73#include "core/or/or_circuit_st.h"
82#include <event2/event.h>
83#include <event2/dns.h>
87#define RESOLVE_MAX_TIMEOUT 300
107 const char *hostname,
117#ifdef DEBUG_DNS_CACHE
118static void assert_cache_ok_(
void);
119#define assert_cache_ok() assert_cache_ok_()
121#define assert_cache_ok() STMT_NIL
129static uint64_t n_ipv6_requests_made = 0;
131static uint64_t n_ipv6_timeouts = 0;
133static int dns_is_broken_for_ipv6 = 0;
146static inline unsigned int
149 return (
unsigned) siphash24g((
const uint8_t*)a->
address, strlen(a->
address));
161 HT_INIT(cache_map, &cache_root);
169 static int all_down = 0;
173 log_info(LD_EXIT,
"eventdns: Resolve requested.");
178 if (!
strcmpstart(msg,
"Nameserver ") && (cp=strstr(msg,
" has failed: "))) {
179 char *ns = tor_strndup(msg+11, cp-(msg+11));
180 const char *colon = strchr(cp,
':');
182 const char *err = colon+2;
188 "NAMESERVER_STATUS NS=%s STATUS=DOWN ERR=%s",
192 (cp=strstr(msg,
" is back up"))) {
193 char *ns = tor_strndup(msg+11, cp-(msg+11));
197 "NAMESERVER_STATUS NS=%s STATUS=UP", ns);
199 }
else if (!strcmp(msg,
"All nameservers have failed")) {
202 }
else if (!
strcmpstart(msg,
"Address mismatch on received DNS")) {
203 static ratelim_t mismatch_limit = RATELIM_INIT(3600);
204 const char *src = strstr(msg,
" Apparent source");
209 "eventdns: Received a DNS packet from "
210 "an IP address to which we did not send a request. This "
211 "could be a DNS spoofing attempt, or some kind of "
212 "misconfiguration.%s", src);
215 tor_log(severity, LD_EXIT,
"eventdns: %s", msg);
253 log_err(
LD_BUG,
"Couldn't create an evdns_base");
292 r->
magic = 0xFF00FF00;
303 if (a->
expire < b->expire)
305 else if (a->
expire == b->expire)
320 const char *answer_hostname,
323 if (query_type == DNS_PTR) {
327 if (dns_result == DNS_ERR_NONE && answer_hostname) {
328 resolve->result_ptr.hostname = tor_strdup(answer_hostname);
335 }
else if (query_type == DNS_IPv4_A) {
339 if (dns_result == DNS_ERR_NONE && answer_addr &&
348 }
else if (query_type == DNS_IPv6_AAAA) {
352 if (dns_result == DNS_ERR_NONE && answer_addr &&
383 resolve->
expire = expires;
403 for (ptr = HT_START(cache_map, &cache_root); ptr != NULL; ptr = next) {
405 next = HT_NEXT_RMV(cache_map, &cache_root, ptr);
408 HT_CLEAR(cache_map, &cache_root);
429 if (resolve->
expire > now)
437 "Expiring a dns resolve %s that's still pending. Forgot to "
438 "cull it? DNS resolve didn't tell us about the timeout?",
442 "Forgetting old cached resolve (address %s, expires %lu)",
444 (
unsigned long)resolve->
expire);
453 "Closing pending connections on timed-out DNS resolve!");
459 pendconn = pend->conn;
473 removed = HT_REMOVE(cache_map, &cache_root, resolve);
474 if (removed != resolve) {
475 log_err(
LD_BUG,
"The expired resolve we purged didn't match any in"
476 " the cache. Tried to purge %s (%p); instead got %s (%p).",
477 resolve->
address, (
void*)resolve,
478 removed ? removed->
address :
"NULL", (
void*)removed);
487 tor_free(resolve->result_ptr.hostname);
488 resolve->
magic = 0xF0BBF0BB;
497#define RESOLVED_TYPE_AUTO 0xff
517 buf[0] = answer_type;
522 case RESOLVED_TYPE_AUTO:
524 cp[0] = RESOLVED_TYPE_IPV4;
532 cp[0] = RESOLVED_TYPE_IPV6;
534 memcpy(cp+2, bytes, 16);
542 answer_type = RESOLVED_TYPE_ERROR;
546 case RESOLVED_TYPE_ERROR_TRANSIENT:
547 case RESOLVED_TYPE_ERROR:
549 const char *errmsg =
"Error resolving hostname";
550 size_t msglen = strlen(errmsg);
552 buf[0] = answer_type;
554 strlcpy(buf+2, errmsg,
sizeof(buf)-2);
584 const char *hostname))
593 size_t namelen = strlen(hostname);
595 if (BUG(namelen >= 256)) {
600 buf[0] = RESOLVED_TYPE_HOSTNAME;
601 buf[1] = (uint8_t)namelen;
602 memcpy(buf+2, hostname, namelen);
604 buflen = 2+namelen+4;
640 int made_connection_pending = 0;
641 char *hostname = NULL;
646 &made_connection_pending, &resolve);
681 (r == -1) ? RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT,
722 int *made_connection_pending_out,
730 time_t now = time(NULL);
736 *made_connection_pending_out = 0;
757 tor_log(LOG_PROTOCOL_WARN, LD_EXIT,
758 "Rejecting invalid destination address %s",
775 AF_UNSPEC, 0)) != 0) {
778 if (tor_addr_is_internal(&addr, 0))
782 if (!is_reverse || !is_resolve) {
784 log_info(LD_EXIT,
"Bad .in-addr.arpa address %s; sending error.",
786 else if (!is_resolve)
788 "Attempt to connect to a .in-addr.arpa address %s; "
801 resolve = HT_FIND(cache_map, &cache_root, &search);
802 if (resolve && resolve->
expire > now) {
803 switch (resolve->
state) {
806 pending_connection = tor_malloc_zero(
808 pending_connection->conn = exitconn;
811 *made_connection_pending_out = 1;
812 log_debug(LD_EXIT,
"Connection (fd "TOR_SOCKET_T_FORMAT
") waiting "
813 "for pending DNS resolve of %s", exitconn->base_.
s,
817 log_debug(LD_EXIT,
"Connection (fd "TOR_SOCKET_T_FORMAT
") found "
818 "cached answer for %s",
822 *resolve_out = resolve;
826 log_err(
LD_BUG,
"Found a 'DONE' dns resolve still in the cache.");
841 pending_connection->conn = exitconn;
843 *made_connection_pending_out = 1;
846 HT_INSERT(cache_map, &cache_root, resolve);
849 log_debug(LD_EXIT,
"Launching %s.",
875 char **hostname_out))
877 int ipv4_ok, ipv6_ok, answer_with_ipv4, r;
878 uint32_t begincell_flags;
886 *hostname_out = tor_strdup(resolve->result_ptr.hostname);
898 begincell_flags = exitconn->begincell_flags;
908 if (ipv4_ok && ipv6_ok && is_resolve) {
909 answer_with_ipv4 = 1;
910 }
else if (ipv4_ok && ipv6_ok) {
912 const uint16_t port = exitconn->base_.
port;
913 int ipv4_allowed, ipv6_allowed;
919 if (ipv4_allowed && !ipv6_allowed) {
920 answer_with_ipv4 = 1;
921 }
else if (ipv6_allowed && !ipv4_allowed) {
922 answer_with_ipv4 = 0;
926 answer_with_ipv4 = !(begincell_flags &
932 answer_with_ipv4 = 1;
933 }
else if (ipv6_ok) {
934 answer_with_ipv4 = 0;
937 answer_with_ipv4 = !(begincell_flags &
944 if (answer_with_ipv4) {
978 resolve = HT_FIND(cache_map, &cache_root, &search);
986 HT_FOREACH(resolve, cache_map, &cache_root) {
987 for (pend = (*resolve)->pending_connections; pend; pend = pend->next) {
1008 resolve = HT_FIND(cache_map, &cache_root, &search);
1010 log_notice(
LD_BUG,
"Address %s is not pending. Dropping.",
1020 if (pend->conn == conn) {
1023 log_debug(LD_EXIT,
"First connection (fd "TOR_SOCKET_T_FORMAT
") no "
1024 "longer waiting for resolve of %s",
1029 for ( ; pend->next; pend = pend->next) {
1030 if (pend->next->conn == conn) {
1031 victim = pend->next;
1032 pend->next = victim->next;
1035 "Connection (fd "TOR_SOCKET_T_FORMAT
") no longer waiting "
1036 "for resolve of %s",
1041 log_warn(
LD_BUG,
"Connection (fd "TOR_SOCKET_T_FORMAT
") was not waiting "
1042 "for a resolve of %s, but we tried to remove it.",
1062 resolve = HT_FIND(cache_map, &cache_root, &search);
1072 "Address %s is not pending but has pending connections!",
1081 "Address %s is pending but has no pending connections!",
1090 "Failing all connections waiting on DNS resolve of %s",
1095 pendconn = pend->conn;
1110 tmp = HT_REMOVE(cache_map, &cache_root, resolve);
1111 if (tmp != resolve) {
1112 log_err(
LD_BUG,
"The cancelled resolve we purged didn't match any in"
1113 " the cache. Tried to purge %s (%p); instead got %s (%p).",
1114 resolve->
address, (
void*)resolve,
1115 tmp ? tmp->
address :
"NULL", (
void*)tmp);
1145 const char *hostname, uint32_t ttl)
1154 resolve = HT_FIND(cache_map, &cache_root, &search);
1158 log_info(LD_EXIT,
"Resolved unasked address %s; ignoring.",
1170 "Resolved %s which was already resolved; ignoring",
1176 cached_resolve_add_answer(resolve, query_type, dns_answer,
1177 addr, hostname, ttl);
1202 char *hostname = NULL;
1204 pendconn = pend->conn;
1229 RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT,
1285 removed = HT_REMOVE(cache_map, &cache_root, resolve);
1286 if (removed != resolve) {
1287 log_err(
LD_BUG,
"The pending resolve we found wasn't removable from"
1288 " the cache. Tried to purge %s (%p); instead got %s (%p).",
1289 resolve->
address, (
void*)resolve,
1290 removed ? removed->
address :
"NULL", (
void*)removed);
1301 uint32_t ttl = UINT32_MAX;
1304 new_resolve->result_ptr.hostname =
1305 tor_strdup(resolve->result_ptr.hostname);
1310 HT_INSERT(cache_map, &cache_root, new_resolve);
1340 case DNS_ERR_SERVERFAILED:
1341 case DNS_ERR_TRUNCATED:
1342 case DNS_ERR_TIMEOUT:
1358#ifdef HAVE_EVDNS_BASE_GET_NAMESERVER_ADDR
1364configured_nameserver_address(
const size_t idx)
1366 struct sockaddr_storage sa;
1367 ev_socklen_t sa_len =
sizeof(sa);
1370 (
struct sockaddr *)&sa,
1374 (
const struct sockaddr *)&sa,
1394#define EXIT_DNS_TIMEOUT_DEFAULT (1000)
1395#define EXIT_DNS_TIMEOUT_MIN (1)
1396#define EXIT_DNS_TIMEOUT_MAX (120000)
1398 EXIT_DNS_TIMEOUT_DEFAULT,
1399 EXIT_DNS_TIMEOUT_MIN,
1400 EXIT_DNS_TIMEOUT_MAX);
1408 val =
MAX(1, val / 1000);
1422#define EXIT_DNS_NUM_ATTEMPTS_DEFAULT (2)
1423#define EXIT_DNS_NUM_ATTEMPTS_MIN (0)
1424#define EXIT_DNS_NUM_ATTEMPTS_MAX (255)
1426 EXIT_DNS_NUM_ATTEMPTS_DEFAULT,
1427 EXIT_DNS_NUM_ATTEMPTS_MIN,
1428 EXIT_DNS_NUM_ATTEMPTS_MAX);
1445#define SET(k,v) evdns_base_set_option(the_evdns_base, (k), (v))
1455 SET(
"max-timeouts:",
"1000000");
1457 SET(
"max-timeouts:",
"10");
1466 SET(
"max-inflight:",
"8192");
1483 SET(
"randomize-case:",
"1");
1485 SET(
"randomize-case:",
"0");
1500 const char *conf_fname;
1507 conf_fname =
"/etc/resolv.conf";
1509 flags = DNS_OPTIONS_ALL;
1513 log_err(
LD_BUG,
"Couldn't create an evdns_base");
1520 log_debug(
LD_FS,
"stat()ing %s", conf_fname);
1521 int missing_resolv_conf = 0;
1525 log_warn(LD_EXIT,
"Unable to stat resolver configuration in '%s': %s",
1526 conf_fname, strerror(errno));
1527 missing_resolv_conf = 1;
1531 log_info(LD_EXIT,
"No change to '%s'", conf_fname);
1535 if (stat_res == 0 && st.st_size == 0)
1536 missing_resolv_conf = 1;
1542#if defined(DNS_OPTION_HOSTSFILE) && defined(USE_LIBSECCOMP)
1543 if (flags & DNS_OPTION_HOSTSFILE) {
1544 flags ^= DNS_OPTION_HOSTSFILE;
1545 log_debug(
LD_FS,
"Loading /etc/hosts");
1551 if (!missing_resolv_conf) {
1552 log_info(LD_EXIT,
"Parsing resolver configuration in '%s'", conf_fname);
1555 log_warn(LD_EXIT,
"Unable to parse '%s', or no nameservers "
1556 "in '%s' (%d)", conf_fname, conf_fname, r);
1563 log_warn(LD_EXIT,
"Unable to find any nameservers in '%s'.",
1571 log_warn(LD_EXIT,
"Could not read your DNS config from '%s' - "
1572 "please investigate your DNS configuration. "
1573 "This is possibly a problem. Meanwhile, falling"
1574 " back to local DNS at 127.0.0.1.", conf_fname);
1588 log_warn(LD_EXIT,
"Could not config nameservers.");
1592 log_warn(LD_EXIT,
"Unable to find any platform nameservers in "
1593 "your Windows configuration.");
1635 uint8_t orig_query_type = arg_[0];
1636 char *string_address = arg_ + 1;
1638 const char *hostname = NULL;
1639 int was_wildcarded = 0;
1644 if (type == DNS_IPv6_AAAA) {
1645 if (result == DNS_ERR_TIMEOUT) {
1649 if (n_ipv6_timeouts > 10 &&
1650 n_ipv6_timeouts > n_ipv6_requests_made / 2) {
1651 if (! dns_is_broken_for_ipv6) {
1652 log_notice(LD_EXIT,
"More than half of our IPv6 requests seem to "
1653 "have timed out. I'm going to assume I can't get AAAA "
1655 dns_is_broken_for_ipv6 = 1;
1660 if (result == DNS_ERR_NONE) {
1661 if (type == DNS_IPv4_A && count) {
1663 char *escaped_address;
1664 uint32_t *addrs = addresses;
1671 log_debug(LD_EXIT,
"eventdns said that %s resolves to ISP-hijacked "
1672 "address %s; treating as a failure.",
1673 safe_str(escaped_address),
1677 result = DNS_ERR_NOTEXIST;
1679 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1680 safe_str(escaped_address),
1684 }
else if (type == DNS_IPv6_AAAA && count) {
1686 char *escaped_address;
1688 struct in6_addr *addrs = addresses;
1691 sizeof(answer_buf));
1694 if (BUG(ip_str == NULL)) {
1695 log_warn(LD_EXIT,
"tor_inet_ntop() failed!");
1696 result = DNS_ERR_NOTEXIST;
1698 log_debug(LD_EXIT,
"eventdns said that %s resolves to ISP-hijacked "
1699 "address %s; treating as a failure.",
1700 safe_str(escaped_address),
1704 result = DNS_ERR_NOTEXIST;
1706 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1707 safe_str(escaped_address),
1711 }
else if (type == DNS_PTR && count) {
1712 char *escaped_address;
1713 hostname = ((
char**)addresses)[0];
1715 log_debug(LD_EXIT,
"eventdns said that %s resolves to %s",
1716 safe_str(escaped_address),
1720 log_info(LD_EXIT,
"eventdns returned only unrecognized answer types "
1724 log_info(LD_EXIT,
"eventdns returned no addresses or error for %s.",
1728 if (was_wildcarded) {
1736 if (orig_query_type && type && orig_query_type != type) {
1737 log_warn(
LD_BUG,
"Weird; orig_query_type == %d but type == %d",
1738 (
int)orig_query_type, (
int)type);
1740 if (result != DNS_ERR_SHUTDOWN)
1759 : DNS_QUERY_NO_SEARCH;
1760 const size_t addr_len = strlen(address);
1761 struct evdns_request *req = 0;
1762 char *addr = tor_malloc(addr_len + 2);
1763 addr[0] = (char) query_type;
1764 memcpy(addr+1, address, addr_len + 1);
1769 switch (query_type) {
1777 ++n_ipv6_requests_made;
1783 DNS_QUERY_NO_SEARCH,
1788 DNS_QUERY_NO_SEARCH,
1791 log_warn(
LD_BUG,
"Called with PTR query and unexpected address family");
1794 log_warn(
LD_BUG,
"Called with unexpected query type %d", (
int)query_type);
1820 log_warn(LD_EXIT,
"(Harmless.) Nameservers not configured, but resolve "
1821 "launched. Configuring.");
1828 &a, resolve->
address, AF_UNSPEC, 0);
1832 log_info(LD_EXIT,
"Launching eventdns request for %s",
1839 resolve->res_status_ipv4 = 0;
1846 resolve->res_status_ipv6 = 0;
1850 }
else if (r == 1) {
1852 log_info(LD_EXIT,
"Launching eventdns reverse request for %s",
1856 resolve->res_status_hostname = 0;
1859 }
else if (r == -1) {
1860 log_warn(
LD_BUG,
"Somehow a malformed in-addr.arpa address reached here.");
1864 log_fn(LOG_PROTOCOL_WARN, LD_EXIT,
"eventdns rejected address %s.",
1909 ip = tor_malloc_zero(
sizeof(
int));
1918 "Your DNS provider has given \"%s\" as an answer for %d different "
1919 "invalid addresses. Apparently they are hijacking DNS failures. "
1920 "I'll try to correct for this by treating future occurrences of "
1921 "\"%s\" as 'not found'.",
id, *ip,
id);
1935 int n, n_test_addrs;
1944 smartlist_len(
get_options()->ServerDNSTestAddresses) : 0;
1948 if (n > n_test_addrs/2) {
1950 LD_EXIT,
"Your DNS provider tried to redirect \"%s\" to a junk "
1951 "address. It has done this with %d test addresses so far. I'm "
1952 "going to stop being an exit node for now, since our DNS seems so "
1953 "broken.", address, n);
1968 void *addresses,
void *arg)
1973 if (result == DNS_ERR_NONE && count) {
1974 char *string_address = arg;
1976 if (type == DNS_IPv4_A) {
1977 const uint32_t *addrs = addresses;
1978 for (i = 0; i < count; ++i) {
1982 in.s_addr = addrs[i];
1983 ntoa_res =
tor_inet_ntoa(&in, answer_buf,
sizeof(answer_buf));
1984 tor_assert_nonfatal(ntoa_res >= 0);
1988 }
else if (type == DNS_IPv6_AAAA) {
1989 const struct in6_addr *addrs = addresses;
1990 for (i = 0; i < count; ++i) {
1993 sizeof(answer_buf));
1994 tor_assert_nonfatal(ip_str);
2001 "Your DNS provider gave an answer for \"%s\", which "
2002 "is not supposed to exist. Apparently they are hijacking "
2003 "DNS failures. Trying to correct for this. We've noticed %d "
2004 "possibly bad address%s so far.",
2020 struct evdns_request *req;
2023 log_info(LD_EXIT,
"Testing whether our DNS server is hijacking nonexistent "
2024 "domains with request for bogus hostname \"%s\"", addr);
2028 req = evdns_base_resolve_ipv6(
2035 req = evdns_base_resolve_ipv4(
2060 log_info(LD_EXIT,
"Launching checks to see whether our nameservers like to "
2061 "hijack *everything*.");
2069 const char *, address) {
2071 log_info(LD_EXIT,
"eventdns rejected test address %s",
2076 log_info(LD_EXIT,
"eventdns rejected test address %s",
2079 } SMARTLIST_FOREACH_END(address);
2083#define N_WILDCARD_CHECKS 2
2093 log_info(LD_EXIT,
"Launching checks to see whether our nameservers like "
2094 "to hijack DNS failures.");
2095 for (ipv6 = 0; ipv6 <= 1; ++ipv6) {
2096 for (i = 0; i < N_WILDCARD_CHECKS; ++i) {
2123 static struct event *launch_event = NULL;
2136 if (evtimer_add(launch_event, &
timeout) < 0) {
2137 log_warn(
LD_BUG,
"Couldn't add timer for checking for dns hijacking");
2152 return dns_is_broken_for_ipv6;
2164 n_ipv6_requests_made = n_ipv6_timeouts = 0;
2177 dns_is_broken_for_ipv6 = 0;
2203 if (resolve->is_reverse)
2216 return HT_SIZE(&cache_root);
2221dns_cache_total_allocation(
void)
2224 HT_MEM_USAGE(&cache_root);
2233 size_t hash_mem = dns_cache_total_allocation();
2238 tor_log(severity,
LD_MM,
"Our DNS cache has %d entries.", hash_count);
2239 tor_log(severity,
LD_MM,
"Our DNS cache size is approximately %u bytes.",
2240 (
unsigned)hash_mem);
2247dns_cache_handle_oom(time_t now,
size_t min_remove_bytes)
2249 time_t time_inc = 0;
2250 size_t total_bytes_removed = 0;
2251 size_t current_size = dns_cache_total_allocation();
2259 time_t cutoff = now + time_inc;
2263 size_t bytes_removed = current_size - dns_cache_total_allocation();
2264 current_size -= bytes_removed;
2265 total_bytes_removed += bytes_removed;
2269 }
while (total_bytes_removed < min_remove_bytes);
2271 return total_bytes_removed;
2274#ifdef DEBUG_DNS_CACHE
2277assert_cache_ok_(
void)
2280 int bad_rep = HT_REP_IS_BAD_(cache_map, &cache_root);
2282 log_err(
LD_BUG,
"Bad rep type %d on dns cache hash table", bad_rep);
2286 HT_FOREACH(resolve, cache_map, &cache_root) {
2300 cached_resolve_t *found = HT_FIND(cache_map, &cache_root, res);
2301 tor_assert(!found || found != res);
2303 cached_resolve_t *found = HT_FIND(cache_map, &cache_root, res);
2314 return HT_FIND(cache_map, &cache_root, query);
2320 HT_INSERT(cache_map, &cache_root, new_entry);
void tor_addr_copy(tor_addr_t *dest, const tor_addr_t *src)
void tor_addr_from_ipv4n(tor_addr_t *dest, uint32_t v4addr)
void tor_addr_make_unspec(tor_addr_t *a)
int tor_addr_parse(tor_addr_t *addr, const char *src)
int tor_addr_parse_PTR_name(tor_addr_t *result, const char *address, int family, int accept_regular)
void tor_addr_from_in6(tor_addr_t *dest, const struct in6_addr *in6)
const char * tor_addr_to_str(char *dest, const tor_addr_t *addr, size_t len, int decorate)
int tor_addr_from_sockaddr(tor_addr_t *a, const struct sockaddr *sa, uint16_t *port_out)
static const struct in_addr * tor_addr_to_in(const tor_addr_t *a)
static sa_family_t tor_addr_family(const tor_addr_t *a)
static uint32_t tor_addr_to_ipv4h(const tor_addr_t *a)
static const struct in6_addr * tor_addr_to_in6(const tor_addr_t *a)
#define tor_addr_from_ipv4h(dest, v4addr)
static void set_uint32(void *cp, uint32_t v)
circuit_t * circuit_get_by_edge_conn(edge_connection_t *conn)
or_circuit_t * TO_OR_CIRCUIT(circuit_t *x)
Header file for circuitlist.c.
#define CIRCUIT_IS_ORIGIN(c)
void circuit_detach_stream(circuit_t *circ, edge_connection_t *conn)
Header file for circuituse.c.
struct event_base * tor_libevent_get_base(void)
Header for compat_libevent.c.
const char * escaped_safe_str(const char *address)
const or_options_t * get_options(void)
Header file for config.c.
void conflux_update_resolving_streams(or_circuit_t *circ, edge_connection_t *stream)
void conflux_update_n_streams(or_circuit_t *circ, edge_connection_t *stream)
Header file for conflux_util.c.
void assert_connection_ok(connection_t *conn, time_t now)
void connection_free_(connection_t *conn)
Header file for connection.c.
uint32_t clip_dns_fuzzy_ttl(uint32_t ttl)
void connection_exit_connect(edge_connection_t *edge_conn)
int connection_edge_end(edge_connection_t *conn, uint8_t reason)
Header file for connection_edge.c.
#define EXIT_CONN_STATE_CONNECTING
int address_is_invalid_destination(const char *address, int client)
#define BEGIN_FLAG_IPV6_PREFERRED
#define EXIT_CONN_STATE_RESOLVEFAILED
#define EXIT_PURPOSE_CONNECT
#define BEGIN_FLAG_IPV4_NOT_OK
#define EXIT_CONN_STATE_RESOLVING
#define BEGIN_FLAG_IPV6_OK
#define EXIT_PURPOSE_RESOLVE
int control_event_server_status(int severity, const char *format,...)
Header file for control_events.c.
char * crypto_random_hostname(int min_rand_len, int max_rand_len, const char *prefix, const char *suffix)
Common functions for using (pseudo-)random number generators.
static int dns_wildcard_notice_given
STATIC int set_exitconn_info_from_resolve(edge_connection_t *exitconn, const cached_resolve_t *resolve, char **hostname_out)
static const char * get_consensus_param_exit_dns_attempts(void)
static int dns_wildcard_one_notice_given
static int nameservers_configured
static unsigned int cached_resolve_hash(cached_resolve_t *a)
static void add_wildcarded_test_address(const char *address)
static int nameserver_config_failed
static void dns_launch_wildcard_checks(void)
static void assert_resolve_ok(cached_resolve_t *resolve)
static char * resolv_conf_fname
void dns_new_consensus_params(const networkstatus_t *ns)
static int dns_cache_entry_count(void)
int dns_seems_to_be_broken(void)
STATIC void send_resolved_cell(edge_connection_t *conn, uint8_t answer_type, const cached_resolve_t *resolved)
void dns_reset_correctness_checks(void)
STATIC void send_resolved_hostname_cell(edge_connection_t *conn, const char *hostname)
static int n_wildcard_requests
static void init_cache_map(void)
static struct evdns_base * the_evdns_base
static void evdns_callback(int result, char type, int count, int ttl, void *addresses, void *arg)
static int configure_nameservers(int force)
static void inform_pending_connections(cached_resolve_t *resolve)
static smartlist_t * dns_wildcard_list
static void evdns_wildcard_check_callback(int result, char type, int count, int ttl, void *addresses, void *arg)
#define RESOLVE_MAX_TIMEOUT
static void purge_expired_resolves(time_t now)
STATIC void dns_cancel_pending_resolve(const char *address)
static int evdns_err_is_transient(int err)
size_t number_of_configured_nameservers(void)
void connection_dns_remove(edge_connection_t *conn)
static smartlist_t * dns_wildcarded_test_address_list
int has_dns_init_failed(void)
static int dns_is_completely_invalid
void dump_dns_mem_usage(int severity)
static void free_cached_resolve_(cached_resolve_t *r)
STATIC int dns_resolve_impl(edge_connection_t *exitconn, int is_resolve, or_circuit_t *oncirc, char **hostname_out, int *made_connection_pending_out, cached_resolve_t **resolve_out)
static void launch_test_addresses(evutil_socket_t fd, short event, void *args)
static int dns_wildcarded_test_address_notice_given
static int launch_one_resolve(const char *address, uint8_t query_type, const tor_addr_t *ptr_address)
static void evdns_log_cb(int warn, const char *msg)
static int answer_is_wildcarded(const char *ip)
STATIC int launch_resolve(cached_resolve_t *resolve)
int dns_seems_to_be_broken_for_ipv6(void)
int dns_resolve(edge_connection_t *exitconn)
static strmap_t * dns_wildcard_response_count
static const char * get_consensus_param_exit_dns_timeout(void)
static time_t resolv_conf_mtime
static void launch_wildcard_check(int min_len, int max_len, int is_ipv6, const char *suffix)
static int is_test_address(const char *address)
static void configure_libevent_options(void)
static int compare_cached_resolves_by_expiry_(const void *_a, const void *_b)
static void make_pending_resolve_cached(cached_resolve_t *cached)
void dns_launch_correctness_checks(void)
static smartlist_t * cached_resolve_pqueue
static int cached_resolve_have_all_answers(const cached_resolve_t *resolve)
static void set_expiry(cached_resolve_t *resolve, time_t expires)
static void dns_found_answer(const char *address, uint8_t query_type, int dns_answer, const tor_addr_t *addr, const char *hostname, uint32_t ttl)
static HT_HEAD(cache_map, cached_resolve_t)
void assert_connection_edge_not_dns_pending(edge_connection_t *conn)
static void wildcard_increment_answer(const char *id)
#define CACHE_STATE_PENDING
#define RES_STATUS_DONE_OK
#define CACHED_RESOLVE_MAGIC
#define CACHE_STATE_CACHED
#define RES_STATUS_DONE_ERR
#define RES_STATUS_INFLIGHT
Edge-connection structure.
char * esc_for_log(const char *s)
const char * escaped(const char *s)
HT_PROTOTYPE(hs_circuitmap_ht, circuit_t, hs_circuitmap_node, hs_circuit_hash_token, hs_circuits_have_same_token)
int tor_inet_ntoa(const struct in_addr *in, char *buf, size_t buf_len)
const char * tor_inet_ntop(int af, const void *src, char *dst, size_t len)
#define INET_NTOA_BUF_LEN
void tor_log(int severity, log_domain_mask_t domain, const char *format,...)
#define log_fn(severity, domain, args,...)
#define log_fn_ratelim(ratelim, severity, domain, args,...)
void dns_servers_relaunch_checks(void)
Header file for mainloop.c.
void * tor_reallocarray_(void *ptr, size_t sz1, size_t sz2)
void tor_free_(void *mem)
int net_is_disabled(void)
int32_t networkstatus_get_param(const networkstatus_t *ns, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val)
Header file for networkstatus.c.
Master header file for Tor-specific functionality.
#define RELAY_PAYLOAD_SIZE_MIN
#define RELAY_PAYLOAD_SIZE_MAX
Header file for policies.c.
int tor_snprintf(char *str, size_t size, const char *format,...)
int connection_edge_send_command(edge_connection_t *fromconn, uint8_t relay_command, const char *payload, size_t payload_len)
void rep_hist_note_dns_error(int type, uint8_t error)
void rep_hist_note_dns_request(int type)
Header file for rephist.c.
int router_compare_to_my_exit_policy(const tor_addr_t *addr, uint16_t port)
void mark_my_descriptor_dirty(const char *reason)
int router_my_exit_policy_is_reject_star(void)
Header file for router.c.
int server_mode(const or_options_t *options)
Header file for routermode.c.
Header file for sandbox.c.
#define sandbox_intern_string(s)
void smartlist_pqueue_assert_ok(smartlist_t *sl, int(*compare)(const void *a, const void *b), ptrdiff_t idx_field_offset)
int smartlist_contains_string_case(const smartlist_t *sl, const char *element)
void * smartlist_pqueue_pop(smartlist_t *sl, int(*compare)(const void *a, const void *b), ptrdiff_t idx_field_offset)
void smartlist_pqueue_add(smartlist_t *sl, int(*compare)(const void *a, const void *b), ptrdiff_t idx_field_offset, void *item)
int smartlist_contains_string(const smartlist_t *sl, const char *element)
void smartlist_add_strdup(struct smartlist_t *sl, const char *string)
smartlist_t * smartlist_new(void)
void smartlist_clear(smartlist_t *sl)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
union cached_resolve_t::@24 result_ipv4
struct in6_addr addr_ipv6
union cached_resolve_t::@25 result_ipv6
char address[MAX_ADDRESSLEN]
pending_connection_t * pending_connections
uint16_t marked_for_close
unsigned int is_reverse_dns_lookup
struct edge_connection_t * next_stream
struct circuit_t * on_circuit
edge_connection_t * resolving_streams
edge_connection_t * n_streams
char * ServerDNSResolvConfFile
struct smartlist_t * ServerDNSTestAddresses
int ServerDNSSearchDomains
#define MOCK_IMPL(rv, funcname, arglist)
#define tor_fragile_assert()
void tor_strlower(char *s)
int strcmpstart(const char *s1, const char *s2)
int tor_strisnonupper(const char *s)