73#include "core/or/or_circuit_st.h"
82#include <event2/event.h>
83#include <event2/dns.h>
87#define RESOLVE_MAX_TIMEOUT 300
107 const char *hostname,
117#ifdef DEBUG_DNS_CACHE
118static void assert_cache_ok_(
void);
119#define assert_cache_ok() assert_cache_ok_()
121#define assert_cache_ok() STMT_NIL
129static uint64_t n_ipv6_requests_made = 0;
131static uint64_t n_ipv6_timeouts = 0;
133static int dns_is_broken_for_ipv6 = 0;
146static inline unsigned int
149 return (
unsigned) siphash24g((
const uint8_t*)a->
address, strlen(a->
address));
161 HT_INIT(cache_map, &cache_root);
169 static int all_down = 0;
173 log_info(LD_EXIT,
"eventdns: Resolve requested.");
178 if (!
strcmpstart(msg,
"Nameserver ") && (cp=strstr(msg,
" has failed: "))) {
179 char *ns = tor_strndup(msg+11, cp-(msg+11));
180 const char *colon = strchr(cp,
':');
182 const char *err = colon+2;
188 "NAMESERVER_STATUS NS=%s STATUS=DOWN ERR=%s",
192 (cp=strstr(msg,
" is back up"))) {
193 char *ns = tor_strndup(msg+11, cp-(msg+11));
197 "NAMESERVER_STATUS NS=%s STATUS=UP", ns);
199 }
else if (!strcmp(msg,
"All nameservers have failed")) {
202 }
else if (!
strcmpstart(msg,
"Address mismatch on received DNS")) {
203 static ratelim_t mismatch_limit = RATELIM_INIT(3600);
204 const char *src = strstr(msg,
" Apparent source");
209 "eventdns: Received a DNS packet from "
210 "an IP address to which we did not send a request. This "
211 "could be a DNS spoofing attempt, or some kind of "
212 "misconfiguration.%s", src);
215 tor_log(severity, LD_EXIT,
"eventdns: %s", msg);
253 log_err(
LD_BUG,
"Couldn't create an evdns_base");
292 r->
magic = 0xFF00FF00;
303 if (a->
expire < b->expire)
305 else if (a->
expire == b->expire)
320 const char *answer_hostname,
323 if (query_type == DNS_PTR) {
327 if (dns_result == DNS_ERR_NONE && answer_hostname) {
328 resolve->result_ptr.hostname = tor_strdup(answer_hostname);
335 }
else if (query_type == DNS_IPv4_A) {
339 if (dns_result == DNS_ERR_NONE && answer_addr &&
348 }
else if (query_type == DNS_IPv6_AAAA) {
352 if (dns_result == DNS_ERR_NONE && answer_addr &&
383 resolve->
expire = expires;
403 for (ptr = HT_START(cache_map, &cache_root); ptr != NULL; ptr = next) {
405 next = HT_NEXT_RMV(cache_map, &cache_root, ptr);
408 HT_CLEAR(cache_map, &cache_root);
429 if (resolve->
expire > now)
437 "Expiring a dns resolve %s that's still pending. Forgot to "
438 "cull it? DNS resolve didn't tell us about the timeout?",
442 "Forgetting old cached resolve (address %s, expires %lu)",
444 (
unsigned long)resolve->
expire);
453 "Closing pending connections on timed-out DNS resolve!");
459 pendconn = pend->conn;
473 removed = HT_REMOVE(cache_map, &cache_root, resolve);
474 if (removed != resolve) {
475 log_err(
LD_BUG,
"The expired resolve we purged didn't match any in"
476 " the cache. Tried to purge %s (%p); instead got %s (%p).",
477 resolve->
address, (
void*)resolve,
478 removed ? removed->
address :
"NULL", (
void*)removed);
487 tor_free(resolve->result_ptr.hostname);
488 resolve->
magic = 0xF0BBF0BB;
497#define RESOLVED_TYPE_AUTO 0xff
515 buf[0] = answer_type;
520 case RESOLVED_TYPE_AUTO:
522 cp[0] = RESOLVED_TYPE_IPV4;
530 cp[0] = RESOLVED_TYPE_IPV6;
532 memcpy(cp+2, bytes, 16);
540 answer_type = RESOLVED_TYPE_ERROR;
544 case RESOLVED_TYPE_ERROR_TRANSIENT:
545 case RESOLVED_TYPE_ERROR:
547 const char *errmsg =
"Error resolving hostname";
548 size_t msglen = strlen(errmsg);
550 buf[0] = answer_type;
552 strlcpy(buf+2, errmsg,
sizeof(buf)-2);
582 const char *hostname))
591 size_t namelen = strlen(hostname);
596 buf[0] = RESOLVED_TYPE_HOSTNAME;
597 buf[1] = (uint8_t)namelen;
598 memcpy(buf+2, hostname, namelen);
600 buflen = 2+namelen+4;
636 int made_connection_pending = 0;
637 char *hostname = NULL;
642 &made_connection_pending, &resolve);
677 (r == -1) ? RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT,
718 int *made_connection_pending_out,
726 time_t now = time(NULL);
732 *made_connection_pending_out = 0;
753 tor_log(LOG_PROTOCOL_WARN, LD_EXIT,
754 "Rejecting invalid destination address %s",
771 AF_UNSPEC, 0)) != 0) {
774 if (tor_addr_is_internal(&addr, 0))
778 if (!is_reverse || !is_resolve) {
780 log_info(LD_EXIT,
"Bad .in-addr.arpa address %s; sending error.",
782 else if (!is_resolve)
784 "Attempt to connect to a .in-addr.arpa address %s; "
797 resolve = HT_FIND(cache_map, &cache_root, &search);
798 if (resolve && resolve->
expire > now) {
799 switch (resolve->
state) {
802 pending_connection = tor_malloc_zero(
804 pending_connection->conn = exitconn;
807 *made_connection_pending_out = 1;
808 log_debug(LD_EXIT,
"Connection (fd "TOR_SOCKET_T_FORMAT
") waiting "
809 "for pending DNS resolve of %s", exitconn->base_.
s,
813 log_debug(LD_EXIT,
"Connection (fd "TOR_SOCKET_T_FORMAT
") found "
814 "cached answer for %s",
818 *resolve_out = resolve;
822 log_err(
LD_BUG,
"Found a 'DONE' dns resolve still in the cache.");
837 pending_connection->conn = exitconn;
839 *made_connection_pending_out = 1;
842 HT_INSERT(cache_map, &cache_root, resolve);
845 log_debug(LD_EXIT,
"Launching %s.",
871 char **hostname_out))
873 int ipv4_ok, ipv6_ok, answer_with_ipv4, r;
874 uint32_t begincell_flags;
882 *hostname_out = tor_strdup(resolve->result_ptr.hostname);
894 begincell_flags = exitconn->begincell_flags;
904 if (ipv4_ok && ipv6_ok && is_resolve) {
905 answer_with_ipv4 = 1;
906 }
else if (ipv4_ok && ipv6_ok) {
908 const uint16_t port = exitconn->base_.
port;
909 int ipv4_allowed, ipv6_allowed;
915 if (ipv4_allowed && !ipv6_allowed) {
916 answer_with_ipv4 = 1;
917 }
else if (ipv6_allowed && !ipv4_allowed) {
918 answer_with_ipv4 = 0;
922 answer_with_ipv4 = !(begincell_flags &
928 answer_with_ipv4 = 1;
929 }
else if (ipv6_ok) {
930 answer_with_ipv4 = 0;
933 answer_with_ipv4 = !(begincell_flags &
940 if (answer_with_ipv4) {
974 resolve = HT_FIND(cache_map, &cache_root, &search);
982 HT_FOREACH(resolve, cache_map, &cache_root) {
983 for (pend = (*resolve)->pending_connections; pend; pend = pend->next) {
1004 resolve = HT_FIND(cache_map, &cache_root, &search);
1006 log_notice(
LD_BUG,
"Address %s is not pending. Dropping.",
1016 if (pend->conn == conn) {
1019 log_debug(LD_EXIT,
"First connection (fd "TOR_SOCKET_T_FORMAT
") no "
1020 "longer waiting for resolve of %s",
1025 for ( ; pend->next; pend = pend->next) {
1026 if (pend->next->conn == conn) {
1027 victim = pend->next;
1028 pend->next = victim->next;
1031 "Connection (fd "TOR_SOCKET_T_FORMAT
") no longer waiting "
1032 "for resolve of %s",
1037 log_warn(
LD_BUG,
"Connection (fd "TOR_SOCKET_T_FORMAT
") was not waiting "
1038 "for a resolve of %s, but we tried to remove it.",
1058 resolve = HT_FIND(cache_map, &cache_root, &search);
1068 "Address %s is not pending but has pending connections!",
1077 "Address %s is pending but has no pending connections!",
1086 "Failing all connections waiting on DNS resolve of %s",
1091 pendconn = pend->conn;
1106 tmp = HT_REMOVE(cache_map, &cache_root, resolve);
1107 if (tmp != resolve) {
1108 log_err(
LD_BUG,
"The cancelled resolve we purged didn't match any in"
1109 " the cache. Tried to purge %s (%p); instead got %s (%p).",
1110 resolve->
address, (
void*)resolve,
1111 tmp ? tmp->
address :
"NULL", (
void*)tmp);
1141 const char *hostname, uint32_t ttl)
1150 resolve = HT_FIND(cache_map, &cache_root, &search);
1154 log_info(LD_EXIT,
"Resolved unasked address %s; ignoring.",
1166 "Resolved %s which was already resolved; ignoring",
1172 cached_resolve_add_answer(resolve, query_type, dns_answer,
1173 addr, hostname, ttl);
1198 char *hostname = NULL;
1200 pendconn = pend->conn;
1225 RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT,
1281 removed = HT_REMOVE(cache_map, &cache_root, resolve);
1282 if (removed != resolve) {
1283 log_err(
LD_BUG,
"The pending resolve we found wasn't removable from"
1284 " the cache. Tried to purge %s (%p); instead got %s (%p).",
1285 resolve->
address, (
void*)resolve,
1286 removed ? removed->
address :
"NULL", (
void*)removed);
1297 uint32_t ttl = UINT32_MAX;
1300 new_resolve->result_ptr.hostname =
1301 tor_strdup(resolve->result_ptr.hostname);
1306 HT_INSERT(cache_map, &cache_root, new_resolve);
1336 case DNS_ERR_SERVERFAILED:
1337 case DNS_ERR_TRUNCATED:
1338 case DNS_ERR_TIMEOUT:
1354#ifdef HAVE_EVDNS_BASE_GET_NAMESERVER_ADDR
1360configured_nameserver_address(
const size_t idx)
1362 struct sockaddr_storage sa;
1363 ev_socklen_t sa_len =
sizeof(sa);
1366 (
struct sockaddr *)&sa,
1370 (
const struct sockaddr *)&sa,
1390#define EXIT_DNS_TIMEOUT_DEFAULT (1000)
1391#define EXIT_DNS_TIMEOUT_MIN (1)
1392#define EXIT_DNS_TIMEOUT_MAX (120000)
1394 EXIT_DNS_TIMEOUT_DEFAULT,
1395 EXIT_DNS_TIMEOUT_MIN,
1396 EXIT_DNS_TIMEOUT_MAX);
1404 val =
MAX(1, val / 1000);
1418#define EXIT_DNS_NUM_ATTEMPTS_DEFAULT (2)
1419#define EXIT_DNS_NUM_ATTEMPTS_MIN (0)
1420#define EXIT_DNS_NUM_ATTEMPTS_MAX (255)
1422 EXIT_DNS_NUM_ATTEMPTS_DEFAULT,
1423 EXIT_DNS_NUM_ATTEMPTS_MIN,
1424 EXIT_DNS_NUM_ATTEMPTS_MAX);
1441#define SET(k,v) evdns_base_set_option(the_evdns_base, (k), (v))
1451 SET(
"max-timeouts:",
"1000000");
1453 SET(
"max-timeouts:",
"10");
1462 SET(
"max-inflight:",
"8192");
1479 SET(
"randomize-case:",
"1");
1481 SET(
"randomize-case:",
"0");
1496 const char *conf_fname;
1503 conf_fname =
"/etc/resolv.conf";
1505 flags = DNS_OPTIONS_ALL;
1509 log_err(
LD_BUG,
"Couldn't create an evdns_base");
1516 log_debug(
LD_FS,
"stat()ing %s", conf_fname);
1517 int missing_resolv_conf = 0;
1521 log_warn(LD_EXIT,
"Unable to stat resolver configuration in '%s': %s",
1522 conf_fname, strerror(errno));
1523 missing_resolv_conf = 1;
1527 log_info(LD_EXIT,
"No change to '%s'", conf_fname);
1531 if (stat_res == 0 && st.st_size == 0)
1532 missing_resolv_conf = 1;
1538#if defined(DNS_OPTION_HOSTSFILE) && defined(USE_LIBSECCOMP)
1539 if (flags & DNS_OPTION_HOSTSFILE) {
1540 flags ^= DNS_OPTION_HOSTSFILE;
1541 log_debug(
LD_FS,
"Loading /etc/hosts");
1547 if (!missing_resolv_conf) {
1548 log_info(LD_EXIT,
"Parsing resolver configuration in '%s'", conf_fname);
1551 log_warn(LD_EXIT,
"Unable to parse '%s', or no nameservers "
1552 "in '%s' (%d)", conf_fname, conf_fname, r);
1559 log_warn(LD_EXIT,
"Unable to find any nameservers in '%s'.",
1567 log_warn(LD_EXIT,
"Could not read your DNS config from '%s' - "
1568 "please investigate your DNS configuration. "
1569 "This is possibly a problem. Meanwhile, falling"
1570 " back to local DNS at 127.0.0.1.", conf_fname);
1584 log_warn(LD_EXIT,
"Could not config nameservers.");
1588 log_warn(LD_EXIT,
"Unable to find any platform nameservers in "
1589 "your Windows configuration.");
1631 uint8_t orig_query_type = arg_[0];
1632 char *string_address = arg_ + 1;
1634 const char *hostname = NULL;
1635 int was_wildcarded = 0;
1640 if (type == DNS_IPv6_AAAA) {
1641 if (result == DNS_ERR_TIMEOUT) {
1645 if (n_ipv6_timeouts > 10 &&
1646 n_ipv6_timeouts > n_ipv6_requests_made / 2) {
1647 if (! dns_is_broken_for_ipv6) {
1648 log_notice(LD_EXIT,
"More than half of our IPv6 requests seem to "
1649 "have timed out. I'm going to assume I can't get AAAA "
1651 dns_is_broken_for_ipv6 = 1;
1656 if (result == DNS_ERR_NONE) {
1657 if (type == DNS_IPv4_A && count) {
1659 char *escaped_address;
1660 uint32_t *addrs = addresses;
1667 log_debug(LD_EXIT,
"eventdns said that %s resolves to ISP-hijacked "
1668 "address %s; treating as a failure.",
1669 safe_str(escaped_address),
1673 result = DNS_ERR_NOTEXIST;
1675 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1676 safe_str(escaped_address),
1680 }
else if (type == DNS_IPv6_AAAA && count) {
1682 char *escaped_address;
1684 struct in6_addr *addrs = addresses;
1687 sizeof(answer_buf));
1690 if (BUG(ip_str == NULL)) {
1691 log_warn(LD_EXIT,
"tor_inet_ntop() failed!");
1692 result = DNS_ERR_NOTEXIST;
1694 log_debug(LD_EXIT,
"eventdns said that %s resolves to ISP-hijacked "
1695 "address %s; treating as a failure.",
1696 safe_str(escaped_address),
1700 result = DNS_ERR_NOTEXIST;
1702 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1703 safe_str(escaped_address),
1707 }
else if (type == DNS_PTR && count) {
1708 char *escaped_address;
1709 hostname = ((
char**)addresses)[0];
1711 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1712 safe_str(escaped_address),
1716 log_info(LD_EXIT,
"eventdns returned only unrecognized answer types "
1720 log_info(LD_EXIT,
"eventdns returned no addresses or error for %s.",
1724 if (was_wildcarded) {
1732 if (orig_query_type && type && orig_query_type != type) {
1733 log_warn(
LD_BUG,
"Weird; orig_query_type == %d but type == %d",
1734 (
int)orig_query_type, (
int)type);
1736 if (result != DNS_ERR_SHUTDOWN)
1755 : DNS_QUERY_NO_SEARCH;
1756 const size_t addr_len = strlen(address);
1757 struct evdns_request *req = 0;
1758 char *addr = tor_malloc(addr_len + 2);
1759 addr[0] = (char) query_type;
1760 memcpy(addr+1, address, addr_len + 1);
1765 switch (query_type) {
1773 ++n_ipv6_requests_made;
1779 DNS_QUERY_NO_SEARCH,
1784 DNS_QUERY_NO_SEARCH,
1787 log_warn(
LD_BUG,
"Called with PTR query and unexpected address family");
1790 log_warn(
LD_BUG,
"Called with unexpected query type %d", (
int)query_type);
1816 log_warn(LD_EXIT,
"(Harmless.) Nameservers not configured, but resolve "
1817 "launched. Configuring.");
1824 &a, resolve->
address, AF_UNSPEC, 0);
1828 log_info(LD_EXIT,
"Launching eventdns request for %s",
1835 resolve->res_status_ipv4 = 0;
1842 resolve->res_status_ipv6 = 0;
1846 }
else if (r == 1) {
1848 log_info(LD_EXIT,
"Launching eventdns reverse request for %s",
1852 resolve->res_status_hostname = 0;
1855 }
else if (r == -1) {
1856 log_warn(
LD_BUG,
"Somehow a malformed in-addr.arpa address reached here.");
1860 log_fn(LOG_PROTOCOL_WARN, LD_EXIT,
"eventdns rejected address %s.",
1905 ip = tor_malloc_zero(
sizeof(
int));
1914 "Your DNS provider has given \"%s\" as an answer for %d different "
1915 "invalid addresses. Apparently they are hijacking DNS failures. "
1916 "I'll try to correct for this by treating future occurrences of "
1917 "\"%s\" as 'not found'.",
id, *ip,
id);
1931 int n, n_test_addrs;
1940 smartlist_len(
get_options()->ServerDNSTestAddresses) : 0;
1944 if (n > n_test_addrs/2) {
1946 LD_EXIT,
"Your DNS provider tried to redirect \"%s\" to a junk "
1947 "address. It has done this with %d test addresses so far. I'm "
1948 "going to stop being an exit node for now, since our DNS seems so "
1949 "broken.", address, n);
1964 void *addresses,
void *arg)
1969 if (result == DNS_ERR_NONE && count) {
1970 char *string_address = arg;
1972 if (type == DNS_IPv4_A) {
1973 const uint32_t *addrs = addresses;
1974 for (i = 0; i < count; ++i) {
1978 in.s_addr = addrs[i];
1979 ntoa_res =
tor_inet_ntoa(&in, answer_buf,
sizeof(answer_buf));
1980 tor_assert_nonfatal(ntoa_res >= 0);
1984 }
else if (type == DNS_IPv6_AAAA) {
1985 const struct in6_addr *addrs = addresses;
1986 for (i = 0; i < count; ++i) {
1989 sizeof(answer_buf));
1990 tor_assert_nonfatal(ip_str);
1997 "Your DNS provider gave an answer for \"%s\", which "
1998 "is not supposed to exist. Apparently they are hijacking "
1999 "DNS failures. Trying to correct for this. We've noticed %d "
2000 "possibly bad address%s so far.",
2016 struct evdns_request *req;
2019 log_info(LD_EXIT,
"Testing whether our DNS server is hijacking nonexistent "
2020 "domains with request for bogus hostname \"%s\"", addr);
2024 req = evdns_base_resolve_ipv6(
2031 req = evdns_base_resolve_ipv4(
2056 log_info(LD_EXIT,
"Launching checks to see whether our nameservers like to "
2057 "hijack *everything*.");
2065 const char *, address) {
2067 log_info(LD_EXIT,
"eventdns rejected test address %s",
2072 log_info(LD_EXIT,
"eventdns rejected test address %s",
2075 } SMARTLIST_FOREACH_END(address);
2079#define N_WILDCARD_CHECKS 2
2089 log_info(LD_EXIT,
"Launching checks to see whether our nameservers like "
2090 "to hijack DNS failures.");
2091 for (ipv6 = 0; ipv6 <= 1; ++ipv6) {
2092 for (i = 0; i < N_WILDCARD_CHECKS; ++i) {
2119 static struct event *launch_event = NULL;
2132 if (evtimer_add(launch_event, &
timeout) < 0) {
2133 log_warn(
LD_BUG,
"Couldn't add timer for checking for dns hijacking");
2148 return dns_is_broken_for_ipv6;
2160 n_ipv6_requests_made = n_ipv6_timeouts = 0;
2173 dns_is_broken_for_ipv6 = 0;
2199 if (resolve->is_reverse)
2212 return HT_SIZE(&cache_root);
2217dns_cache_total_allocation(
void)
2220 HT_MEM_USAGE(&cache_root);
2229 size_t hash_mem = dns_cache_total_allocation();
2234 tor_log(severity,
LD_MM,
"Our DNS cache has %d entries.", hash_count);
2235 tor_log(severity,
LD_MM,
"Our DNS cache size is approximately %u bytes.",
2236 (
unsigned)hash_mem);
2243dns_cache_handle_oom(time_t now,
size_t min_remove_bytes)
2245 time_t time_inc = 0;
2246 size_t total_bytes_removed = 0;
2247 size_t current_size = dns_cache_total_allocation();
2255 time_t cutoff = now + time_inc;
2259 size_t bytes_removed = current_size - dns_cache_total_allocation();
2260 current_size -= bytes_removed;
2261 total_bytes_removed += bytes_removed;
2265 }
while (total_bytes_removed < min_remove_bytes);
2267 return total_bytes_removed;
2270#ifdef DEBUG_DNS_CACHE
2273assert_cache_ok_(
void)
2276 int bad_rep = HT_REP_IS_BAD_(cache_map, &cache_root);
2278 log_err(
LD_BUG,
"Bad rep type %d on dns cache hash table", bad_rep);
2282 HT_FOREACH(resolve, cache_map, &cache_root) {
2296 cached_resolve_t *found = HT_FIND(cache_map, &cache_root, res);
2297 tor_assert(!found || found != res);
2299 cached_resolve_t *found = HT_FIND(cache_map, &cache_root, res);
2310 return HT_FIND(cache_map, &cache_root, query);
2316 HT_INSERT(cache_map, &cache_root, new_entry);
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
void tor_addr_from_ipv4n(tor_addr_t *dest, uint32_t v4addr)
void tor_addr_make_unspec(tor_addr_t *a)
int tor_addr_parse(tor_addr_t *addr, const char *src)
int tor_addr_parse_PTR_name(tor_addr_t *result, const char *address, int family, int accept_regular)
void tor_addr_from_in6(tor_addr_t *dest, const struct in6_addr *in6)
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
int tor_addr_from_sockaddr(tor_addr_t *a, const struct sockaddr *sa, uint16_t *port_out)
static const struct in_addr * tor_addr_to_in(const tor_addr_t *a)
static sa_family_t tor_addr_family(const tor_addr_t *a)
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
static const struct in6_addr * tor_addr_to_in6(const tor_addr_t *a)
#define tor_addr_from_ipv4h(dest, v4addr)
static void set_uint32(void *cp, uint32_t v)
circuit_t * circuit_get_by_edge_conn(edge_connection_t *conn)
or_circuit_t * TO_OR_CIRCUIT(circuit_t *x)
Header file for circuitlist.c.
#define CIRCUIT_IS_ORIGIN(c)
void circuit_detach_stream(circuit_t *circ, edge_connection_t *conn)
Header file for circuituse.c.
struct event_base * tor_libevent_get_base(void)
Header for compat_libevent.c.
const char * escaped_safe_str(const char *address)
const or_options_t * get_options(void)
Header file for config.c.
void conflux_update_resolving_streams(or_circuit_t *circ, edge_connection_t *stream)
void conflux_update_n_streams(or_circuit_t *circ, edge_connection_t *stream)
Header file for conflux_util.c.
void assert_connection_ok(connection_t *conn, time_t now)
void connection_free_(connection_t *conn)
Header file for connection.c.
uint32_t clip_dns_fuzzy_ttl(uint32_t ttl)
void connection_exit_connect(edge_connection_t *edge_conn)
int connection_edge_end(edge_connection_t *conn, uint8_t reason)
Header file for connection_edge.c.
#define EXIT_CONN_STATE_CONNECTING
int address_is_invalid_destination(const char *address, int client)
#define BEGIN_FLAG_IPV6_PREFERRED
#define EXIT_CONN_STATE_RESOLVEFAILED
#define EXIT_PURPOSE_CONNECT
#define BEGIN_FLAG_IPV4_NOT_OK
#define EXIT_CONN_STATE_RESOLVING
#define BEGIN_FLAG_IPV6_OK
#define EXIT_PURPOSE_RESOLVE
int control_event_server_status(int severity, const char *format,...)
Header file for control_events.c.
char * crypto_random_hostname(int min_rand_len, int max_rand_len, const char *prefix, const char *suffix)
Common functions for using (pseudo-)random number generators.
static int dns_wildcard_notice_given
STATIC int set_exitconn_info_from_resolve(edge_connection_t *exitconn, const cached_resolve_t *resolve, char **hostname_out)
static const char * get_consensus_param_exit_dns_attempts(void)
static int dns_wildcard_one_notice_given
static int nameservers_configured
static unsigned int cached_resolve_hash(cached_resolve_t *a)
static void add_wildcarded_test_address(const char *address)
static int nameserver_config_failed
static void dns_launch_wildcard_checks(void)
static void assert_resolve_ok(cached_resolve_t *resolve)
static char * resolv_conf_fname
void dns_new_consensus_params(const networkstatus_t *ns)
static int dns_cache_entry_count(void)
int dns_seems_to_be_broken(void)
STATIC void send_resolved_cell(edge_connection_t *conn, uint8_t answer_type, const cached_resolve_t *resolved)
void dns_reset_correctness_checks(void)
STATIC void send_resolved_hostname_cell(edge_connection_t *conn, const char *hostname)
static int n_wildcard_requests
static void init_cache_map(void)
static struct evdns_base * the_evdns_base
static void evdns_callback(int result, char type, int count, int ttl, void *addresses, void *arg)
static int configure_nameservers(int force)
static void inform_pending_connections(cached_resolve_t *resolve)
static smartlist_t * dns_wildcard_list
static void evdns_wildcard_check_callback(int result, char type, int count, int ttl, void *addresses, void *arg)
#define RESOLVE_MAX_TIMEOUT
static void purge_expired_resolves(time_t now)
STATIC void dns_cancel_pending_resolve(const char *address)
static int evdns_err_is_transient(int err)
size_t number_of_configured_nameservers(void)
void connection_dns_remove(edge_connection_t *conn)
static smartlist_t * dns_wildcarded_test_address_list
int has_dns_init_failed(void)
static int dns_is_completely_invalid
void dump_dns_mem_usage(int severity)
static void free_cached_resolve_(cached_resolve_t *r)
STATIC int dns_resolve_impl(edge_connection_t *exitconn, int is_resolve, or_circuit_t *oncirc, char **hostname_out, int *made_connection_pending_out, cached_resolve_t **resolve_out)
static void launch_test_addresses(evutil_socket_t fd, short event, void *args)
static int dns_wildcarded_test_address_notice_given
static int launch_one_resolve(const char *address, uint8_t query_type, const tor_addr_t *ptr_address)
static void evdns_log_cb(int warn, const char *msg)
static int answer_is_wildcarded(const char *ip)
STATIC int launch_resolve(cached_resolve_t *resolve)
int dns_seems_to_be_broken_for_ipv6(void)
int dns_resolve(edge_connection_t *exitconn)
static strmap_t * dns_wildcard_response_count
static const char * get_consensus_param_exit_dns_timeout(void)
static time_t resolv_conf_mtime
static void launch_wildcard_check(int min_len, int max_len, int is_ipv6, const char *suffix)
static int is_test_address(const char *address)
static void configure_libevent_options(void)
static int compare_cached_resolves_by_expiry_(const void *_a, const void *_b)
static void make_pending_resolve_cached(cached_resolve_t *cached)
void dns_launch_correctness_checks(void)
static smartlist_t * cached_resolve_pqueue
static int cached_resolve_have_all_answers(const cached_resolve_t *resolve)
static void set_expiry(cached_resolve_t *resolve, time_t expires)
static void dns_found_answer(const char *address, uint8_t query_type, int dns_answer, const tor_addr_t *addr, const char *hostname, uint32_t ttl)
static HT_HEAD(cache_map, cached_resolve_t)
void assert_connection_edge_not_dns_pending(edge_connection_t *conn)
static void wildcard_increment_answer(const char *id)
#define CACHE_STATE_PENDING
#define RES_STATUS_DONE_OK
#define CACHED_RESOLVE_MAGIC
#define CACHE_STATE_CACHED
#define RES_STATUS_DONE_ERR
#define RES_STATUS_INFLIGHT
Edge-connection structure.
char * esc_for_log(const char *s)
const char * escaped(const char *s)
HT_PROTOTYPE(hs_circuitmap_ht, circuit_t, hs_circuitmap_node, hs_circuit_hash_token, hs_circuits_have_same_token)
int tor_inet_ntoa(const struct in_addr *in, char *buf, size_t buf_len)
const char * tor_inet_ntop(int af, const void *src, char *dst, size_t len)
#define INET_NTOA_BUF_LEN
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
#define log_fn(severity, domain, args,...)
#define log_fn_ratelim(ratelim, severity, domain, args,...)
void dns_servers_relaunch_checks(void)
Header file for mainloop.c.
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
void tor_free_(void *mem)
int net_is_disabled(void)
int32_t networkstatus_get_param(const networkstatus_t *ns, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
Header file for networkstatus.c.
Master header file for Tor-specific functionality.
#define RELAY_PAYLOAD_SIZE
Header file for policies.c.
int tor_snprintf(char *str, size_t size, const char *format,...)
int connection_edge_send_command(edge_connection_t *fromconn, uint8_t relay_command, const char *payload, size_t payload_len)
void rep_hist_note_dns_error(int type, uint8_t error)
void rep_hist_note_dns_request(int type)
Header file for rephist.c.
int router_compare_to_my_exit_policy(const tor_addr_t *addr, uint16_t port)
void mark_my_descriptor_dirty(const char *reason)
int router_my_exit_policy_is_reject_star(void)
Header file for router.c.
int server_mode(const or_options_t *options)
Header file for routermode.c.
Header file for sandbox.c.
#define sandbox_intern_string(s)
void smartlist_pqueue_assert_ok(smartlist_t *sl, int(*compare)(const void *a, const void *b), ptrdiff_t idx_field_offset)
int smartlist_contains_string_case(const smartlist_t *sl, const char *element)
void * smartlist_pqueue_pop(smartlist_t *sl, int(*compare)(const void *a, const void *b), ptrdiff_t idx_field_offset)
void smartlist_pqueue_add(smartlist_t *sl, int(*compare)(const void *a, const void *b), ptrdiff_t idx_field_offset, void *item)
int smartlist_contains_string(const smartlist_t *sl, const char *element)
void smartlist_add_strdup(struct smartlist_t *sl, const char *string)
smartlist_t * smartlist_new(void)
void smartlist_clear(smartlist_t *sl)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
union cached_resolve_t::@24 result_ipv4
struct in6_addr addr_ipv6
union cached_resolve_t::@25 result_ipv6
char address[MAX_ADDRESSLEN]
pending_connection_t * pending_connections
uint16_t marked_for_close
unsigned int is_reverse_dns_lookup
struct edge_connection_t * next_stream
struct circuit_t * on_circuit
edge_connection_t * resolving_streams
edge_connection_t * n_streams
char * ServerDNSResolvConfFile
struct smartlist_t * ServerDNSTestAddresses
int ServerDNSSearchDomains
#define MOCK_IMPL(rv, funcname, arglist)
#define tor_fragile_assert()
void tor_strlower(char *s)
int strcmpstart(const char *s1, const char *s2)
int tor_strisnonupper(const char *s)