31#define CHANNEL_OBJECT_PRIVATE
32#define CONNECTION_OR_PRIVATE
33#define ORCONN_EVENT_PRIVATE
50#include "trunnel/netinfo.h"
67#include "core/or/channelpadding.h"
91 char *digest_rcvd_out);
97static void connection_or_mark_bad_for_new_circs(
or_connection_t *or_conn);
144 connection_or_clear_identity(TO_OR_CONN(conn));
160 const char *rsa_digest,
168 chan = TLS_CHAN_TO_BASE(conn->
chan);
170 log_info(
LD_HANDSHAKE,
"Set identity digest for %s at %p: %s %s.",
180 const int ed_id_was_set =
182 const int new_ed_id_is_set =
184 const int rsa_changed =
186 const int ed_changed =
bool_neq(ed_id_was_set, new_ed_id_is_set) ||
187 (ed_id_was_set && new_ed_id_is_set && chan &&
190 if (BUG(rsa_changed && rsa_id_was_set))
192 if (BUG(ed_changed && ed_id_was_set))
195 if (!rsa_changed && !ed_changed)
199 if (rsa_id_was_set) {
225 if (conn && conn->
chan) {
227 chan = TLS_CHAN_TO_BASE(conn->
chan);
284 char *buf,
size_t buflen)
287 const char *conn_state;
295 tor_snprintf(buf, buflen,
"%s with SSL state %s", conn_state, tls_state);
307 log_info(
LD_HANDSHAKE,
"Connection died in state '%s'", buf);
322 if (b->count < a->count)
324 else if (b->count == a->count)
332#define MAX_REASONS_TO_REPORT 10
348 c->count = (intptr_t)countptr;
349 total += (int)c->count;
352 } STRMAP_FOREACH_END;
356 tor_log(severity, domain,
"%d connections have failed%s", total,
363 " %d connections died in state %s", (
int)c->count, c->state);
364 } SMARTLIST_FOREACH_END(c);
367 smartlist_free(items);
385 orconn_status_publish(msg);
405 tor_assert_nonfatal(conn->
proxy_type != PROXY_NONE);
412 msg->
chan = TLS_CHAN_TO_BASE(conn->
chan)->global_identifier;
416 orconn_state_publish(msg);
428 conn->base_.
state = state;
461 char *dest = dst->
body;
518 size_t size = offsetof(
var_cell_t, payload) + payload_len;
538 copy = tor_malloc_zero(size);
561 log_info(
LD_OR,
"OR connection reached EOF. Closing.");
578 switch (conn->base_.
state) {
586 log_fn(LOG_PROTOCOL_WARN,
LD_NET,
"Found leftover (%d bytes) "
587 "when transitioning from PROXY_HANDSHAKING state on %s: "
619 log_fn(LOG_PROTOCOL_WARN,
LD_NET,
"Accumulated data (%d bytes) "
620 "on non-open %s; closing.",
643 datalen = connection_get_outbuf_len(
TO_CONN(conn));
657 size_t datalen, cell_network_size;
667 datalen = connection_get_outbuf_len(
TO_CONN(conn));
669 cell_network_size = get_cell_network_size(conn->wide_circ_ids);
690 switch (conn->base_.
state) {
700 TO_CONN(conn)->proxy_state = PROXY_CONNECTED;
715 log_err(
LD_BUG,
"Called in unexpected state %d.", conn->base_.
state);
742 if (proxy_type != PROXY_NONE) {
777 or_conn->
chan->conn = NULL;
778 or_conn->
chan = NULL;
794 const char *warning = NULL;
795 if (reason == END_OR_CONN_REASON_TLS_ERROR && or_conn->
tls) {
798 if (warning == NULL) {
816 END_OR_CONN_REASON_DONE);
880 if (connection_speaks_cells(conn))
901 TLS_CHAN_TO_BASE(or_conn->
chan), is_canonical);
904 "Channel %"PRIu64
" chose an idle timeout of %d.",
906 (TLS_CHAN_TO_BASE(or_conn->
chan)->global_identifier):0,
918 const char *id_digest,
922 log_debug(
LD_HANDSHAKE,
"init conn from address %s: %s, %s (%d)",
931 conn->base_.
port = port;
952 ed_id = & TLS_CHAN_TO_BASE(conn->
chan)->ed25519_identity;
970 connection_or_set_canonical(conn, 1);
975 node_ap = &node_ipv4_ap;
977 node_ap = &node_ipv6_ap;
1026#define TIME_BEFORE_OR_CONN_IS_TOO_OLD (60*60*24*7)
1048 "Marking %s as too old for new circuits "
1049 "(fd "TOR_SOCKET_T_FORMAT
", %d secs old).",
1053 connection_or_mark_bad_for_new_circs(or_conn);
1083 int n_canonical = 0;
1084 time_t now = time(NULL);
1095 } SMARTLIST_FOREACH_END(or_conn);
1110 "Marking %s unsuitable for new circuits: "
1111 "(fd "TOR_SOCKET_T_FORMAT
", %d secs old). It is not "
1112 "canonical, and we have another connection to that OR that is.",
1116 connection_or_mark_bad_for_new_circs(or_conn);
1122 TLS_CHAN_TO_BASE(best->
chan))) {
1125 } SMARTLIST_FOREACH_END(or_conn);
1149 if (or_conn != best &&
1151 TLS_CHAN_TO_BASE(or_conn->
chan))) {
1155 "Marking %s as unsuitable for new circuits: "
1156 "(fd "TOR_SOCKET_T_FORMAT
", %d secs old). "
1157 "We have a better canonical one "
1158 "(fd "TOR_SOCKET_T_FORMAT
"; %d secs old).",
1163 connection_or_mark_bad_for_new_circs(or_conn);
1167 "Marking %s unsuitable for new circuits: "
1168 "(fd "TOR_SOCKET_T_FORMAT
", %d secs old). We have a better "
1170 "same address (fd "TOR_SOCKET_T_FORMAT
"; %d secs old).",
1175 connection_or_mark_bad_for_new_circs(or_conn);
1178 } SMARTLIST_FOREACH_END(or_conn);
1183#define OR_CONNECT_FAILURE_LIFETIME 60
1185#define OR_CONNECT_FAILURE_CLEANUP_INTERVAL 60
1189static time_t or_connect_failure_map_next_cleanup_ts = 0;
1212 time_t last_failed_connect_ts;
1218 or_connect_failures_map = HT_INITIALIZER();
1235 size_t offset = 0, addr_size;
1236 const void *addr_ptr;
1238 uint8_t data[16 +
sizeof(uint16_t) +
DIGEST_LEN];
1244 addr_ptr = &entry->addr.addr.in_addr.s_addr;
1248 addr_ptr = &entry->addr.addr.in6_addr.s6_addr;
1255 memcpy(data, addr_ptr, addr_size);
1256 offset += addr_size;
1257 memcpy(data + offset, entry->identity_digest,
DIGEST_LEN);
1260 offset +=
sizeof(uint16_t);
1262 return (
unsigned int) siphash24g(data, offset);
1266 or_connect_failure_ht_hash, or_connect_failure_ht_eq);
1269 or_connect_failure_ht_hash, or_connect_failure_ht_eq,
1275or_connect_failure_init(
const char *identity_digest,
const tor_addr_t *addr,
1279 if (identity_digest) {
1280 memcpy(ocf->identity_digest, identity_digest,
1281 sizeof(ocf->identity_digest));
1308 TO_CONN(or_conn)->port, &lookup);
1309 return HT_FIND(or_connect_failure_ht, &or_connect_failures_map, &lookup);
1328 ocf = or_connect_failure_find(or_conn);
1330 ocf = or_connect_failure_new(or_conn);
1331 HT_INSERT(or_connect_failure_ht, &or_connect_failures_map, ocf);
1339or_connect_failure_map_cleanup(time_t cutoff)
1343 for (ptr = HT_START(or_connect_failure_ht, &or_connect_failures_map);
1344 ptr != NULL; ptr = next) {
1346 if (entry->last_failed_connect_ts <= cutoff) {
1347 next = HT_NEXT_RMV(or_connect_failure_ht, &or_connect_failures_map, ptr);
1350 next = HT_NEXT(or_connect_failure_ht, &or_connect_failures_map, ptr);
1364 time_t connect_failed_since_ts = 0;
1370 cutoff = now - OR_CONNECT_FAILURE_LIFETIME;
1374 if (or_connect_failure_map_next_cleanup_ts <= now) {
1375 or_connect_failure_map_cleanup(cutoff);
1376 or_connect_failure_map_next_cleanup_ts =
1377 now + OR_CONNECT_FAILURE_CLEANUP_INTERVAL;
1382 ocf = or_connect_failure_find(or_conn);
1384 connect_failed_since_ts = ocf->last_failed_connect_ts;
1388 if (connect_failed_since_ts > cutoff) {
1406 int reason,
const char *msg)
1411 note_or_connect_failed(conn);
1422 int reason,
const char *msg)
1434 chan = TLS_CHAN_TO_BASE(conn->
chan);
1436 if (!CHANNEL_CONDEMNED(chan)) {
1462 const char *id_digest,
1464 channel_tls_t *chan))
1468 int socket_error = 0;
1473 uint16_t proxy_port;
1474 int proxy_type, is_pt = 0;
1481 log_info(
LD_PROTOCOL,
"Client asked me to connect to myself. Refusing.");
1485 log_info(
LD_PROTOCOL,
"Client asked me to connect to myself by Ed25519 "
1486 "identity. Refusing.");
1506 if (!should_connect_to_relay(conn)) {
1507 log_info(
LD_GENERAL,
"Can't connect to %s because we "
1508 "failed earlier. Refusing.",
1521 if (proxy_type != PROXY_NONE) {
1525 conn->
is_pt = is_pt;
1539 const char *transport_name =
1543 if (transport_name) {
1544 log_warn(
LD_GENERAL,
"We were supposed to connect to bridge '%s' "
1545 "using pluggable transport '%s', but we can't find a pluggable "
1546 "transport proxy supporting '%s'. This can happen if you "
1547 "haven't provided a ClientTransportPlugin line, or if "
1548 "your pluggable transport proxy stopped running.",
1550 transport_name, transport_name);
1553 "Can't connect to bridge",
1554 END_OR_CONN_REASON_PT_MISSING,
1558 log_warn(
LD_GENERAL,
"Tried to connect to %s through a proxy, but "
1559 "the proxy address could not be found.",
1568 &addr, port, &socket_error)) {
1575 tor_socket_strerror(socket_error));
1613 if (flush) connection_mark_and_flush_internal(
TO_CONN(orconn));
1614 else connection_mark_for_close_internal(
TO_CONN(orconn));
1616 chan = TLS_CHAN_TO_BASE(orconn->
chan);
1618 if (!CHANNEL_CONDEMNED(chan)) {
1634 if (flush) connection_mark_and_flush_internal(
TO_CONN(orconn));
1635 else connection_mark_for_close_internal(
TO_CONN(orconn));
1637 chan = TLS_CHAN_TO_BASE(orconn->
chan);
1639 if (!CHANNEL_CONDEMNED(chan)) {
1665 if (!chan_listener) {
1677 log_warn(
LD_BUG,
"tor_tls_new failed. Closing.");
1684 log_debug(
LD_HANDSHAKE,
"starting TLS handshake on fd "TOR_SOCKET_T_FORMAT,
1731 check_no_tls_errors();
1741 log_info(
LD_OR,
"tls error [%s]. breaking connection.",
1751 log_debug(
LD_OR,
"Done with initial SSL handshake (server-side). "
1752 "Expecting renegotiation or VERSIONS cell");
1765 case TOR_TLS_WANTWRITE:
1767 log_debug(
LD_OR,
"wanted write");
1769 case TOR_TLS_WANTREAD:
1770 log_debug(
LD_OR,
"wanted read");
1774 log_info(
LD_OR,
"tls closed. breaking connection.");
1823 char *digest_rcvd_out)
1828 const char *conn_type = started_here ?
"outgoing" :
"incoming";
1831 check_no_tls_errors();
1833 if (started_here && !has_cert) {
1834 log_info(
LD_HANDSHAKE,
"Tried connecting to router at %s, but it didn't "
1835 "send a cert! Closing.",
1838 }
else if (!has_cert) {
1839 log_debug(
LD_HANDSHAKE,
"Got incoming connection with no certificate. "
1842 check_no_tls_errors();
1846 conn->
tls, &identity_rcvd);
1847 if (started_here && v<0) {
1849 " has a cert but it's invalid. Closing.",
1853 log_info(
LD_HANDSHAKE,
"Incoming connection gave us an invalid cert "
1854 "chain; ignoring.");
1857 "The certificate seems to be valid on %s connection "
1858 "with %s", conn_type,
1861 check_no_tls_errors();
1864 if (identity_rcvd) {
1866 crypto_pk_free(identity_rcvd);
1876 crypto_pk_free(identity_rcvd);
1881 log_debug(
LD_HANDSHAKE,
"Calling client_learned_peer_id from "
1882 "check_valid_tls_handshake");
1884 (
const uint8_t*)digest_rcvd_out,
1917 const uint8_t *rsa_peer_id,
1921 channel_tls_t *chan_tls = conn->
chan;
1923 int changed_identity = 0;
1926 const int expected_rsa_key =
1928 const int expected_ed_key =
1931 log_info(
LD_HANDSHAKE,
"learned peer id for %s at %p: %s, %s",
1937 if (! expected_rsa_key && ! expected_ed_key) {
1938 log_info(
LD_HANDSHAKE,
"(we had no ID in mind when we made this "
1941 (
const char*)rsa_peer_id, ed_peer_id);
1947 log_info(
LD_HANDSHAKE,
"Connected to router at %s without knowing "
1948 "its key. Hoping for the best.",
1953 (
const char*)rsa_peer_id, ed_peer_id);
1954 changed_identity = 1;
1957 const int rsa_mismatch = expected_rsa_key &&
1961 const int ed25519_mismatch =
1963 (ed_peer_id == NULL ||
1966 if (rsa_mismatch || ed25519_mismatch) {
1979 strlcpy(seen_ed,
"no ed25519 key",
sizeof(seen_ed));
1984 strlcpy(expected_ed,
"no ed25519 key",
sizeof(expected_ed));
1986 const int using_hardcoded_fingerprints =
1991 const int is_authority_fingerprint = router_digest_is_trusted_dir(
1993 const int non_anonymous_mode =
1994 hs_service_non_anonymous_mode_enabled(options);
1996 const char *extra_log =
"";
2001 severity = LOG_PROTOCOL_WARN;
2003 if (using_hardcoded_fingerprints) {
2006 if (is_authority_fingerprint) {
2008 }
else if (is_fallback_fingerprint) {
2012 extra_log =
" Tor will try a different fallback.";
2024 "Tried connecting to router at %s, but RSA + ed25519 identity "
2025 "keys were not as expected: wanted %s + %s but got %s + %s.%s",
2027 expected_rsa, expected_ed, seen_rsa, seen_ed, extra_log);
2032 END_OR_CONN_REASON_OR_IDENTITY);
2035 "Unexpected identity in router certificate",
2036 END_OR_CONN_REASON_OR_IDENTITY,
2041 if (!expected_ed_key && ed_peer_id) {
2042 log_info(
LD_HANDSHAKE,
"(We had no Ed25519 ID in mind when we made this "
2045 (
const char*)rsa_peer_id, ed_peer_id);
2046 changed_identity = 1;
2049 if (changed_identity) {
2062 (
const char*)rsa_peer_id, ed_peer_id);
2103 log_debug(
LD_HANDSHAKE,
"%s tls handshake on %s done, using "
2104 "ciphersuite %s. verifying.",
2105 started_here?
"outgoing":
"incoming",
2107 tor_tls_get_ciphersuite_name(conn->
tls));
2118 conn->base_.
port, digest_rcvd,
2128 conn->base_.
port, digest_rcvd,
2161 log_warn(
LD_BUG,
"Duplicate call to connection_init_or_handshake_state!");
2167 s->digest_received_data = 1;
2168 if (! started_here && get_current_link_cert_cert()) {
2184 or_handshake_certs_free(state->
certs);
2205 size_t cell_network_size = get_cell_network_size(conn->wide_circ_ids);
2209 if (!state->digest_received_data)
2216 log_warn(
LD_BUG,
"We shouldn't be sending any non-variable-length cells "
2217 "while making a handshake digest. But we think we are sending "
2218 "one with type %d.", (
int)cell->
command);
2220 dptr = incoming ? &state->digest_received : &state->
digest_sent;
2227 cell_pack(&packed, cell, conn->wide_circ_ids);
2229 memwipe(&packed, 0,
sizeof(packed));
2250 if (!state->digest_received_data)
2256 dptr = incoming ? &state->digest_received : &state->
digest_sent;
2299 size_t cell_network_size = get_cell_network_size(conn->wide_circ_ids);
2304 cell_pack(&networkcell, cell, conn->wide_circ_ids);
2309 if (cell->
command == CELL_PADDING)
2312 connection_buf_add(networkcell.
body, cell_network_size,
TO_CONN(conn));
2318 if (TLS_CHAN_TO_BASE(conn->
chan)->padding_enabled) {
2320 if (cell->
command == CELL_PADDING)
2342 connection_buf_add(hdr, n,
TO_CONN(conn));
2343 connection_buf_add((
char*)cell->
payload,
2390 TOR_SOCKET_T_FORMAT
": starting, inbuf_datalen %d "
2391 "(%d pending in tls object).",
2392 conn->base_.
s,(
int)connection_get_inbuf_len(
TO_CONN(conn)),
2404 var_cell_free(var_cell);
2406 const int wide_circ_ids = conn->wide_circ_ids;
2407 size_t cell_network_size = get_cell_network_size(conn->wide_circ_ids);
2410 if (connection_get_inbuf_len(
TO_CONN(conn))
2411 < cell_network_size)
2463 const int min_version = v3_plus ? 3 : 0;
2464 const int max_version = v3_plus ? UINT16_MAX : 2;
2468 cell->
command = CELL_VERSIONS;
2471 if (v < min_version || v > max_version)
2481 var_cell_free(cell);
2485static netinfo_addr_t *
2486netinfo_addr_from_tor_addr(
const tor_addr_t *tor_addr)
2490 if (BUG(addr_family != AF_INET && addr_family != AF_INET6))
2493 netinfo_addr_t *netinfo_addr = netinfo_addr_new();
2495 if (addr_family == AF_INET) {
2496 netinfo_addr_set_addr_type(netinfo_addr, NETINFO_ADDR_TYPE_IPV4);
2497 netinfo_addr_set_len(netinfo_addr, 4);
2499 }
else if (addr_family == AF_INET6) {
2500 netinfo_addr_set_addr_type(netinfo_addr, NETINFO_ADDR_TYPE_IPV6);
2501 netinfo_addr_set_len(netinfo_addr, 16);
2502 uint8_t *ipv6_buf = netinfo_addr_getarray_addr_ipv6(netinfo_addr);
2507 return netinfo_addr;
2516 time_t now = time(NULL);
2523 log_warn(
LD_BUG,
"Attempted to send an extra netinfo cell on a connection "
2524 "where we already sent one.");
2528 memset(&cell, 0,
sizeof(
cell_t));
2531 netinfo_cell_t *netinfo_cell = netinfo_cell_new();
2535 netinfo_cell_set_timestamp(netinfo_cell, (uint32_t)now);
2541 netinfo_addr_t *their_addr = netinfo_addr_from_tor_addr(remote_tor_addr);
2543 netinfo_cell_set_other_addr(netinfo_cell, their_addr);
2551 netinfo_cell_set_n_my_addrs(netinfo_cell, n_my_addrs);
2553 netinfo_cell_add_my_addrs(netinfo_cell,
2554 netinfo_addr_from_tor_addr(&me->
ipv4_addr));
2557 netinfo_cell_add_my_addrs(netinfo_cell,
2558 netinfo_addr_from_tor_addr(&me->
ipv6_addr));
2562 const char *errmsg = NULL;
2563 if ((errmsg = netinfo_cell_check(netinfo_cell))) {
2564 log_warn(
LD_OR,
"Failed to validate NETINFO cell with error: %s",
2570 netinfo_cell) < 0) {
2571 log_warn(
LD_OR,
"Failed generating NETINFO cell");
2581 netinfo_cell_free(netinfo_cell);
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
int tor_addr_is_null(const tor_addr_t *addr)
void tor_addr_port_copy(tor_addr_port_t *dest, const tor_addr_port_t *source)
static sa_family_t tor_addr_family(const tor_addr_t *a)
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
#define tor_addr_to_in6_addr8(x)
#define tor_addr_eq(a, b)
int authdir_mode_tests_reachability(const or_options_t *options)
Header file for directory authority mode.
const char * hex_str(const char *from, size_t fromlen)
void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
void learned_router_identity(const tor_addr_t *addr, uint16_t port, const char *digest, const ed25519_public_key_t *ed_id)
const char * find_transport_name_by_bridge_addrport(const tor_addr_t *addr, uint16_t port)
Header file for circuitbuild.c.
size_t buf_datalen(const buf_t *buf)
Header file for buffers.c.
static void set_uint16(void *cp, uint16_t v)
static uint16_t get_uint16(const void *cp)
static void set_uint32(void *cp, uint32_t v)
static uint8_t get_uint8(const void *cp)
static void set_uint8(void *cp, uint8_t v)
static uint32_t get_uint32(const void *cp)
Fixed-size cell structure.
void channel_timestamp_active(channel_t *chan)
void channel_set_circid_type(channel_t *chan, crypto_pk_t *identity_rcvd, int consider_identity)
int channel_is_better(channel_t *a, channel_t *b)
int channel_is_bad_for_new_circs(channel_t *chan)
void channel_set_identity_digest(channel_t *chan, const char *identity_digest, const ed25519_public_key_t *ed_identity)
void channel_mark_client(channel_t *chan)
void channel_closed(channel_t *chan)
void channel_close_from_lower_layer(channel_t *chan)
void channel_listener_queue_incoming(channel_listener_t *listener, channel_t *incoming)
time_t channel_when_last_client(channel_t *chan)
void channel_mark_bad_for_new_circs(channel_t *chan)
void channel_close_for_error(channel_t *chan)
void channel_clear_identity_digest(channel_t *chan)
unsigned int channel_num_circuits(channel_t *chan)
Header file for channel.c.
unsigned int channelpadding_get_channel_idle_timeout(const channel_t *chan, int is_canonical)
void channel_tls_handle_var_cell(var_cell_t *var_cell, or_connection_t *conn)
channel_listener_t * channel_tls_start_listener(void)
void channel_tls_handle_state_change_on_orconn(channel_tls_t *chan, or_connection_t *conn, uint8_t state)
void channel_tls_handle_cell(cell_t *cell, or_connection_t *conn)
channel_listener_t * channel_tls_get_listener(void)
void channel_tls_update_marks(or_connection_t *conn)
channel_t * channel_tls_handle_incoming(or_connection_t *orconn)
channel_t * channel_tls_to_base(channel_tls_t *tlschan)
Header file for channeltls.c.
Header file for circuitbuild.c.
Header file for circuitlist.c.
circuit_build_times_t * get_circuit_build_times_mutable(void)
void circuit_build_times_network_is_live(circuit_build_times_t *cbt)
Header file for circuitstats.c.
void command_setup_listener(channel_listener_t *listener)
Header file for command.c.
uint32_t monotime_coarse_get_stamp(void)
const or_options_t * get_options(void)
Header file for config.c.
Public APIs for congestion control.
static uint32_t or_conn_highwatermark(void)
static uint32_t or_conn_lowwatermark(void)
int connection_buf_get_bytes(char *string, size_t len, connection_t *conn)
int get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type, int *is_pt_out, const connection_t *conn)
int connection_proxy_connect(connection_t *conn, int type)
void assert_connection_ok(connection_t *conn, time_t now)
int connection_read_proxy_handshake(connection_t *conn)
const char * connection_describe_peer(const connection_t *conn)
or_connection_t * or_connection_new(int type, int socket_family)
const char * connection_describe(const connection_t *conn)
void connection_free_(connection_t *conn)
int connection_connect(connection_t *conn, const char *address, const tor_addr_t *addr, uint16_t port, int *socket_error)
const char * conn_state_to_string(int type, int state)
Header file for connection.c.
static int connection_tls_finish_handshake(or_connection_t *conn)
void connection_or_event_status(or_connection_t *conn, or_conn_status_event_t tp, int reason)
static void connection_or_tls_renegotiated_cb(tor_tls_t *tls, void *_conn)
or_connection_t * TO_OR_CONN(connection_t *c)
int is_or_protocol_version_known(uint16_t v)
int connection_or_set_state_open(or_connection_t *conn)
int connection_or_reached_eof(or_connection_t *conn)
static const int n_or_protocol_versions
int connection_tls_continue_handshake(or_connection_t *conn)
static void connection_or_set_identity_digest(or_connection_t *conn, const char *rsa_digest, const ed25519_public_key_t *ed_id)
void connection_or_notify_error(or_connection_t *conn, int reason, const char *msg)
void connection_or_write_cell_to_buf(const cell_t *cell, or_connection_t *conn)
int connection_or_process_inbuf(or_connection_t *conn)
static int connection_fetch_var_cell_from_buf(or_connection_t *or_conn, var_cell_t **out)
void connection_or_clear_identity(or_connection_t *conn)
int connection_or_send_versions(or_connection_t *conn, int v3_plus)
int connection_or_client_learned_peer_id(or_connection_t *conn, const uint8_t *rsa_peer_id, const ed25519_public_key_t *ed_peer_id)
static void connection_or_update_token_buckets_helper(or_connection_t *conn, int reset, const or_options_t *options)
time_t connection_or_client_used(or_connection_t *conn)
void cell_pack(packed_cell_t *dst, const cell_t *src, int wide_circ_ids)
static void connection_or_note_state_when_broken(or_connection_t *orconn)
var_cell_t * var_cell_new(uint16_t payload_len)
void or_handshake_state_free_(or_handshake_state_t *state)
void or_handshake_state_record_var_cell(or_connection_t *conn, or_handshake_state_t *state, const var_cell_t *cell, int incoming)
int var_cell_pack_header(const var_cell_t *cell, char *hdr_out, int wide_circ_ids)
int connection_or_finished_flushing(or_connection_t *conn)
static unsigned int connection_or_is_bad_for_new_circs(or_connection_t *or_conn)
void clear_broken_connection_map(int stop_recording)
static void cell_unpack(cell_t *dest, const char *src, int wide_circ_ids)
void connection_or_connect_failed(or_connection_t *conn, int reason, const char *msg)
static int connection_or_process_cells_from_inbuf(or_connection_t *conn)
int connection_or_send_netinfo(or_connection_t *conn)
void var_cell_free_(var_cell_t *cell)
int connection_or_single_set_badness_(time_t now, or_connection_t *or_conn, int force)
int connection_tls_start_handshake(or_connection_t *conn, int receiving)
static int connection_or_check_valid_tls_handshake(or_connection_t *conn, int started_here, char *digest_rcvd_out)
void connection_or_change_state(or_connection_t *conn, uint8_t state)
void or_handshake_state_record_cell(or_connection_t *conn, or_handshake_state_t *state, const cell_t *cell, int incoming)
var_cell_t * var_cell_copy(const var_cell_t *src)
static int connection_or_launch_v3_or_handshake(or_connection_t *conn)
static void note_broken_connection(const char *state)
void connection_or_report_broken_states(int severity, int domain)
static void connection_or_check_canonicity(or_connection_t *conn, int started_here)
int connection_or_digest_is_known_relay(const char *id_digest)
#define MAX_REASONS_TO_REPORT
void connection_or_init_conn_from_address(or_connection_t *conn, const tor_addr_t *addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id, int started_here)
static const uint16_t or_protocol_versions[]
int connection_or_get_num_circuits(or_connection_t *conn)
int connection_or_flushed_some(or_connection_t *conn)
const struct ed25519_public_key_t * connection_or_get_alleged_ed25519_id(const or_connection_t *conn)
int connection_or_nonopen_was_started_here(or_connection_t *conn)
static int disable_broken_connection_counts
or_connection_t * connection_or_connect(const tor_addr_t *_addr, uint16_t port, const char *id_digest, const ed25519_public_key_t *ed_id, channel_tls_t *chan)
void connection_or_close_for_error(or_connection_t *orconn, int flush)
const or_connection_t * CONST_TO_OR_CONN(const connection_t *c)
static strmap_t * broken_connection_counts
void connection_or_update_token_buckets(smartlist_t *conns, const or_options_t *options)
static void connection_or_get_state_description(or_connection_t *orconn, char *buf, size_t buflen)
void connection_or_group_set_badness_(smartlist_t *group, int force)
int connection_or_finished_connecting(or_connection_t *or_conn)
void connection_or_about_to_close(or_connection_t *or_conn)
static int broken_state_count_compare(const void **a_ptr, const void **b_ptr)
ssize_t connection_or_num_cells_writeable(or_connection_t *conn)
int connection_init_or_handshake_state(or_connection_t *conn, int started_here)
void connection_or_block_renegotiation(or_connection_t *conn)
void connection_or_clear_identity_map(void)
void connection_or_close_normally(or_connection_t *orconn, int flush)
static void connection_or_state_publish(const or_connection_t *conn, uint8_t state)
void connection_or_write_var_cell_to_buf(const var_cell_t *cell, or_connection_t *conn)
#define TIME_BEFORE_OR_CONN_IS_TOO_OLD
Header file for connection_or.c.
void control_event_bootstrap_prob_or(const char *warn, int reason, or_connection_t *or_conn)
int control_event_or_conn_status(or_connection_t *conn, or_conn_status_event_t tp, int reason)
Header file for control_events.c.
#define crypto_digest_free(d)
crypto_digest_t * crypto_digest256_new(digest_algorithm_t algorithm)
void crypto_digest_add_bytes(crypto_digest_t *digest, const char *data, size_t len)
int ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
int ed25519_pubkey_eq(const ed25519_public_key_t *key1, const ed25519_public_key_t *key2)
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
void memwipe(void *mem, uint8_t byte, size_t sz)
Common functions for cryptographic routines.
#define fast_memeq(a, b, c)
#define tor_memneq(a, b, sz)
int router_digest_is_fallback_dir(const char *digest)
Header file for dirlist.c.
void entry_guard_chan_failed(channel_t *chan)
Header file for circuitbuild.c.
HT_PROTOTYPE(hs_circuitmap_ht, circuit_t, hs_circuitmap_node, hs_circuit_hash_token, hs_circuits_have_same_token)
Header file containing service data for the HS subsystem.
typedef HT_HEAD(hs_service_ht, hs_service_t) hs_service_ht
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
#define log_fn(severity, domain, args,...)
void connection_watch_events(connection_t *conn, watchable_events_t events)
void connection_start_reading(connection_t *conn)
void connection_start_writing(connection_t *conn)
smartlist_t * get_connection_array(void)
void connection_stop_writing(connection_t *conn)
Header file for mainloop.c.
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
void tor_free_(void *mem)
int usable_consensus_flavor(void)
Header file for microdesc.c.
networkstatus_t * networkstatus_get_reasonably_live_consensus(time_t now, int flavor)
const routerstatus_t * router_get_consensus_status_by_id(const char *digest)
int32_t networkstatus_get_param(const networkstatus_t *ns, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
Header file for networkstatus.c.
void node_get_prim_orport(const node_t *node, tor_addr_port_t *ap_out)
const node_t * node_get_by_id(const char *identity_digest)
const char * node_get_nickname(const node_t *node)
bool node_supports_ed25519_link_authentication(const node_t *node, bool compatible_with_us)
int node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id)
void node_get_pref_ipv6_orport(const node_t *node, tor_addr_port_t *ap_out)
Header file for nodelist.c.
Master header file for Tor-specific functionality.
#define CELL_PAYLOAD_SIZE
#define VAR_CELL_MAX_HEADER_SIZE
#define CELL_MAX_NETWORK_SIZE
#define DOWNCAST(to, ptr)
OR handshake certs structure.
OR handshake state structure.
The or_state_t structure, which represents Tor's state file.
Header file for orconn_event.c.
#define OR_CONN_STATE_TLS_SERVER_RENEGOTIATING
#define OR_CONN_STATE_CONNECTING
#define OR_CONN_STATE_OR_HANDSHAKING_V2
#define OR_CONN_STATE_PROXY_HANDSHAKING
#define OR_CONN_STATE_TLS_HANDSHAKING
#define OR_CONN_STATE_OR_HANDSHAKING_V3
#define OR_CONN_STATE_OPEN
int tor_snprintf(char *str, size_t size, const char *format,...)
int fetch_var_cell_from_buf(buf_t *buf, var_cell_t **out, int linkproto)
void dirserv_orconn_tls_done(const tor_addr_t *addr, uint16_t or_port, const char *digest_rcvd, const ed25519_public_key_t *ed_id_rcvd)
Header file for reachability.c.
int tls_error_to_orconn_end_reason(int e)
int errno_to_orconn_end_reason(int e)
const char * orconn_end_reason_to_control_string(int r)
Header file for reasons.c.
Header for feature/relay/relay_handshake.c.
Header file for rendcommon.c.
void rep_hist_note_negotiated_link_proto(unsigned link_proto, int started_here)
void rep_hist_padding_count_write(padding_type_t type)
Header file for rephist.c.
@ PADDING_TYPE_ENABLED_CELL
@ PADDING_TYPE_ENABLED_TOTAL
int router_digest_is_me(const char *digest)
const routerinfo_t * router_get_my_routerinfo(void)
Header file for router.c.
Router descriptor structure.
int router_ed25519_id_is_me(const ed25519_public_key_t *id)
const routerinfo_t * router_get_by_id_digest(const char *digest)
Header file for routerlist.c.
int public_server_mode(const or_options_t *options)
int server_mode(const or_options_t *options)
Header file for routermode.c.
void scheduler_channel_wants_writes(channel_t *chan)
Header file for scheduler*.c.
void smartlist_sort(smartlist_t *sl, int(*compare)(const void **a, const void **b))
smartlist_t * smartlist_new(void)
void smartlist_add(smartlist_t *sl, void *element)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
uint8_t payload[CELL_PAYLOAD_SIZE]
struct ed25519_public_key_t ed25519_identity
unsigned int hold_open_until_flushed
uint64_t global_identifier
uint16_t marked_for_close
unsigned int potentially_used_for_bootstrapping
char identity_digest[DIGEST_LEN]
or_handshake_state_t * handshake_state
tor_addr_port_t canonical_orport
unsigned int is_canonical
struct tor_cert_st * own_link_cert
unsigned int started_here
unsigned int digest_sent_data
crypto_digest_t * digest_sent
or_handshake_certs_t * certs
char body[CELL_MAX_NETWORK_SIZE]
uint8_t payload[FLEXIBLE_ARRAY_MEMBER]
#define MOCK_IMPL(rv, funcname, arglist)
void token_bucket_rw_adjust(token_bucket_rw_t *bucket, uint32_t rate, uint32_t burst)
void token_bucket_rw_reset(token_bucket_rw_t *bucket, uint32_t now_ts_stamp)
tor_cert_t * tor_cert_dup(const tor_cert_t *cert)
or_handshake_certs_t * or_handshake_certs_new(void)
int tor_tls_is_server(tor_tls_t *tls)
void tor_tls_set_logged_address(tor_tls_t *tls, const char *address)
const char * tor_tls_err_to_string(int err)
int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity)
void tor_tls_block_renegotiation(tor_tls_t *tls)
int tor_tls_peer_has_cert(tor_tls_t *tls)
int tor_tls_used_v1_handshake(tor_tls_t *tls)
void tor_tls_set_renegotiate_callback(tor_tls_t *tls, void(*cb)(tor_tls_t *, void *arg), void *arg)
#define CASE_TOR_TLS_ERROR_ANY
int tor_tls_get_pending_bytes(tor_tls_t *tls)
int tor_tls_handshake(tor_tls_t *tls)
tor_tls_t * tor_tls_new(tor_socket_t sock, int is_server)
const char * tor_tls_get_last_error_msg(const tor_tls_t *tls)
void tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz)
#define tor_assert_nonfatal_unreached()
#define tor_fragile_assert()
#define IF_BUG_ONCE(cond)
int tor_digest_is_zero(const char *digest)
Variable-length cell structure.
#define ED25519_BASE64_LEN