we _didn't_ initiate this connection), it's okay for
1803  * the certificate to be weird or absent.
1804  *
1805  * If we return 0, and the certificate is as expected, write a hash of the
1806  * identity key into <b>digest_rcvd_out</b>, which must have DIGEST_LEN
1807  * space in it.
1808  * If the certificate is invalid or missing on an incoming connection,
1809  * we return 0 and set <b>digest_rcvd_out</b> to DIGEST_LEN NUL bytes.
1810  * (If we return -1, the contents of this buffer are undefined.)
1811  *
1812  * As side effects,
1813  * 1) Set conn->circ_id_type according to tor-spec.txt.
1814  * 2) If we're an authdirserver and we initiated the connection: drop all
1815  * descriptors that claim to be on that IP/port but that aren't
1816  * this relay; and note that this relay is reachable.
1817  * 3) If this is a bridge and we didn't configure its identity
1818  * fingerprint, remember the keyid we just learned.
1819  */
1820 static int
1822  int started_here,
1823  char *digest_rcvd_out)
1824 {
1825  crypto_pk_t *identity_rcvd=NULL;
1826  const or_options_t *options = get_options();
1827  int severity = server_mode(options) ? LOG_PROTOCOL_WARN : LOG_WARN;
1828  const char *conn_type = started_here ? "outgoing" : "incoming";
1829  int has_cert = 0;
1830 
1831  check_no_tls_errors();
1832  has_cert = tor_tls_peer_has_cert(conn->tls);
1833  if (started_here && !has_cert) {
1834  log_info(LD_HANDSHAKE,"Tried connecting to router at %s, but it didn't "
1835  "send a cert! Closing.",
1837  return -1;
1838  } else if (!has_cert) {
1839  log_debug(LD_HANDSHAKE,"Got incoming connection with no certificate. "
1840  "That's ok.");
1841  }
1842  check_no_tls_errors();
1843 
1844  if (has_cert) {
1845  int v = tor_tls_verify(started_here?severity:LOG_INFO,
1846  conn->tls, &identity_rcvd);
1847  if (started_here && v<0) {
1848  log_fn(severity,LD_HANDSHAKE,"Tried connecting to router at %s: It"
1849  " has a cert but it's invalid. Closing.",
1851  return -1;
1852  } else if (v<0) {
1853  log_info(LD_HANDSHAKE,"Incoming connection gave us an invalid cert "
1854  "chain; ignoring.");
1855  } else {
1856  log_debug(LD_HANDSHAKE,
1857  "The certificate seems to be valid on %s connection "
1858  "with %s", conn_type,
1860  }
1861  check_no_tls_errors();
1862  }
1863 
1864  if (identity_rcvd) {
1865  if (crypto_pk_get_digest(identity_rcvd, digest_rcvd_out) < 0) {
1866  crypto_pk_free(identity_rcvd);
1867  return -1;
1868  }
1869  } else {
1870  memset(digest_rcvd_out, 0, DIGEST_LEN);
1871  }
1872 
1873  tor_assert(conn->chan);
1874  channel_set_circid_type(TLS_CHAN_TO_BASE(conn->chan), identity_rcvd, 1);
1875 
1876  crypto_pk_free(identity_rcvd);
1877 
1878  if (started_here) {
1879  /* A TLS handshake can't teach us an Ed25519 ID, so we set it to NULL
1880  * here. */
1881  log_debug(LD_HANDSHAKE, "Calling client_learned_peer_id from "
1882  "check_valid_tls_handshake");
1884  (const uint8_t*)digest_rcvd_out,
1885  NULL);
1886  }
1887 
1888  return 0;
1889 }
1890 
1891 /** Called when we (as a connection initiator) have definitively,
1892  * authenticatedly, learned that ID of the Tor instance on the other
1893  * side of <b>conn</b> is <b>rsa_peer_id</b> and optionally <b>ed_peer_id</b>.
1894  * For v1 and v2 handshakes,
1895  * this is right after we get a certificate chain in a TLS handshake
1896  * or renegotiation. For v3+ handshakes, this is right after we get a
1897  * certificate chain in a CERTS cell.
1898  *
1899  * If we did not know the ID before, record the one we got.
1900  *
1901  * If we wanted an ID, but we didn't get the one we expected, log a message
1902  * and return -1.
1903  * On relays:
1904  * - log a protocol warning whenever the fingerprints don't match;
1905  * On clients:
1906  * - if a relay's fingerprint doesn't match, log a warning;
1907  * - if we don't have updated relay fingerprints from a recent consensus, and
1908  * a fallback directory mirror's hard-coded fingerprint has changed, log an
1909  * info explaining that we will try another fallback.
1910  *
1911  * If we're testing reachability, remember what we learned.
1912  *
1913  * Return 0 on success, -1 on failure.
1914  */
1915 int
1917  const uint8_t *rsa_peer_id,
1918  const ed25519_public_key_t *ed_peer_id)
1919 {
1920  const or_options_t *options = get_options();
1921  channel_tls_t *chan_tls = conn->chan;
1922  channel_t *chan = channel_tls_to_base(chan_tls);
1923  int changed_identity = 0;
1924  tor_assert(chan);
1925 
1926  const int expected_rsa_key =
1928  const int expected_ed_key =
1930 
1931  log_info(LD_HANDSHAKE, "learned peer id for %s at %p: %s, %s",
1933  conn,
1934  hex_str((const char*)rsa_peer_id, DIGEST_LEN),
1935  ed25519_fmt(ed_peer_id));
1936 
1937  if (! expected_rsa_key && ! expected_ed_key) {
1938  log_info(LD_HANDSHAKE, "(we had no ID in mind when we made this "
1939  "connection.");
1941  (const char*)rsa_peer_id, ed_peer_id);
1942  tor_free(conn->nickname);
1943  conn->nickname = tor_malloc(HEX_DIGEST_LEN+2);
1944  conn->nickname[0] = '$';
1946  conn->identity_digest, DIGEST_LEN);
1947  log_info(LD_HANDSHAKE, "Connected to router at %s without knowing "
1948  "its key. Hoping for the best.",
1950  /* if it's a bridge and we didn't know its identity fingerprint, now
1951  * we do -- remember it for future attempts. */
1952  learned_router_identity(&conn->base_.addr, conn->base_.port,
1953  (const char*)rsa_peer_id, ed_peer_id);
1954  changed_identity = 1;
1955  }
1956 
1957  const int rsa_mismatch = expected_rsa_key &&
1958  tor_memneq(rsa_peer_id, conn->identity_digest, DIGEST_LEN);
1959  /* It only counts as an ed25519 mismatch if we wanted an ed25519 identity
1960  * and didn't get it. It's okay if we get one that we didn't ask for. */
1961  const int ed25519_mismatch =
1962  expected_ed_key &&
1963  (ed_peer_id == NULL ||
1964  ! ed25519_pubkey_eq(&chan->ed25519_identity, ed_peer_id));
1965 
1966  if (rsa_mismatch || ed25519_mismatch) {
1967  /* I was aiming for a particular digest. I didn't get it! */
1968  char seen_rsa[HEX_DIGEST_LEN+1];
1969  char expected_rsa[HEX_DIGEST_LEN+1];
1970  char seen_ed[ED25519_BASE64_LEN+1];
1971  char expected_ed[ED25519_BASE64_LEN+1];
1972  base16_encode(seen_rsa, sizeof(seen_rsa),
1973  (const char*)rsa_peer_id, DIGEST_LEN);
1974  base16_encode(expected_rsa, sizeof(expected_rsa), conn->identity_digest,
1975  DIGEST_LEN);
1976  if (ed_peer_id) {
1977  ed25519_public_to_base64(seen_ed, ed_peer_id);
1978  } else {
1979  strlcpy(seen_ed, "no ed25519 key", sizeof(seen_ed));
1980  }
1982  ed25519_public_to_base64(expected_ed, &chan->ed25519_identity);
1983  } else {
1984  strlcpy(expected_ed, "no ed25519 key", sizeof(expected_ed));
1985  }
1986  const int using_hardcoded_fingerprints =
1989  const int is_fallback_fingerprint = router_digest_is_fallback_dir(
1990  conn->identity_digest);
1991  const int is_authority_fingerprint = router_digest_is_trusted_dir(
1992  conn->identity_digest);
1993  const int non_anonymous_mode =
1994  hs_service_non_anonymous_mode_enabled(options);
1995  int severity;
1996  const char *extra_log = "";
1997 
1998  /* Relays and Single Onion Services make direct connections using
1999  * untrusted authentication keys. */
2000  if (server_mode(options) || non_anonymous_mode) {
2001  severity = LOG_PROTOCOL_WARN;
2002  } else {
2003  if (using_hardcoded_fingerprints) {
2004  /* We need to do the checks in this order, because the list of
2005  * fallbacks includes the list of authorities */
2006  if (is_authority_fingerprint) {
2007  severity = LOG_WARN;
2008  } else if (is_fallback_fingerprint) {
2009  /* we expect a small number of fallbacks to change from their
2010  * hard-coded fingerprints over the life of a release */
2011  severity = LOG_INFO;
2012  extra_log = " Tor will try a different fallback.";
2013  } else {
2014  /* it's a bridge, it's either a misconfiguration, or unexpected */
2015  severity = LOG_WARN;
2016  }
2017  } else {
2018  /* a relay has changed its fingerprint from the one in the consensus */
2019  severity = LOG_WARN;
2020  }
2021  }
2022 
2023  log_fn(severity, LD_HANDSHAKE,
2024  "Tried connecting to router at %s, but RSA + ed25519 identity "
2025  "keys were not as expected: wanted %s + %s but got %s + %s.%s",
2027  expected_rsa, expected_ed, seen_rsa, seen_ed, extra_log);
2028 
2029  /* Tell the new guard API about the channel failure */
2030  entry_guard_chan_failed(TLS_CHAN_TO_BASE(conn->chan));
2031  connection_or_event_status(conn, OR_CONN_EVENT_FAILED,
2032  END_OR_CONN_REASON_OR_IDENTITY);
2033  if (!authdir_mode_tests_reachability(options))
2035  "Unexpected identity in router certificate",
2036  END_OR_CONN_REASON_OR_IDENTITY,
2037  conn);
2038  return -1;
2039  }
2040 
2041  if (!expected_ed_key && ed_peer_id) {
2042  log_info(LD_HANDSHAKE, "(We had no Ed25519 ID in mind when we made this "
2043  "connection.)");
2045  (const char*)rsa_peer_id, ed_peer_id);
2046  changed_identity = 1;
2047  }
2048 
2049  if (changed_identity) {
2050  /* If we learned an identity for this connection, then we might have
2051  * just discovered it to be canonical. */
2053  if (conn->tls)
2056  }
2057 
2058  if (authdir_mode_tests_reachability(options)) {
2059  // We don't want to use canonical_orport here -- we want the address
2060  // that we really used.
2061  dirserv_orconn_tls_done(&conn->base_.addr, conn->base_.port,
2062  (const char*)rsa_peer_id, ed_peer_id);
2063  }
2064 
2065  return 0;
2066 }
2067 
2068 /** Return when we last used this channel for client activity (origin
2069  * circuits). This is called from connection.c, since client_used is now one
2070  * of the timestamps in channel_t */
2071 
2072 time_t
2074 {
2075  tor_assert(conn);
2076 
2077  if (conn->chan) {
2078  return channel_when_last_client(TLS_CHAN_TO_BASE(conn->chan));
2079  } else return 0;
2080 }
2081 
2082 /** The v1/v2 TLS handshake is finished.
2083  *
2084  * Make sure we are happy with the peer we just handshaked with.
2085  *
2086  * If they initiated the connection, make sure they're not already connected,
2087  * then initialize conn from the information in router.
2088  *
2089  * If all is successful, call circuit_n_conn_done() to handle events
2090  * that have been pending on the <tls handshake completion. Also set the
2091  * directory to be dirty (only matters if I'm an authdirserver).
2092  *
2093  * If this is a v2 TLS handshake, send a versions cell.
2094  */
2095 static int
2097 {
2098  char digest_rcvd[DIGEST_LEN];
2099  int started_here = connection_or_nonopen_was_started_here(conn);
2100 
2101  tor_assert(!started_here);
2102 
2103  log_debug(LD_HANDSHAKE,"%s tls handshake on %s done, using "
2104  "ciphersuite %s. verifying.",
2105  started_here?"outgoing":"incoming",
2107  tor_tls_get_ciphersuite_name(conn->tls));
2108 
2109  if (connection_or_check_valid_tls_handshake(conn, started_here,
2110  digest_rcvd) < 0)
2111  return -1;
2112 
2114 
2115  if (tor_tls_used_v1_handshake(conn->tls)) {
2116  conn->link_proto = 1;
2117  connection_or_init_conn_from_address(conn, &conn->base_.addr,
2118  conn->base_.port, digest_rcvd,
2119  NULL, 0);
2121  rep_hist_note_negotiated_link_proto(1, started_here);
2122  return connection_or_set_state_open(conn);
2123  } else {
2125  if (connection_init_or_handshake_state(conn, started_here) < 0)
2126  return -1;
2127  connection_or_init_conn_from_address(conn, &conn->base_.addr,
2128  conn->base_.port, digest_rcvd,
2129  NULL, 0);
2130  return connection_or_send_versions(conn, 0);
2131  }
2132 }
2133 
2134 /**
2135  * Called as client when initial TLS handshake is done, and we notice
2136  * that we got a v3-handshake signalling certificate from the server.
2137  * Set up structures, do bookkeeping, and send the versions cell.
2138  * Return 0 on success and -1 on failure.
2139  */
2140 static int
2142 {
2144 
2146 
2148  if (connection_init_or_handshake_state(conn, 1) < 0)
2149  return -1;
2150 
2151  return connection_or_send_versions(conn, 1);
2152 }
2153 
2154 /** Allocate a new connection handshake state for the connection
2155  * <b>conn</b>. Return 0 on success, -1 on failure. */
2156 int
2158 {
2160  if (conn->handshake_state) {
2161  log_warn(LD_BUG, "Duplicate call to connection_init_or_handshake_state!");
2162  return 0;
2163  }
2164  s = conn->handshake_state = tor_malloc_zero(sizeof(or_handshake_state_t));
2165  s->started_here = started_here ? 1 : 0;
2166  s->digest_sent_data = 1;
2167  s->digest_received_data = 1;
2168  if (! started_here && get_current_link_cert_cert()) {
2169  s->own_link_cert = tor_cert_dup(get_current_link_cert_cert());
2170  }
2172  s->certs->started_here = s->started_here;
2173  return 0;
2174 }
2175 
2176 /** Free all storage held by <b>state</b>. */
2177 void
2179 {
2180  if (!state)
2181  return;
2183  crypto_digest_free(state->digest_received);
2184  or_handshake_certs_free(state->certs);
2185  tor_cert_free(state->own_link_cert);
2186  memwipe(state, 0xBE, sizeof(or_handshake_state_t));
2187  tor_free(state);
2188 }
2189 
2190 /**
2191  * Remember that <b>cell</b> has been transmitted (if <b>incoming</b> is
2192  * false) or received (if <b>incoming</b> is true) during a V3 handshake using
2193  * <b>state</b>.
2194  *
2195  * (We don't record the cell, but we keep a digest of everything sent or
2196  * received during the v3 handshake, and the client signs it in an
2197  * authenticate cell.)
2198  */
2199 void
2201  or_handshake_state_t *state,
2202  const cell_t *cell,
2203  int incoming)
2204 {
2205  size_t cell_network_size = get_cell_network_size(conn->wide_circ_ids);
2206  crypto_digest_t *d, **dptr;
2207  packed_cell_t packed;
2208  if (incoming) {
2209  if (!state->digest_received_data)
2210  return;
2211  } else {
2212  if (!state->digest_sent_data)
2213  return;
2214  }
2215  if (!incoming) {
2216  log_warn(LD_BUG, "We shouldn't be sending any non-variable-length cells "
2217  "while making a handshake digest. But we think we are sending "
2218  "one with type %d.", (int)cell->command);
2219  }
2220  dptr = incoming ? &state->digest_received : &state->digest_sent;
2221  if (! *dptr)
2222  *dptr = crypto_digest256_new(DIGEST_SHA256);
2223 
2224  d = *dptr;
2225  /* Re-packing like this is a little inefficient, but we don't have to do
2226  this very often at all. */
2227  cell_pack(&packed, cell, conn->wide_circ_ids);
2228  crypto_digest_add_bytes(d, packed.body, cell_network_size);
2229  memwipe(&packed, 0, sizeof(packed));
2230 }
2231 
2232 /** Remember that a variable-length <b>cell</b> has been transmitted (if
2233  * <b>incoming</b> is false) or received (if <b>incoming</b> is true) during a
2234  * V3 handshake using <b>state</b>.
2235  *
2236  * (We don't record the cell, but we keep a digest of everything sent or
2237  * received during the v3 handshake, and the client signs it in an
2238  * authenticate cell.)
2239  */
2240 void
2242  or_handshake_state_t *state,
2243  const var_cell_t *cell,
2244  int incoming)
2245 {
2246  crypto_digest_t *d, **dptr;
2247  int n;
2248  char buf[VAR_CELL_MAX_HEADER_SIZE];
2249  if (incoming) {
2250  if (!state->digest_received_data)
2251  return;
2252  } else {
2253  if (!state->digest_sent_data)
2254  return;
2255  }
2256  dptr = incoming ? &state->digest_received : &state->digest_sent;
2257  if (! *dptr)
2258  *dptr = crypto_digest256_new(DIGEST_SHA256);
2259 
2260  d = *dptr;
2261 
2262  n = var_cell_pack_header(cell, buf, conn->wide_circ_ids);
2263  crypto_digest_add_bytes(d, buf, n);
2264  crypto_digest_add_bytes(d, (const char *)cell->payload, cell->payload_len);
2265 
2266  memwipe(buf, 0, sizeof(buf));
2267 }
2268 
2269 /** Set <b>conn</b>'s state to OR_CONN_STATE_OPEN, and tell other subsystems
2270  * as appropriate. Called when we are done with all TLS and OR handshaking.
2271  */
2272 int
2274 {
2276  connection_or_event_status(conn, OR_CONN_EVENT_CONNECTED, 0);
2277 
2278  /* Link protocol 3 appeared in Tor 0.2.3.6-alpha, so any connection
2279  * that uses an earlier link protocol should not be treated as a relay. */
2280  if (conn->link_proto < 3) {
2281  channel_mark_client(TLS_CHAN_TO_BASE(conn->chan));
2282  }
2283 
2284  or_handshake_state_free(conn->handshake_state);
2285  conn->handshake_state = NULL;
2287 
2288  return 0;
2289 }
2290 
2291 /** Pack <b>cell</b> into wire-format, and write it onto <b>conn</b>'s outbuf.
2292  * For cells that use or affect a circuit, this should only be called by
2293  * connection_or_flush_from_first_active_circuit().
2294  */
2295 void
2297 {
2298  packed_cell_t networkcell;
2299  size_t cell_network_size = get_cell_network_size(conn->wide_circ_ids);
2300 
2301  tor_assert(cell);
2302  tor_assert(conn);
2303 
2304  cell_pack(&networkcell, cell, conn->wide_circ_ids);
2305 
2306  /* We need to count padding cells from this non-packed code path
2307  * since they are sent via chan->write_cell() (which is not packed) */
2309  if (cell->command == CELL_PADDING)
2311 
2312  connection_buf_add(networkcell.body, cell_network_size, TO_CONN(conn));
2313 
2314  /* Touch the channel's active timestamp if there is one */
2315  if (conn->chan) {
2316  channel_timestamp_active(TLS_CHAN_TO_BASE(conn->chan));
2317 
2318  if (TLS_CHAN_TO_BASE(conn->chan)->padding_enabled) {
2320  if (cell->command == CELL_PADDING)
2322  }
2323  }
2324 
2325  if (conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V3)
2326  or_handshake_state_record_cell(conn, conn->handshake_state, cell, 0);
2327 }
2328 
2329 /** Pack a variable-length <b>cell</b> into wire-format, and write it onto
2330  * <b>conn</b>'s outbuf. Right now, this <em>DOES NOT</em> support cells that
2331  * affect a circuit.
2332  */
2333 MOCK_IMPL(void,
2336 {
2337  int n;
2338  char hdr[VAR_CELL_MAX_HEADER_SIZE];
2339  tor_assert(cell);
2340  tor_assert(conn);
2341  n = var_cell_pack_header(cell, hdr, conn->wide_circ_ids);
2342  connection_buf_add(hdr, n, TO_CONN(conn));
2343  connection_buf_add((char*)cell->payload,
2344  cell->payload_len, TO_CONN(conn));
2345  if (conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V3)
2347 
2349  /* Touch the channel's active timestamp if there is one */
2350  if (conn->chan)
2351  channel_timestamp_active(TLS_CHAN_TO_BASE(conn->chan));
2352 }
2353 
2354 /** See whether there's a variable-length cell waiting on <b>or_conn</b>'s
2355  * inbuf. Return values as for fetch_var_cell_from_buf(). */
2356 static int
2358 {
2359  connection_t *conn = TO_CONN(or_conn);
2360  return fetch_var_cell_from_buf(conn->inbuf, out, or_conn->link_proto);
2361 }
2362 
2363 /** Process cells from <b>conn</b>'s inbuf.
2364  *
2365  * Loop: while inbuf contains a cell, pull it off the inbuf, unpack it,
2366  * and hand it to command_process_cell().
2367  *
2368  * Always return 0.
2369  */
2370 static int
2372 {
2373  var_cell_t *var_cell;
2374 
2375  /*
2376  * Note on memory management for incoming cells: below the channel layer,
2377  * we shouldn't need to consider its internal queueing/copying logic. It
2378  * is safe to pass cells to it on the stack or on the heap, but in the
2379  * latter case we must be sure we free them later.
2380  *
2381  * The incoming cell queue code in channel.c will (in the common case)
2382  * decide it can pass them to the upper layer immediately, in which case
2383  * those functions may run directly on the cell pointers we pass here, or
2384  * it may decide to queue them, in which case it will allocate its own
2385  * buffer and copy the cell.
2386  */
2387 
2388  while (1) {
2389  log_debug(LD_OR,
2390  TOR_SOCKET_T_FORMAT": starting, inbuf_datalen %d "
2391  "(%d pending in tls object).",
2392  conn->base_.s,(int)connection_get_inbuf_len(TO_CONN(conn)),
2394  if (connection_fetch_var_cell_from_buf(conn, &var_cell)) {
2395  if (!var_cell)
2396  return 0; /* not yet. */
2397 
2398  /* Touch the channel's active timestamp if there is one */
2399  if (conn->chan)
2400  channel_timestamp_active(TLS_CHAN_TO_BASE(conn->chan));
2401 
2403  channel_tls_handle_var_cell(var_cell, conn);
2404  var_cell_free(var_cell);
2405  } else {
2406  const int wide_circ_ids = conn->wide_circ_ids;
2407  size_t cell_network_size = get_cell_network_size(conn->wide_circ_ids);
2408  char buf[CELL_MAX_NETWORK_SIZE];
2409  cell_t cell;
2410  if (connection_get_inbuf_len(TO_CONN(conn))
2411  < cell_network_size) /* whole response available? */
2412  return 0; /* not yet */
2413 
2414  /* Touch the channel's active timestamp if there is one */
2415  if (conn->chan)
2416  channel_timestamp_active(TLS_CHAN_TO_BASE(conn->chan));
2417 
2419  connection_buf_get_bytes(buf, cell_network_size, TO_CONN(conn));
2420 
2421  /* retrieve cell info from buf (create the host-order struct from the
2422  * network-order string) */
2423  cell_unpack(&cell, buf, wide_circ_ids);
2424 
2425  channel_tls_handle_cell(&cell, conn);
2426  }
2427  }
2428 }
2429 
2430 /** Array of recognized link protocol versions. */
2431 static const uint16_t or_protocol_versions[] = { 1, 2, 3, 4, 5 };
2432 /** Number of versions in <b>or_protocol_versions</b>. */
2433 static const int n_or_protocol_versions =
2434  (int)( sizeof(or_protocol_versions)/sizeof(uint16_t) );
2435 
2436 /** Return true iff <b>v</b> is a link protocol version that this Tor
2437  * implementation believes it can support. */
2438 int
2440 {
2441  int i;
2442  for (i = 0; i < n_or_protocol_versions; ++i) {
2443  if (or_protocol_versions[i] == v)
2444  return 1;
2445  }
2446  return 0;
2447 }
2448 
2449 /** Send a VERSIONS cell on <b>conn</b>, telling the other host about the
2450  * link protocol versions that this Tor can support.
2451  *
2452  * If <b>v3_plus</b>, this is part of a V3 protocol handshake, so only
2453  * allow protocol version v3 or later. If not <b>v3_plus</b>, this is
2454  * not part of a v3 protocol handshake, so don't allow protocol v3 or
2455  * later.
2456  **/
2457 int
2459 {
2460  var_cell_t *cell;
2461  int i;
2462  int n_versions = 0;
2463  const int min_version = v3_plus ? 3 : 0;
2464  const int max_version = v3_plus ? UINT16_MAX : 2;
2465  tor_assert(conn->handshake_state &&
2468  cell->command = CELL_VERSIONS;
2469  for (i = 0; i < n_or_protocol_versions; ++i) {
2470  uint16_t v = or_protocol_versions[i];
2471  if (v < min_version || v > max_version)
2472  continue;
2473  set_uint16(cell->payload+(2*n_versions), htons(v));
2474  ++n_versions;
2475  }
2476  cell->payload_len = n_versions * 2;
2477 
2479  conn->handshake_state->sent_versions_at = time(NULL);
2480 
2481  var_cell_free(cell);
2482  return 0;
2483 }
2484 
2485 static netinfo_addr_t *
2486 netinfo_addr_from_tor_addr(const tor_addr_t *tor_addr)
2487 {
2488  sa_family_t addr_family = tor_addr_family(tor_addr);
2489 
2490  if (BUG(addr_family != AF_INET && addr_family != AF_INET6))
2491  return NULL;
2492 
2493  netinfo_addr_t *netinfo_addr = netinfo_addr_new();
2494 
2495  if (addr_family == AF_INET) {
2496  netinfo_addr_set_addr_type(netinfo_addr, NETINFO_ADDR_TYPE_IPV4);
2497  netinfo_addr_set_len(netinfo_addr, 4);
2498  netinfo_addr_set_addr_ipv4(netinfo_addr, tor_addr_to_ipv4h(tor_addr));
2499  } else if (addr_family == AF_INET6) {
2500  netinfo_addr_set_addr_type(netinfo_addr, NETINFO_ADDR_TYPE_IPV6);
2501  netinfo_addr_set_len(netinfo_addr, 16);
2502  uint8_t *ipv6_buf = netinfo_addr_getarray_addr_ipv6(netinfo_addr);
2503  const uint8_t *in6_addr = tor_addr_to_in6_addr8(tor_addr);
2504  memcpy(ipv6_buf, in6_addr, 16);
2505  }
2506 
2507  return netinfo_addr;
2508 }
2509 
2510 /** Send a NETINFO cell on <b>conn</b>, telling the other server what we know
2511  * about their address, our address, and the current time. */
2512 MOCK_IMPL(int,
2514 {
2515  cell_t cell;
2516  time_t now = time(NULL);
2517  const routerinfo_t *me;
2518  int r = -1;
2519 
2520  tor_assert(conn->handshake_state);
2521 
2522  if (conn->handshake_state->sent_netinfo) {
2523  log_warn(LD_BUG, "Attempted to send an extra netinfo cell on a connection "
2524  "where we already sent one.");
2525  return 0;
2526  }
2527 
2528  memset(&cell, 0, sizeof(cell_t));
2529  cell.command = CELL_NETINFO;
2530 
2531  netinfo_cell_t *netinfo_cell = netinfo_cell_new();
2532 
2533  /* Timestamp, if we're a relay. */
2534  if (public_server_mode(get_options()) || ! conn->is_outgoing)
2535  netinfo_cell_set_timestamp(netinfo_cell, (uint32_t)now);
2536 
2537  /* Their address. */
2538  const tor_addr_t *remote_tor_addr = &TO_CONN(conn)->addr;
2539  /* We can safely use TO_CONN(conn)->addr here, since we no longer replace
2540  * it with a canonical address. */
2541  netinfo_addr_t *their_addr = netinfo_addr_from_tor_addr(remote_tor_addr);
2542 
2543  netinfo_cell_set_other_addr(netinfo_cell, their_addr);
2544 
2545  /* My address -- only include it if I'm a public relay, or if I'm a
2546  * bridge and this is an incoming connection. If I'm a bridge and this
2547  * is an outgoing connection, act like a normal client and omit it. */
2548  if ((public_server_mode(get_options()) || !conn->is_outgoing) &&
2549  (me = router_get_my_routerinfo())) {
2550  uint8_t n_my_addrs = 1 + !tor_addr_is_null(&me->ipv6_addr);
2551  netinfo_cell_set_n_my_addrs(netinfo_cell, n_my_addrs);
2552 
2553  netinfo_cell_add_my_addrs(netinfo_cell,
2554  netinfo_addr_from_tor_addr(&me->ipv4_addr));
2555 
2556  if (!tor_addr_is_null(&me->ipv6_addr)) {
2557  netinfo_cell_add_my_addrs(netinfo_cell,
2558  netinfo_addr_from_tor_addr(&me->ipv6_addr));
2559  }
2560  }
2561 
2562  const char *errmsg = NULL;
2563  if ((errmsg = netinfo_cell_check(netinfo_cell))) {
2564  log_warn(LD_OR, "Failed to validate NETINFO cell with error: %s",
2565  errmsg);
2566  goto cleanup;
2567  }
2568 
2569  if (netinfo_cell_encode(cell.payload, CELL_PAYLOAD_SIZE,
2570  netinfo_cell) < 0) {
2571  log_warn(LD_OR, "Failed generating NETINFO cell");
2572  goto cleanup;
2573  }
2574 
2575  conn->handshake_state->digest_sent_data = 0;
2576  conn->handshake_state->sent_netinfo = 1;
2577  connection_or_write_cell_to_buf(&cell, conn);
2578 
2579  r = 0;
2580  cleanup:
2581  netinfo_cell_free(netinfo_cell);
2582 
2583  return r;
2584 }
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
Definition: address.c:933
int tor_addr_is_null(const tor_addr_t *addr)
Definition: address.c:780
void tor_addr_port_copy(tor_addr_port_t *dest, const tor_addr_port_t *source)
Definition: address.c:2121
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:187
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
Definition: address.h:160
#define tor_addr_to_in6_addr8(x)
Definition: address.h:135
#define fmt_addr(a)
Definition: address.h:239
#define tor_addr_eq(a, b)
Definition: address.h:280
time_t approx_time(void)
Definition: approx_time.c:32
int authdir_mode_tests_reachability(const or_options_t *options)
Definition: authmode.c:68
Header file for directory authority mode.
const char * hex_str(const char *from, size_t fromlen)
Definition: binascii.c:34
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
Definition: binascii.c:478
const char * find_transport_name_by_bridge_addrport(const tor_addr_t *addr, uint16_t port)
Definition: bridges.c:597
void learned_router_identity(const tor_addr_t *addr, uint16_t port, const char *digest, const ed25519_public_key_t *ed_id)
Definition: bridges.c:403
Header file for circuitbuild.c.
size_t buf_datalen(const buf_t *buf)
Definition: buffers.c:394
Header file for buffers.c.
static void set_uint16(void *cp, uint16_t v)
Definition: bytes.h:78
static uint16_t get_uint16(const void *cp)
Definition: bytes.h:42
static void set_uint32(void *cp, uint32_t v)
Definition: bytes.h:87
static uint8_t get_uint8(const void *cp)
Definition: bytes.h:23
static void set_uint8(void *cp, uint8_t v)
Definition: bytes.h:31
static uint32_t get_uint32(const void *cp)
Definition: bytes.h:54
Cell queue structures.
Fixed-size cell structure.
void channel_timestamp_active(channel_t *chan)
Definition: channel.c:3144
void channel_set_circid_type(channel_t *chan, crypto_pk_t *identity_rcvd, int consider_identity)
Definition: channel.c:3355
int channel_is_better(channel_t *a, channel_t *b)
Definition: channel.c:2341
int channel_is_bad_for_new_circs(channel_t *chan)
Definition: channel.c:2887
void channel_set_identity_digest(channel_t *chan, const char *identity_digest, const ed25519_public_key_t *ed_identity)
Definition: channel.c:1335
void channel_mark_client(channel_t *chan)
Definition: channel.c:2928
void channel_closed(channel_t *chan)
Definition: channel.c:1275
void channel_close_from_lower_layer(channel_t *chan)
Definition: channel.c:1220
void channel_listener_queue_incoming(channel_listener_t *listener, channel_t *incoming)
Definition: channel.c:1929
time_t channel_when_last_client(channel_t *chan)
Definition: channel.c:3264
void channel_mark_bad_for_new_circs(channel_t *chan)
Definition: channel.c:2900
void channel_close_for_error(channel_t *chan)
Definition: channel.c:1248
void channel_clear_identity_digest(channel_t *chan)
Definition: channel.c:1306
unsigned int channel_num_circuits(channel_t *chan)
Definition: channel.c:3338
Header file for channel.c.
unsigned int channelpadding_get_channel_idle_timeout(const channel_t *chan, int is_canonical)
void channel_tls_handle_var_cell(var_cell_t *var_cell, or_connection_t *conn)
Definition: channeltls.c:1183
channel_t * channel_tls_to_base(channel_tls_t *tlschan)
Definition: channeltls.c:397
void channel_tls_handle_state_change_on_orconn(channel_tls_t *chan, or_connection_t *conn, uint8_t state)
Definition: channeltls.c:964
channel_listener_t * channel_tls_get_listener(void)
Definition: channeltls.c:255
void channel_tls_handle_cell(cell_t *cell, or_connection_t *conn)
Definition: channeltls.c:1067
void channel_tls_update_marks(or_connection_t *conn)
Definition: channeltls.c:1357
channel_listener_t * channel_tls_start_listener(void)
Definition: channeltls.c:267
channel_t * channel_tls_handle_incoming(or_connection_t *orconn)
Definition: channeltls.c:330
Header file for channeltls.c.
Header file for circuitbuild.c.
Header file for circuitlist.c.
void circuit_build_times_network_is_live(circuit_build_times_t *cbt)
circuit_build_times_t * get_circuit_build_times_mutable(void)
Definition: circuitstats.c:85
Header file for circuitstats.c.
void command_setup_listener(channel_listener_t *listener)
Definition: command.c:710
Header file for command.c.
uint32_t monotime_coarse_get_stamp(void)
Definition: compat_time.c:847
const or_options_t * get_options(void)
Definition: config.c:926
Header file for config.c.
Public APIs for congestion control.
static uint32_t or_conn_highwatermark(void)
static uint32_t or_conn_lowwatermark(void)
or_connection_t * or_connection_new(int type, int socket_family)
Definition: connection.c:579
int connection_buf_get_bytes(char *string, size_t len, connection_t *conn)
Definition: connection.c:4311
const char * conn_state_to_string(int type, int state)
Definition: connection.c:305
int get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type, int *is_pt_out, const connection_t *conn)
Definition: connection.c:5805
int connection_proxy_connect(connection_t *conn, int type)
Definition: connection.c:2801
const char * connection_describe(const connection_t *conn)
Definition: connection.c:546
void assert_connection_ok(connection_t *conn, time_t now)
Definition: connection.c:5660
int connection_read_proxy_handshake(connection_t *conn)
Definition: connection.c:2954
const char * connection_describe_peer(const connection_t *conn)
Definition: connection.c:531
void connection_free_(connection_t *conn)
Definition: connection.c:973
int connection_connect(connection_t *conn, const char *address, const tor_addr_t *addr, uint16_t port, int *socket_error)
Definition: connection.c:2447
Header file for connection.c.
#define CONN_TYPE_OR
Definition: connection.h:44
#define CONN_TYPE_EXT_OR
Definition: connection.h:71
static int connection_tls_finish_handshake(or_connection_t *conn)
or_connection_t * connection_or_connect(const tor_addr_t *_addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id, channel_tls_t *chan)
void connection_or_event_status(or_connection_t *conn, or_conn_status_event_t tp, int reason)
static void connection_or_tls_renegotiated_cb(tor_tls_t *tls, void *_conn)
int is_or_protocol_version_known(uint16_t v)
int connection_or_set_state_open(or_connection_t *conn)
int connection_or_reached_eof(or_connection_t *conn)
static const int n_or_protocol_versions
int connection_tls_continue_handshake(or_connection_t *conn)
static void connection_or_set_identity_digest(or_connection_t *conn, const char *rsa_digest, const ed25519_public_key_t *ed_id)
void connection_or_notify_error(or_connection_t *conn, int reason, const char *msg)
void connection_or_write_cell_to_buf(const cell_t *cell, or_connection_t *conn)
int connection_or_process_inbuf(or_connection_t *conn)
static int connection_fetch_var_cell_from_buf(or_connection_t *or_conn, var_cell_t **out)
void connection_or_clear_identity(or_connection_t *conn)
int connection_or_send_versions(or_connection_t *conn, int v3_plus)
var_cell_t * var_cell_new(uint16_t payload_len)
int connection_or_client_learned_peer_id(or_connection_t *conn, const uint8_t *rsa_peer_id, const ed25519_public_key_t *ed_peer_id)
static void connection_or_update_token_buckets_helper(or_connection_t *conn, int reset, const or_options_t *options)
time_t connection_or_client_used(or_connection_t *conn)
void cell_pack(packed_cell_t *dst, const cell_t *src, int wide_circ_ids)
static void connection_or_note_state_when_broken(or_connection_t *orconn)
void or_handshake_state_free_(or_handshake_state_t *state)
void or_handshake_state_record_var_cell(or_connection_t *conn, or_handshake_state_t *state, const var_cell_t *cell, int incoming)
int var_cell_pack_header(const var_cell_t *cell, char *hdr_out, int wide_circ_ids)
int connection_or_finished_flushing(or_connection_t *conn)
static unsigned int connection_or_is_bad_for_new_circs(or_connection_t *or_conn)
void clear_broken_connection_map(int stop_recording)
static void cell_unpack(cell_t *dest, const char *src, int wide_circ_ids)
void connection_or_connect_failed(or_connection_t *conn, int reason, const char *msg)
static int connection_or_process_cells_from_inbuf(or_connection_t *conn)
int connection_or_send_netinfo(or_connection_t *conn)
void var_cell_free_(var_cell_t *cell)
int connection_or_single_set_badness_(time_t now, or_connection_t *or_conn, int force)
int connection_tls_start_handshake(or_connection_t *conn, int receiving)
static int connection_or_check_valid_tls_handshake(or_connection_t *conn, int started_here, char *digest_rcvd_out)
void connection_or_change_state(or_connection_t *conn, uint8_t state)
var_cell_t * var_cell_copy(const var_cell_t *src)
void or_handshake_state_record_cell(or_connection_t *conn, or_handshake_state_t *state, const cell_t *cell, int incoming)
static int connection_or_launch_v3_or_handshake(or_connection_t *conn)
static void note_broken_connection(const char *state)
void connection_or_report_broken_states(int severity, int domain)
static void connection_or_check_canonicity(or_connection_t *conn, int started_here)
int connection_or_digest_is_known_relay(const char *id_digest)
#define MAX_REASONS_TO_REPORT
void connection_or_init_conn_from_address(or_connection_t *conn, const tor_addr_t *addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id, int started_here)
static const uint16_t or_protocol_versions[]
int connection_or_get_num_circuits(or_connection_t *conn)
int connection_or_flushed_some(or_connection_t *conn)
int connection_or_nonopen_was_started_here(or_connection_t *conn)
static int disable_broken_connection_counts
const struct ed25519_public_key_t * connection_or_get_alleged_ed25519_id(const or_connection_t *conn)
void connection_or_close_for_error(or_connection_t *orconn, int flush)
static strmap_t * broken_connection_counts
void connection_or_update_token_buckets(smartlist_t *conns, const or_options_t *options)
static void connection_or_get_state_description(or_connection_t *orconn, char *buf, size_t buflen)
void connection_or_group_set_badness_(smartlist_t *group, int force)
const or_connection_t * CONST_TO_OR_CONN(const connection_t *c)
int connection_or_finished_connecting(or_connection_t *or_conn)
void connection_or_about_to_close(or_connection_t *or_conn)
or_connection_t * TO_OR_CONN(connection_t *c)
static int broken_state_count_compare(const void **a_ptr, const void **b_ptr)
ssize_t connection_or_num_cells_writeable(or_connection_t *conn)
int connection_init_or_handshake_state(or_connection_t *conn, int started_here)
void connection_or_block_renegotiation(or_connection_t *conn)
void connection_or_clear_identity_map(void)
void connection_or_close_normally(or_connection_t *orconn, int flush)
static void connection_or_state_publish(const or_connection_t *conn, uint8_t state)
void connection_or_write_var_cell_to_buf(const var_cell_t *cell, or_connection_t *conn)
#define TIME_BEFORE_OR_CONN_IS_TOO_OLD
Header file for connection_or.c.
void control_event_bootstrap_prob_or(const char *warn, int reason, or_connection_t *or_conn)
int control_event_or_conn_status(or_connection_t *conn, or_conn_status_event_t tp, int reason)
Header file for control_events.c.
#define HEX_DIGEST_LEN
Definition: crypto_digest.h:35
crypto_digest_t * crypto_digest256_new(digest_algorithm_t algorithm)
#define crypto_digest_free(d)
void crypto_digest_add_bytes(crypto_digest_t *digest, const char *data, size_t len)
int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
void ed25519_public_to_base64(char *output, const ed25519_public_key_t *pkey)
const char * ed25519_fmt(const ed25519_public_key_t *pkey)
Header for crypto_format.c.
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
Definition: crypto_rsa.c:356
void memwipe(void *mem, uint8_t byte, size_t sz)
Definition: crypto_util.c:55
Common functions for cryptographic routines.
#define fast_memeq(a, b, c)
Definition: di_ops.h:35
#define tor_memneq(a, b, sz)
Definition: di_ops.h:21
#define DIGEST_LEN
Definition: digest_sizes.h:20
int router_digest_is_fallback_dir(const char *digest)
Definition: dirlist.c:205
Header file for dirlist.c.
void entry_guard_chan_failed(channel_t *chan)
Definition: entrynodes.c:2588
Header file for circuitbuild.c.
Header for ext_orport.c.
Header file for geoip.c.
HT_PROTOTYPE(hs_circuitmap_ht, circuit_t, hs_circuitmap_node, hs_circuit_hash_token, hs_circuits_have_same_token)
Header file containing service data for the HS subsystem.
typedef HT_HEAD(hs_service_ht, hs_service_t) hs_service_ht
uint16_t sa_family_t
Definition: inaddr_st.h:77
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
Definition: log.c:590
#define log_fn(severity, domain, args,...)
Definition: log.h:283
#define LD_PROTOCOL
Definition: log.h:72
#define LD_OR
Definition: log.h:92
#define LD_BUG
Definition: log.h:86
#define LD_HANDSHAKE
Definition: log.h:101
#define LD_NET
Definition: log.h:66
#define LD_GENERAL
Definition: log.h:62
#define LD_CIRC
Definition: log.h:82
#define LOG_WARN
Definition: log.h:53
#define LOG_INFO
Definition: log.h:45
#define bool_neq(a, b)
Definition: logic.h:18
#define bool_eq(a, b)
Definition: logic.h:16
void connection_watch_events(connection_t *conn, watchable_events_t events)
Definition: mainloop.c:485
void connection_start_reading(connection_t *conn)
Definition: mainloop.c:623
void connection_start_writing(connection_t *conn)
Definition: mainloop.c:686
smartlist_t * get_connection_array(void)
Definition: mainloop.c:443
void connection_stop_writing(connection_t *conn)
Definition: mainloop.c:663
Header file for mainloop.c.
@ WRITE_EVENT
Definition: mainloop.h:38
@ READ_EVENT
Definition: mainloop.h:37
void tor_free_(void *mem)
Definition: malloc.c:227
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
Definition: malloc.c:146
#define tor_free(p)
Definition: malloc.h:56
int usable_consensus_flavor(void)
Definition: microdesc.c:1086
Header file for microdesc.c.
networkstatus_t * networkstatus_get_reasonably_live_consensus(time_t now, int flavor)
const routerstatus_t * router_get_consensus_status_by_id(const char *digest)
int32_t networkstatus_get_param(const networkstatus_t *ns, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
Header file for networkstatus.c.
void node_get_prim_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1821
const char * node_get_nickname(const node_t *node)
Definition: nodelist.c:1450
bool node_supports_ed25519_link_authentication(const node_t *node, bool compatible_with_us)
Definition: nodelist.c:1235
int node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id)
Definition: nodelist.c:1195
const node_t * node_get_by_id(const char *identity_digest)
Definition: nodelist.c:226
void node_get_pref_ipv6_orport(const node_t *node, tor_addr_port_t *ap_out)
Definition: nodelist.c:1857
Header file for nodelist.c.
Master header file for Tor-specific functionality.
#define CELL_PAYLOAD_SIZE
Definition: or.h:456
#define VAR_CELL_MAX_HEADER_SIZE
Definition: or.h:462
#define CELL_MAX_NETWORK_SIZE
Definition: or.h:459
#define TO_CONN(c)
Definition: or.h:603
#define DOWNCAST(to, ptr)
Definition: or.h:109
OR connection structure.
OR handshake certs structure.
OR handshake state structure.
The or_state_t structure, which represents Tor's state file.
Header file for orconn_event.c.
or_conn_status_event_t
Definition: orconn_event.h:59
#define OR_CONN_STATE_TLS_SERVER_RENEGOTIATING
Definition: orconn_event.h:43
#define OR_CONN_STATE_CONNECTING
Definition: orconn_event.h:31
#define OR_CONN_STATE_OR_HANDSHAKING_V2
Definition: orconn_event.h:47
#define OR_CONN_STATE_PROXY_HANDSHAKING
Definition: orconn_event.h:33
#define OR_CONN_STATE_TLS_HANDSHAKING
Definition: orconn_event.h:36
#define OR_CONN_STATE_OR_HANDSHAKING_V3
Definition: orconn_event.h:51
#define OR_CONN_STATE_OPEN
Definition: orconn_event.h:53
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
int fetch_var_cell_from_buf(buf_t *buf, var_cell_t **out, int linkproto)
Definition: proto_cell.c:57
Header for proto_cell.c.
void dirserv_orconn_tls_done(const tor_addr_t *addr, uint16_t or_port, const char *digest_rcvd, const ed25519_public_key_t *ed_id_rcvd)
Definition: reachability.c:40
Header file for reachability.c.
int tls_error_to_orconn_end_reason(int e)
Definition: reasons.c:263
int errno_to_orconn_end_reason(int e)
Definition: reasons.c:291
const char * orconn_end_reason_to_control_string(int r)
Definition: reasons.c:225
Header file for reasons.c.
Header file for relay.c.
Header for feature/relay/relay_handshake.c.
Header file for rendcommon.c.
void rep_hist_note_negotiated_link_proto(unsigned link_proto, int started_here)
Definition: rephist.c:2784
void rep_hist_padding_count_write(padding_type_t type)
Definition: rephist.c:2814
Header file for rephist.c.
@ PADDING_TYPE_ENABLED_CELL
Definition: rephist.h:158
@ PADDING_TYPE_TOTAL
Definition: rephist.h:154
@ PADDING_TYPE_ENABLED_TOTAL
Definition: rephist.h:156
@ PADDING_TYPE_CELL
Definition: rephist.h:152
const routerinfo_t * router_get_my_routerinfo(void)
Definition: router.c:1801
int router_digest_is_me(const char *digest)
Definition: router.c:1739
Header file for router.c.
Router descriptor structure.
int router_ed25519_id_is_me(const ed25519_public_key_t *id)
Definition: routerkeys.c:631
Header for routerkeys.c.
const routerinfo_t * router_get_by_id_digest(const char *digest)
Definition: routerlist.c:774
Header file for routerlist.c.
int public_server_mode(const or_options_t *options)
Definition: routermode.c:43
int server_mode(const or_options_t *options)
Definition: routermode.c:34
Header file for routermode.c.
void scheduler_channel_wants_writes(channel_t *chan)
Definition: scheduler.c:673
Header file for scheduler*.c.
void smartlist_sort(smartlist_t *sl, int(*compare)(const void **a, const void **b))
Definition: smartlist.c:334
smartlist_t * smartlist_new(void)
void smartlist_add(smartlist_t *sl, void *element)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
Definition: cell_st.h:17
uint8_t payload[CELL_PAYLOAD_SIZE]
Definition: cell_st.h:21
uint8_t command
Definition: cell_st.h:19
circid_t circ_id
Definition: cell_st.h:18
struct ed25519_public_key_t ed25519_identity
Definition: channel.h:388
unsigned int proxy_state
Definition: connection_st.h:96
uint8_t state
Definition: connection_st.h:49
struct buf_t * inbuf
unsigned int hold_open_until_flushed
Definition: connection_st.h:61
unsigned int type
Definition: connection_st.h:50
uint32_t magic
Definition: connection_st.h:46
uint64_t global_identifier
uint16_t marked_for_close
uint16_t port
tor_socket_t s
time_t timestamp_created
tor_addr_t addr
Definition: node_st.h:34
token_bucket_rw_t bucket
channel_tls_t * chan
unsigned int potentially_used_for_bootstrapping
char identity_digest[DIGEST_LEN]
unsigned int is_outgoing
or_handshake_state_t * handshake_state
unsigned int is_pt
tor_addr_port_t canonical_orport
struct tor_tls_t * tls
unsigned int is_canonical
unsigned int proxy_type
struct tor_cert_st * own_link_cert
crypto_digest_t * digest_sent
or_handshake_certs_t * certs
uint64_t BandwidthRate
uint64_t PerConnBWBurst
uint64_t PerConnBWRate
uint64_t BandwidthBurst
char body[CELL_MAX_NETWORK_SIZE]
Definition: cell_queue_st.h:21
tor_addr_t ipv6_addr
Definition: routerinfo_st.h:30
tor_addr_t ipv4_addr
Definition: routerinfo_st.h:25
uint8_t command
Definition: var_cell_st.h:18
uint16_t payload_len
Definition: var_cell_st.h:22
circid_t circ_id
Definition: var_cell_st.h:20
uint8_t payload[FLEXIBLE_ARRAY_MEMBER]
Definition: var_cell_st.h:24
#define STATIC
Definition: testsupport.h:32
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
void token_bucket_rw_adjust(token_bucket_rw_t *bucket, uint32_t rate, uint32_t burst)
Definition: token_bucket.c:152
void token_bucket_rw_reset(token_bucket_rw_t *bucket, uint32_t now_ts)
Definition: token_bucket.c:167
or_handshake_certs_t * or_handshake_certs_new(void)
Definition: torcert.c:471
tor_cert_t * tor_cert_dup(const tor_cert_t *cert)
Definition: torcert.c:294
Header for torcert.c.
int tor_tls_is_server(tor_tls_t *tls)
Definition: tortls.c:379
void tor_tls_set_logged_address(tor_tls_t *tls, const char *address)
Definition: tortls.c:369
const char * tor_tls_err_to_string(int err)
Definition: tortls.c:155
int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity)
Definition: tortls.c:416
Headers for tortls.c.
void tor_tls_block_renegotiation(tor_tls_t *tls)
Definition: tortls_nss.c:647
int tor_tls_peer_has_cert(tor_tls_t *tls)
Definition: tortls_nss.c:532
int tor_tls_used_v1_handshake(tor_tls_t *tls)
Definition: tortls_nss.c:717
void tor_tls_set_renegotiate_callback(tor_tls_t *tls, void(*cb)(tor_tls_t *, void *arg), void *arg)
Definition: tortls_nss.c:468
#define CASE_TOR_TLS_ERROR_ANY
Definition: tortls.h:62
int tor_tls_get_pending_bytes(tor_tls_t *tls)
Definition: tortls_nss.c:654
int tor_tls_handshake(tor_tls_t *tls)
Definition: tortls_nss.c:613
const char * tor_tls_get_last_error_msg(const tor_tls_t *tls)
Definition: tortls_nss.c:397
void tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz)
Definition: tortls_nss.c:346
tor_tls_t * tor_tls_new(tor_socket_t sock, int is_server)
Definition: tortls_nss.c:409
#define tor_assert_nonfatal_unreached()
Definition: util_bug.h:176
#define tor_assert(expr)
Definition: util_bug.h:102
#define tor_fragile_assert()
Definition: util_bug.h:270
#define IF_BUG_ONCE(cond)
Definition: util_bug.h:246
int tor_digest_is_zero(const char *digest)
Definition: util_string.c:96
Variable-length cell structure.
#define ED25519_BASE64_LEN
Definition: x25519_sizes.h:43