Tor 0.4.9.1-alpha-dev
relay_config.c
Go to the documentation of this file.
1/* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2021, The Tor Project, Inc. */
5/* See LICENSE for licensing information */
6
7/**
8 * @file relay_config.c
9 * @brief Code to interpret the user's configuration of Tor's relay module.
10 **/
11
12#include "orconfig.h"
13#define RELAY_CONFIG_PRIVATE
15
17#include "lib/confmgt/confmgt.h"
18
20#include "lib/geoip/geoip.h"
21#include "lib/meminfo/meminfo.h"
22#include "lib/osinfo/uname.h"
23#include "lib/process/setuid.h"
24
25/* Required for dirinfo_type_t in or_options_t */
26#include "core/or/or.h"
27#include "app/config/config.h"
28
33#include "core/or/policies.h"
34#include "core/or/port_cfg_st.h"
35
43
45
47#include "feature/relay/dns.h"
50
51/** Contents of most recently read DirPortFrontPage file. */
52static char *global_dirfrontpagecontents = NULL;
53
54/* Copied from config.c, we will refactor later in 29211. */
55#define REJECT(arg) \
56 STMT_BEGIN *msg = tor_strdup(arg); return -1; STMT_END
57#if defined(__GNUC__) && __GNUC__ <= 3
58#define COMPLAIN(args...) \
59 STMT_BEGIN log_warn(LD_CONFIG, args); STMT_END
60#else
61#define COMPLAIN(args, ...) \
62 STMT_BEGIN log_warn(LD_CONFIG, args, ##__VA_ARGS__); STMT_END
63#endif /* defined(__GNUC__) && __GNUC__ <= 3 */
64
65/* Used in the various options_transition_affects* functions. */
66#define YES_IF_CHANGED_BOOL(opt) \
67 if (!CFG_EQ_BOOL(old_options, new_options, opt)) return 1;
68#define YES_IF_CHANGED_INT(opt) \
69 if (!CFG_EQ_INT(old_options, new_options, opt)) return 1;
70#define YES_IF_CHANGED_STRING(opt) \
71 if (!CFG_EQ_STRING(old_options, new_options, opt)) return 1;
72#define YES_IF_CHANGED_LINELIST(opt) \
73 if (!CFG_EQ_LINELIST(old_options, new_options, opt)) return 1;
74
75/** Return the contents of our frontpage string, or NULL if not configured. */
76MOCK_IMPL(const char*,
78{
80}
81
82/** Release all memory and resources held by global relay configuration
83 * structures.
84 */
85void
87{
89}
90
91/** Return the bandwidthrate that we are going to report to the authorities
92 * based on the config options. */
93uint32_t
95{
96 uint64_t bw = options->BandwidthRate;
97 if (bw > options->MaxAdvertisedBandwidth)
98 bw = options->MaxAdvertisedBandwidth;
99 if (options->RelayBandwidthRate > 0 && bw > options->RelayBandwidthRate)
100 bw = options->RelayBandwidthRate;
101 /* config_ensure_bandwidth_cap() makes sure that this cast can't overflow. */
102 return (uint32_t)bw;
103}
104
105/** Return the bandwidthburst that we are going to report to the authorities
106 * based on the config options. */
107uint32_t
109{
110 uint64_t bw = options->BandwidthBurst;
111 if (options->RelayBandwidthBurst > 0 && bw > options->RelayBandwidthBurst)
112 bw = options->RelayBandwidthBurst;
113 /* config_ensure_bandwidth_cap() makes sure that this cast can't overflow. */
114 return (uint32_t)bw;
115}
116
117/** Warn for every Extended ORPort port in <b>ports</b> that is on a
118 * publicly routable address. */
119void
120port_warn_nonlocal_ext_orports(const smartlist_t *ports, const char *portname)
121{
122 SMARTLIST_FOREACH_BEGIN(ports, const port_cfg_t *, port) {
123 if (port->type != CONN_TYPE_EXT_OR_LISTENER)
124 continue;
125 if (port->is_unix_addr)
126 continue;
127 /* XXX maybe warn even if address is RFC1918? */
128 if (!tor_addr_is_internal(&port->addr, 1)) {
129 log_warn(LD_CONFIG, "You specified a public address '%s' for %sPort. "
130 "This is not advised; this address is supposed to only be "
131 "exposed on localhost so that your pluggable transport "
132 "proxies can connect to it.",
133 fmt_addrport(&port->addr, port->port), portname);
134 }
135 } SMARTLIST_FOREACH_END(port);
136}
137
138/**
139 * Return a static buffer describing the port number in @a port, which may
140 * CFG_AUTO_PORT.
141 **/
142static const char *
144{
145 static char buf[16];
146 if (port == CFG_AUTO_PORT) {
147 return "auto";
148 } else {
149 tor_snprintf(buf, sizeof(buf), "%d", port);
150 return buf;
151 }
152}
153
154/** Return a static buffer containing the human readable logging string that
155 * describes the given port object. */
156STATIC const char *
158{
159 IF_BUG_ONCE(!port) {
160 return "<null port>";
161 }
162
163 static char buf[256];
164 const char *type, *addr;
165
166 switch (port->type) {
168 type = "OR";
169 break;
171 type = "Dir";
172 break;
174 type = "ExtOR";
175 break;
176 default:
177 type = "";
178 break;
179 }
180
181 if (port->explicit_addr) {
182 addr = fmt_and_decorate_addr(&port->addr);
183 } else {
184 addr = "";
185 }
186
187 tor_snprintf(buf, sizeof(buf), "%sPort %s%s%s",
188 type, addr, (strlen(addr) > 0) ? ":" : "",
189 describe_portnum(port->port));
190 return buf;
191}
192
193/** Return true iff port p1 is equal to p2.
194 *
195 * This does a field by field comparison. */
196static bool
197port_cfg_eq(const port_cfg_t *p1, const port_cfg_t *p2)
198{
199 bool ret = true;
200
201 tor_assert(p1);
202 tor_assert(p2);
203
204 /* Address, port and type. */
205 ret &= tor_addr_eq(&p1->addr, &p2->addr);
206 ret &= (p1->port == p2->port);
207 ret &= (p1->type == p2->type);
208
209 /* Mode. */
210 ret &= (p1->is_unix_addr == p2->is_unix_addr);
211 ret &= (p1->is_group_writable == p2->is_group_writable);
212 ret &= (p1->is_world_writable == p2->is_world_writable);
213 ret &= (p1->relax_dirmode_check == p2->relax_dirmode_check);
214 ret &= (p1->explicit_addr == p2->explicit_addr);
215
216 /* Entry config flags. */
217 ret &= tor_memeq(&p1->entry_cfg, &p2->entry_cfg,
218 sizeof(entry_port_cfg_t));
219 /* Server config flags. */
220 ret &= tor_memeq(&p1->server_cfg, &p2->server_cfg,
221 sizeof(server_port_cfg_t));
222 /* Unix address path if any. */
223 ret &= !strcmp(p1->unix_addr, p2->unix_addr);
224
225 return ret;
226}
227
228/** Attempt to find duplicate ORPort that would be superseded by another and
229 * remove them from the given ports list. This is possible if we have for
230 * instance:
231 *
232 * ORPort 9050
233 * ORPort [4242::1]:9050
234 *
235 * First one binds to both v4 and v6 address but second one is specific to an
236 * address superseding the global bind one.
237 *
238 * Another example is this one:
239 *
240 * ORPort 9001
241 * ORPort [4242::1]:9002
242 * ORPort [4242::2]:9003
243 *
244 * In this case, all IPv4 and IPv6 are kept since we do allow multiple ORPorts
245 * but the published port will be the first explicit one if any to be
246 * published or else the implicit.
247 *
248 * The following is O(n^2) but it is done at bootstrap or config reload and
249 * the list is not very long usually. */
250STATIC void
252{
253 /* First we'll decide what to remove, then we'll remove it. */
254 bool *removing = tor_calloc(smartlist_len(ports), sizeof(bool));
255
256 for (int i = 0; i < smartlist_len(ports); ++i) {
257 const port_cfg_t *current = smartlist_get(ports, i);
258 if (removing[i]) {
259 continue;
260 }
261
262 /* Skip non ORPorts. */
263 if (current->type != CONN_TYPE_OR_LISTENER) {
264 continue;
265 }
266
267 for (int j = 0; j < smartlist_len(ports); ++j) {
268 const port_cfg_t *next = smartlist_get(ports, j);
269
270 /* Avoid comparing the same object. */
271 if (current == next) {
272 continue;
273 }
274 if (removing[j]) {
275 continue;
276 }
277 /* Skip non ORPorts. */
278 if (next->type != CONN_TYPE_OR_LISTENER) {
279 continue;
280 }
281 /* Remove duplicates. */
282 if (port_cfg_eq(current, next)) {
283 removing[j] = true;
284 continue;
285 }
286 /* Don't compare addresses of different family. */
287 if (tor_addr_family(&current->addr) != tor_addr_family(&next->addr)) {
288 continue;
289 }
290 /* At this point, we have a port of the same type and same address
291 * family. Now, we want to avoid comparing addresses that are different
292 * but are both explicit. As an example, these are not duplicates:
293 *
294 * ORPort 127.0.0.:9001 NoAdvertise
295 * ORPort 1.2.3.4:9001 NoListen
296 *
297 * Any implicit address must be considered for removal since an explicit
298 * one will always supersedes it. */
299 if (!tor_addr_eq(&current->addr, &next->addr) &&
300 current->explicit_addr && next->explicit_addr) {
301 continue;
302 }
303
304 /* Port value is the same so we either have a duplicate or a port that
305 * supersedes another. */
306 if (current->port == next->port) {
307 /* Do not remove the explicit address. As stated before above, we keep
308 * explicit addresses which supersedes implicit ones. */
309 if (!current->explicit_addr && next->explicit_addr) {
310 continue;
311 }
312 removing[j] = true;
313 char *next_str = tor_strdup(describe_relay_port(next));
314 log_warn(LD_CONFIG, "Configuration port %s superseded by %s",
315 next_str, describe_relay_port(current));
316 tor_free(next_str);
317 }
318 }
319 }
320
321 /* Iterate over array in reverse order to keep indices valid. */
322 for (int i = smartlist_len(ports)-1; i >= 0; --i) {
323 tor_assert(i < smartlist_len(ports));
324 if (removing[i]) {
325 port_cfg_t *current = smartlist_get(ports, i);
326 smartlist_del_keeporder(ports, i);
327 port_cfg_free(current);
328 }
329 }
330
331 tor_free(removing);
332}
333
334/** Given a list of <b>port_cfg_t</b> in <b>ports</b>, check them for internal
335 * consistency and warn as appropriate. On Unix-based OSes, set
336 * *<b>n_low_ports_out</b> to the number of sub-1024 ports we will be
337 * binding, and warn if we may be unable to re-bind after hibernation. */
338static int
340 const or_options_t *options,
341 int *n_low_ports_out)
342{
343 if (BUG(!ports))
344 return -1;
345
346 if (BUG(!options))
347 return -1;
348
349 if (BUG(!n_low_ports_out))
350 return -1;
351
352 int n_orport_advertised = 0;
353 int n_orport_advertised_ipv4 = 0;
354 int n_orport_listeners = 0;
355 int n_dirport_advertised = 0;
356 int n_dirport_listeners = 0;
357 int n_dirport_listeners_v4 = 0;
358 int n_low_port = 0;
359 int r = 0;
360
361 /* Remove possible duplicate ORPorts before inspecting the list. */
363
364 SMARTLIST_FOREACH_BEGIN(ports, const port_cfg_t *, port) {
365 if (port->type == CONN_TYPE_DIR_LISTENER) {
366 if (! port->server_cfg.no_advertise)
367 ++n_dirport_advertised;
368 if (! port->server_cfg.no_listen) {
369 ++n_dirport_listeners;
370 if (port_binds_ipv4(port)) {
371 ++n_dirport_listeners_v4;
372 }
373 }
374 } else if (port->type == CONN_TYPE_OR_LISTENER) {
375 if (! port->server_cfg.no_advertise) {
376 ++n_orport_advertised;
377 if (port_binds_ipv4(port))
378 ++n_orport_advertised_ipv4;
379 }
380 if (! port->server_cfg.no_listen)
381 ++n_orport_listeners;
382 } else {
383 continue;
384 }
385#ifndef _WIN32
386 if (!port->server_cfg.no_listen && port->port < 1024)
387 ++n_low_port;
388#endif
389 } SMARTLIST_FOREACH_END(port);
390
391 if (n_orport_advertised && !n_orport_listeners) {
392 log_warn(LD_CONFIG, "We are advertising an ORPort, but not actually "
393 "listening on one.");
394 r = -1;
395 }
396 if (n_orport_listeners && !n_orport_advertised) {
397 log_warn(LD_CONFIG, "We are listening on an ORPort, but not advertising "
398 "any ORPorts. This will keep us from building a %s "
399 "descriptor, and make us impossible to use.",
400 options->BridgeRelay ? "bridge" : "router");
401 r = -1;
402 }
403 if (n_dirport_advertised && !n_dirport_listeners) {
404 log_warn(LD_CONFIG, "We are advertising a DirPort, but not actually "
405 "listening on one.");
406 r = -1;
407 }
408 if (n_dirport_advertised > 1) {
409 log_warn(LD_CONFIG, "Can't advertise more than one DirPort.");
410 r = -1;
411 }
412 if (n_orport_advertised && !n_orport_advertised_ipv4 &&
413 !options->BridgeRelay) {
414 log_warn(LD_CONFIG, "Configured public relay to listen only on an IPv6 "
415 "address. Tor needs to listen on an IPv4 address too.");
416 r = -1;
417 }
418 if (n_dirport_advertised && n_dirport_listeners_v4 == 0) {
419 log_warn(LD_CONFIG, "We are listening on a non-IPv4 DirPort. This is not "
420 "allowed. Consider either setting an IPv4 address or "
421 "simply removing it because it is not used anymore.");
422 r = -1;
423 }
424
425 if (n_low_port && options->AccountingMax &&
426 (!have_capability_support() || options->KeepBindCapabilities == 0)) {
427 const char *extra = "";
428 if (options->KeepBindCapabilities == 0 && have_capability_support())
429 extra = ", and you have disabled KeepBindCapabilities.";
430 log_warn(LD_CONFIG,
431 "You have set AccountingMax to use hibernation. You have also "
432 "chosen a low DirPort or OrPort%s."
433 "This combination can make Tor stop "
434 "working when it tries to re-attach the port after a period of "
435 "hibernation. Please choose a different port or turn off "
436 "hibernation unless you know this combination will work on your "
437 "platform.", extra);
438 }
439
440 if (n_low_ports_out)
441 *n_low_ports_out = n_low_port;
442
443 return r;
444}
445
446/** Parse all relay ports from <b>options</b>. On success, add parsed ports to
447 * <b>ports</b>, and return 0. On failure, set *<b>msg</b> to a newly
448 * allocated string describing the problem, and return -1.
449 **/
450int
452 char **msg,
453 smartlist_t *ports_out,
454 int *have_low_ports_out)
455{
456 int retval = -1;
457 smartlist_t *ports = smartlist_new();
458 int n_low_ports = 0;
459
460 if (BUG(!options))
461 goto err;
462
463 if (BUG(!msg))
464 goto err;
465
466 if (BUG(!ports_out))
467 goto err;
468
469 if (BUG(!have_low_ports_out))
470 goto err;
471
472 if (options->ClientOnly) {
473 retval = 0;
474 goto err;
475 }
476
477 if (port_parse_config(ports,
478 options->ORPort_lines,
480 "0.0.0.0", 0,
481 CL_PORT_SERVER_OPTIONS) < 0) {
482 *msg = tor_strdup("Invalid ORPort configuration");
483 goto err;
484 }
485 if (port_parse_config(ports,
486 options->ORPort_lines,
488 "[::]", 0,
489 CL_PORT_SERVER_OPTIONS) < 0) {
490 *msg = tor_strdup("Invalid ORPort configuration");
491 goto err;
492 }
493 if (port_parse_config(ports,
494 options->ExtORPort_lines,
496 "127.0.0.1", 0,
497 CL_PORT_SERVER_OPTIONS|CL_PORT_WARN_NONLOCAL) < 0) {
498 *msg = tor_strdup("Invalid ExtORPort configuration");
499 goto err;
500 }
501 if (port_parse_config(ports,
502 options->DirPort_lines,
504 "0.0.0.0", 0,
505 CL_PORT_SERVER_OPTIONS) < 0) {
506 *msg = tor_strdup("Invalid DirPort configuration");
507 goto err;
508 }
509
510 if (check_and_prune_server_ports(ports, options, &n_low_ports) < 0) {
511 *msg = tor_strdup("Misconfigured server ports");
512 goto err;
513 }
514
515 smartlist_add_all(ports_out, ports);
516 smartlist_free(ports);
517 ports = NULL;
518 retval = 0;
519
520 err:
521 if (*have_low_ports_out < 0)
522 *have_low_ports_out = (n_low_ports > 0);
523 if (ports) {
524 SMARTLIST_FOREACH(ports, port_cfg_t *, p, port_cfg_free(p));
525 smartlist_free(ports);
526 }
527 return retval;
528}
529
530/** Update the relay *Port_set values in <b>options</b> from <b>ports</b>. */
531void
533 const smartlist_t *ports)
534{
535 if (BUG(!options))
536 return;
537
538 if (BUG(!ports))
539 return;
540
541 if (options->ClientOnly)
542 return;
543
544 /* Update the relay *Port_set options. The !! here is to force a boolean
545 * out of an integer. */
546 options->ORPort_set =
548 options->DirPort_set =
550 options->ExtORPort_set =
552}
553
554/**
555 * Legacy validation function, which checks that the current OS is usable in
556 * relay mode, if options is set to a relay mode.
557 *
558 * Warns about OSes with potential issues. Does not set *<b>msg</b>.
559 * Always returns 0.
560 */
561int
563 or_options_t *options,
564 char **msg)
565{
566 (void)old_options;
567
568 if (BUG(!options))
569 return -1;
570
571 if (BUG(!msg))
572 return -1;
573
574 if (!server_mode(options))
575 return 0;
576
577 const char *uname = get_uname();
578
579 if (!strcmpstart(uname, "Windows 95") ||
580 !strcmpstart(uname, "Windows 98") ||
581 !strcmpstart(uname, "Windows Me")) {
582 log_warn(LD_CONFIG, "Tor is running as a server, but you are "
583 "running %s; this probably won't work. See "
584 "https://www.torproject.org/docs/faq.html#BestOSForRelay "
585 "for details.", uname);
586 }
587
588 return 0;
589}
590
591/**
592 * Legacy validation/normalization function for the relay info options.
593 * Uses old_options as the previous options.
594 *
595 * Returns 0 on success, returns -1 and sets *msg to a newly allocated string
596 * on error.
597 */
598int
600 or_options_t *options,
601 char **msg)
602{
603 (void)old_options;
604
605 if (BUG(!options))
606 return -1;
607
608 if (BUG(!msg))
609 return -1;
610
611 if (options->Nickname == NULL) {
612 if (server_mode(options)) {
613 options->Nickname = tor_strdup(UNNAMED_ROUTER_NICKNAME);
614 }
615 } else {
616 if (!is_legal_nickname(options->Nickname)) {
617 tor_asprintf(msg,
618 "Nickname '%s', nicknames must be between 1 and 19 characters "
619 "inclusive, and must contain only the characters [a-zA-Z0-9].",
620 options->Nickname);
621 return -1;
622 }
623 }
624
625 if (server_mode(options) && !options->ContactInfo) {
626 log_warn(LD_CONFIG,
627 "Your ContactInfo config option is not set. Please strongly "
628 "consider setting it, so we can contact you if your relay is "
629 "misconfigured, end-of-life, or something else goes wrong. "
630 "It is also possible that your relay might get rejected from "
631 "the network due to a missing valid contact address.");
632 }
633
634 const char *ContactInfo = options->ContactInfo;
635 if (ContactInfo && !string_is_utf8(ContactInfo, strlen(ContactInfo)))
636 REJECT("ContactInfo config option must be UTF-8.");
637
638 return 0;
639}
640
641/** Parse an authority type from <b>options</b>->PublishServerDescriptor
642 * and write it to <b>options</b>->PublishServerDescriptor_. Treat "1"
643 * as "v3" unless BridgeRelay is 1, in which case treat it as "bridge".
644 * Treat "0" as "".
645 * Return 0 on success or -1 if not a recognized authority type (in which
646 * case the value of PublishServerDescriptor_ is undefined). */
647static int
649{
650 smartlist_t *list = options->PublishServerDescriptor;
652 *auth = NO_DIRINFO;
653 if (!list) /* empty list, answer is none */
654 return 0;
655 SMARTLIST_FOREACH_BEGIN(list, const char *, string) {
656 if (!strcasecmp(string, "v1"))
657 log_warn(LD_CONFIG, "PublishServerDescriptor v1 has no effect, because "
658 "there are no v1 directory authorities anymore.");
659 else if (!strcmp(string, "1"))
660 if (options->BridgeRelay)
661 *auth |= BRIDGE_DIRINFO;
662 else
663 *auth |= V3_DIRINFO;
664 else if (!strcasecmp(string, "v2"))
665 log_warn(LD_CONFIG, "PublishServerDescriptor v2 has no effect, because "
666 "there are no v2 directory authorities anymore.");
667 else if (!strcasecmp(string, "v3"))
668 *auth |= V3_DIRINFO;
669 else if (!strcasecmp(string, "bridge"))
670 *auth |= BRIDGE_DIRINFO;
671 else if (!strcasecmp(string, "hidserv"))
672 log_warn(LD_CONFIG,
673 "PublishServerDescriptor hidserv is invalid. See "
674 "PublishHidServDescriptors.");
675 else if (!strcasecmp(string, "") || !strcmp(string, "0"))
676 /* no authority */;
677 else
678 return -1;
679 } SMARTLIST_FOREACH_END(string);
680 return 0;
681}
682
683/**
684 * Validate the configured bridge distribution method from a BridgeDistribution
685 * config line.
686 *
687 * The input <b>bd</b>, is a string taken from the BridgeDistribution config
688 * line (if present). If the option wasn't set, return 0 immediately. The
689 * BridgeDistribution option is then validated. Currently valid, recognised
690 * options are:
691 *
692 * - "none"
693 * - "any"
694 * - "https"
695 * - "email"
696 * - "moat"
697 *
698 * If the option string is unrecognised, a warning will be logged and 0 is
699 * returned. If the option string contains an invalid character, -1 is
700 * returned.
701 **/
702STATIC int
704{
705 if (bd == NULL)
706 return 0;
707
708 const char *RECOGNIZED[] = {
709 "none", "any", "https", "email", "moat"
710 };
711 unsigned i;
712 for (i = 0; i < ARRAY_LENGTH(RECOGNIZED); ++i) {
713 if (!strcasecmp(bd, RECOGNIZED[i]))
714 return 0;
715 }
716
717 const char *cp = bd;
718 // Method = (KeywordChar | "_") +
719 while (TOR_ISALNUM(*cp) || *cp == '-' || *cp == '_')
720 ++cp;
721
722 if (*cp == 0) {
723 log_warn(LD_CONFIG, "Unrecognized BridgeDistribution value %s. I'll "
724 "assume you know what you are doing...", escaped(bd));
725 return 0; // we reached the end of the string; all is well
726 } else {
727 return -1; // we found a bad character in the string.
728 }
729}
730
731/**
732 * Legacy validation/normalization function for the bridge relay options.
733 * Uses old_options as the previous options.
734 *
735 * Returns 0 on success, returns -1 and sets *msg to a newly allocated string
736 * on error.
737 */
738int
740 or_options_t *options,
741 char **msg)
742{
743 (void)old_options;
744
745 if (BUG(!options))
746 return -1;
747
748 if (BUG(!msg))
749 return -1;
750
751 if (compute_publishserverdescriptor(options) < 0) {
752 tor_asprintf(msg, "Unrecognized value in PublishServerDescriptor");
753 return -1;
754 }
755
756 if ((options->BridgeRelay
758 && (options->PublishServerDescriptor_ & V3_DIRINFO)) {
759 REJECT("Bridges are not supposed to publish router descriptors to the "
760 "directory authorities. Please correct your "
761 "PublishServerDescriptor line.");
762 }
763
764 if (options->BridgeDistribution) {
765 if (!options->BridgeRelay) {
766 REJECT("You set BridgeDistribution, but you didn't set BridgeRelay!");
767 }
769 REJECT("Invalid BridgeDistribution value.");
770 }
771 }
772
773 if (options->PublishServerDescriptor)
774 SMARTLIST_FOREACH(options->PublishServerDescriptor, const char *, pubdes, {
775 if (!strcmp(pubdes, "1") || !strcmp(pubdes, "0"))
776 if (smartlist_len(options->PublishServerDescriptor) > 1) {
777 COMPLAIN("You have passed a list of multiple arguments to the "
778 "PublishServerDescriptor option that includes 0 or 1. "
779 "0 or 1 should only be used as the sole argument. "
780 "This configuration will be rejected in a future release.");
781 break;
782 }
783 });
784
785 return 0;
786}
787
788/**
789 * Legacy validation/normalization function for the relay padding options.
790 * Uses old_options as the previous options.
791 *
792 * Returns 0 on success, returns -1 and sets *msg to a newly allocated string
793 * on error.
794 */
795int
797 or_options_t *options,
798 char **msg)
799{
800 (void)old_options;
801
802 if (BUG(!options))
803 return -1;
804
805 if (BUG(!msg))
806 return -1;
807
808 if (!server_mode(options))
809 return 0;
810
811 if (options->ConnectionPadding != -1) {
812 REJECT("Relays must use 'auto' for the ConnectionPadding setting.");
813 }
814
815 if (options->ReducedConnectionPadding != 0) {
816 REJECT("Relays cannot set ReducedConnectionPadding. ");
817 }
818
819 if (options->CircuitPadding == 0) {
820 REJECT("Relays cannot set CircuitPadding to 0. ");
821 }
822
823 if (options->ReducedCircuitPadding == 1) {
824 REJECT("Relays cannot set ReducedCircuitPadding. ");
825 }
826
827 return 0;
828}
829
830/**
831 * Legacy validation/normalization function for the relay bandwidth options.
832 * Uses old_options as the previous options.
833 *
834 * Returns 0 on success, returns -1 and sets *msg to a newly allocated string
835 * on error.
836 */
837int
839 or_options_t *options,
840 char **msg)
841{
842 (void)old_options;
843
844 if (BUG(!options))
845 return -1;
846
847 if (BUG(!msg))
848 return -1;
849
850 /* 31851: the tests expect us to validate bandwidths, even when we are not
851 * in relay mode. */
853 "MaxAdvertisedBandwidth", msg) < 0)
854 return -1;
856 "RelayBandwidthRate", msg) < 0)
857 return -1;
859 "RelayBandwidthBurst", msg) < 0)
860 return -1;
862 "PerConnBWRate", msg) < 0)
863 return -1;
865 "PerConnBWBurst", msg) < 0)
866 return -1;
867
868 if (options->RelayBandwidthRate && !options->RelayBandwidthBurst)
869 options->RelayBandwidthBurst = options->RelayBandwidthRate;
870 if (options->RelayBandwidthBurst && !options->RelayBandwidthRate)
871 options->RelayBandwidthRate = options->RelayBandwidthBurst;
872
873 if (server_mode(options)) {
874 const unsigned required_min_bw =
875 public_server_mode(options) ?
876 RELAY_REQUIRED_MIN_BANDWIDTH : BRIDGE_REQUIRED_MIN_BANDWIDTH;
877 const char * const optbridge =
878 public_server_mode(options) ? "" : "bridge ";
879 if (options->BandwidthRate < required_min_bw) {
880 tor_asprintf(msg,
881 "BandwidthRate is set to %d bytes/second. "
882 "For %sservers, it must be at least %u.",
883 (int)options->BandwidthRate, optbridge,
884 required_min_bw);
885 return -1;
886 } else if (options->MaxAdvertisedBandwidth <
887 required_min_bw/2) {
888 tor_asprintf(msg,
889 "MaxAdvertisedBandwidth is set to %d bytes/second. "
890 "For %sservers, it must be at least %u.",
891 (int)options->MaxAdvertisedBandwidth, optbridge,
892 required_min_bw/2);
893 return -1;
894 }
895 if (options->RelayBandwidthRate &&
896 options->RelayBandwidthRate < required_min_bw) {
897 tor_asprintf(msg,
898 "RelayBandwidthRate is set to %d bytes/second. "
899 "For %sservers, it must be at least %u.",
900 (int)options->RelayBandwidthRate, optbridge,
901 required_min_bw);
902 return -1;
903 }
904 }
905
906 /* 31851: the tests expect us to validate bandwidths, even when we are not
907 * in relay mode. */
908 if (options->RelayBandwidthRate > options->RelayBandwidthBurst)
909 REJECT("RelayBandwidthBurst must be at least equal "
910 "to RelayBandwidthRate.");
911
912 /* if they set relaybandwidth* really high but left bandwidth*
913 * at the default, raise the defaults. */
914 if (options->RelayBandwidthRate > options->BandwidthRate)
915 options->BandwidthRate = options->RelayBandwidthRate;
916 if (options->RelayBandwidthBurst > options->BandwidthBurst)
917 options->BandwidthBurst = options->RelayBandwidthBurst;
918
919 return 0;
920}
921
922/**
923 * Legacy validation/normalization function for the relay bandwidth accounting
924 * options. Uses old_options as the previous options.
925 *
926 * Returns 0 on success, returns -1 and sets *msg to a newly allocated string
927 * on error.
928 */
929int
931 or_options_t *options,
932 char **msg)
933{
934 (void)old_options;
935
936 if (BUG(!options))
937 return -1;
938
939 if (BUG(!msg))
940 return -1;
941
942 /* 31851: the tests expect us to validate accounting, even when we are not
943 * in relay mode. */
944 if (accounting_parse_options(options, 1)<0)
945 REJECT("Failed to parse accounting options. See logs for details.");
946
947 if (options->AccountingMax &&
948 !hs_service_non_anonymous_mode_enabled(options)) {
949 if (options->RendConfigLines && server_mode(options)) {
950 log_warn(LD_CONFIG, "Using accounting with a hidden service and an "
951 "ORPort is risky: your hidden service(s) and your public "
952 "address will all turn off at the same time, which may alert "
953 "observers that they are being run by the same party.");
954 } else if (config_count_key(options->RendConfigLines,
955 "HiddenServiceDir") > 1) {
956 log_warn(LD_CONFIG, "Using accounting with multiple hidden services is "
957 "risky: they will all turn off at the same time, which may "
958 "alert observers that they are being run by the same party.");
959 }
960 }
961
962 options->AccountingRule = ACCT_MAX;
963 if (options->AccountingRule_option) {
964 if (!strcmp(options->AccountingRule_option, "sum"))
965 options->AccountingRule = ACCT_SUM;
966 else if (!strcmp(options->AccountingRule_option, "max"))
967 options->AccountingRule = ACCT_MAX;
968 else if (!strcmp(options->AccountingRule_option, "in"))
969 options->AccountingRule = ACCT_IN;
970 else if (!strcmp(options->AccountingRule_option, "out"))
971 options->AccountingRule = ACCT_OUT;
972 else
973 REJECT("AccountingRule must be 'sum', 'max', 'in', or 'out'");
974 }
975
976 return 0;
977}
978
979/** Verify whether lst is a list of strings containing valid-looking
980 * comma-separated nicknames, or NULL. Will normalise <b>lst</b> to prefix '$'
981 * to any nickname or fingerprint that needs it. Also splits comma-separated
982 * list elements into multiple elements. Return 0 on success.
983 * Warn and return -1 on failure.
984 */
985static int
987 const config_line_t *lst, const char *name,
988 char **msg)
989{
990 if (!lst)
991 return 0;
992
993 config_line_t *new_nicknames = NULL;
994 config_line_t **new_nicknames_next = &new_nicknames;
995
996 const config_line_t *cl;
997 for (cl = lst; cl; cl = cl->next) {
998 const char *line = cl->value;
999 if (!line)
1000 continue;
1001
1002 int valid_line = 1;
1003 smartlist_t *sl = smartlist_new();
1004 smartlist_split_string(sl, line, ",",
1005 SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK|SPLIT_STRIP_SPACE, 0);
1006 SMARTLIST_FOREACH_BEGIN(sl, char *, s)
1007 {
1008 char *normalized = NULL;
1010 // check if first char is dollar
1011 if (s[0] != '$') {
1012 // Try again but with a dollar symbol prepended
1013 char *prepended;
1014 tor_asprintf(&prepended, "$%s", s);
1015
1016 if (is_legal_nickname_or_hexdigest(prepended)) {
1017 // The nickname is valid when it's prepended, set it as the
1018 // normalized version
1019 normalized = prepended;
1020 } else {
1021 // Still not valid, free and fallback to error message
1022 tor_free(prepended);
1023 }
1024 }
1025
1026 if (!normalized) {
1027 tor_asprintf(msg, "Invalid nickname '%s' in %s line", s, name);
1028 valid_line = 0;
1029 break;
1030 }
1031 } else {
1032 normalized = tor_strdup(s);
1033 }
1034
1035 config_line_t *next = tor_malloc_zero(sizeof(*next));
1036 next->key = tor_strdup(cl->key);
1037 next->value = normalized;
1038 next->next = NULL;
1039
1040 *new_nicknames_next = next;
1041 new_nicknames_next = &next->next;
1042 } SMARTLIST_FOREACH_END(s);
1043
1044 SMARTLIST_FOREACH(sl, char *, s, tor_free(s));
1045 smartlist_free(sl);
1046
1047 if (!valid_line) {
1048 config_free_lines(new_nicknames);
1049 return -1;
1050 }
1051 }
1052
1053 *normalized_out = new_nicknames;
1054
1055 return 0;
1056}
1057
1058#define ONE_MEGABYTE (UINT64_C(1) << 20)
1059
1060/* If we have less than 300 MB suggest disabling dircache */
1061#define DIRCACHE_MIN_MEM_MB 300
1062#define DIRCACHE_MIN_MEM_BYTES (DIRCACHE_MIN_MEM_MB*ONE_MEGABYTE)
1063#define STRINGIFY(val) #val
1064
1065/** Create a warning message for emitting if we are a dircache but may not have
1066 * enough system memory, or if we are not a dircache but probably should be.
1067 * Return -1 when a message is returned in *msg*, else return 0. */
1068STATIC int
1069have_enough_mem_for_dircache(const or_options_t *options, size_t total_mem,
1070 char **msg)
1071{
1072 *msg = NULL;
1073 /* XXX We should possibly be looking at MaxMemInQueues here
1074 * unconditionally. Or we should believe total_mem unconditionally. */
1075 if (total_mem == 0) {
1076 if (get_total_system_memory(&total_mem) < 0) {
1077 total_mem = options->MaxMemInQueues >= SIZE_MAX ?
1078 SIZE_MAX : (size_t)options->MaxMemInQueues;
1079 }
1080 }
1081 if (options->DirCache) {
1082 if (total_mem < DIRCACHE_MIN_MEM_BYTES) {
1083 if (options->BridgeRelay) {
1084 tor_asprintf(msg, "Running a Bridge with less than %d MB of memory "
1085 "is not recommended.", DIRCACHE_MIN_MEM_MB);
1086 } else {
1087 tor_asprintf(msg, "Being a directory cache (default) with less than "
1088 "%d MB of memory is not recommended and may consume "
1089 "most of the available resources. Consider disabling "
1090 "this functionality by setting the DirCache option "
1091 "to 0.", DIRCACHE_MIN_MEM_MB);
1092 }
1093 }
1094 } else {
1095 if (total_mem >= DIRCACHE_MIN_MEM_BYTES) {
1096 *msg = tor_strdup("DirCache is disabled and we are configured as a "
1097 "relay. We will not become a Guard.");
1098 }
1099 }
1100 return *msg == NULL ? 0 : -1;
1101}
1102#undef STRINGIFY
1103
1104/**
1105 * Legacy validation/normalization function for the relay mode options.
1106 * Uses old_options as the previous options.
1107 *
1108 * Returns 0 on success, returns -1 and sets *msg to a newly allocated string
1109 * on error.
1110 */
1111int
1113 or_options_t *options,
1114 char **msg)
1115{
1116 (void)old_options;
1117
1118 if (BUG(!options))
1119 return -1;
1120
1121 if (BUG(!msg))
1122 return -1;
1123
1124 if (server_mode(options) && options->RendConfigLines &&
1125 !hs_service_non_anonymous_mode_enabled(options))
1126 log_warn(LD_CONFIG,
1127 "Tor is currently configured as a relay and a hidden service. "
1128 "That's not very secure: you should probably run your hidden service "
1129 "in a separate Tor process, at least -- see "
1130 "https://bugs.torproject.org/tpo/core/tor/8742.");
1131
1132 if (options->BridgeRelay && options->DirPort_set) {
1133 log_warn(LD_CONFIG, "Can't set a DirPort on a bridge relay; disabling "
1134 "DirPort");
1135 config_free_lines(options->DirPort_lines);
1136 options->DirPort_lines = NULL;
1137 options->DirPort_set = 0;
1138 }
1139
1140 if (options->DirPort_set && !options->DirCache) {
1141 REJECT("DirPort configured but DirCache disabled. DirPort requires "
1142 "DirCache.");
1143 }
1144
1145 if (options->BridgeRelay && !options->DirCache) {
1146 REJECT("We're a bridge but DirCache is disabled. BridgeRelay requires "
1147 "DirCache.");
1148 }
1149
1150 if (options->BridgeRelay == 1 && ! options->ORPort_set)
1151 REJECT("BridgeRelay is 1, ORPort is not set. This is an invalid "
1152 "combination.");
1153
1154 if (options->BridgeRelay == 1 && !(options->ExitRelay == 0 ||
1156 log_warn(LD_CONFIG, "BridgeRelay is 1, but ExitRelay is 1 or an "
1157 "ExitPolicy is configured. Tor will start, but it will not "
1158 "function as an exit relay.");
1159 }
1160
1161 if (server_mode(options)) {
1162 char *dircache_msg = NULL;
1163 if (have_enough_mem_for_dircache(options, 0, &dircache_msg)) {
1164 log_warn(LD_CONFIG, "%s", dircache_msg);
1165 tor_free(dircache_msg);
1166 }
1167 }
1168
1169 if (options->MyFamily_lines && options->BridgeRelay) {
1170 log_warn(LD_CONFIG, "Listing a family for a bridge relay is not "
1171 "supported: it can reveal bridge fingerprints to censors. "
1172 "You should also make sure you aren't listing this bridge's "
1173 "fingerprint in any other MyFamily.");
1174 }
1175 if (options->MyFamily_lines && !options->ContactInfo) {
1176 log_warn(LD_CONFIG, "MyFamily is set but ContactInfo is not configured. "
1177 "ContactInfo should always be set when MyFamily option is too.");
1178 }
1179 if (normalize_nickname_list(&options->MyFamily,
1180 options->MyFamily_lines, "MyFamily", msg))
1181 return -1;
1182
1183 if (options->ConstrainedSockets) {
1184 if (options->DirPort_set) {
1185 /* Providing cached directory entries while system TCP buffers are scarce
1186 * will exacerbate the socket errors. Suggest that this be disabled. */
1187 COMPLAIN("You have requested constrained socket buffers while also "
1188 "serving directory entries via DirPort. It is strongly "
1189 "suggested that you disable serving directory requests when "
1190 "system TCP buffer resources are scarce.");
1191 }
1192 }
1193
1194 return 0;
1195}
1196
1197/**
1198 * Legacy validation/normalization function for the relay testing options
1199 * in options. Uses old_options as the previous options.
1200 *
1201 * Returns 0 on success, returns -1 and sets *msg to a newly allocated string
1202 * on error.
1203 */
1204int
1206 or_options_t *options,
1207 char **msg)
1208{
1209 (void)old_options;
1210
1211 if (BUG(!options))
1212 return -1;
1213
1214 if (BUG(!msg))
1215 return -1;
1216
1217 if (options->SigningKeyLifetime < options->TestingSigningKeySlop*2)
1218 REJECT("SigningKeyLifetime is too short.");
1219 if (options->TestingLinkCertLifetime < options->TestingAuthKeySlop*2)
1220 REJECT("LinkCertLifetime is too short.");
1221 if (options->TestingAuthKeyLifetime < options->TestingLinkKeySlop*2)
1222 REJECT("TestingAuthKeyLifetime is too short.");
1223
1224 return 0;
1225}
1226
1227/** Return 1 if any change from <b>old_options</b> to <b>new_options</b>
1228 * will require us to rotate the CPU and DNS workers; else return 0. */
1229static int
1231 const or_options_t *new_options)
1232{
1233 YES_IF_CHANGED_STRING(DataDirectory);
1234 YES_IF_CHANGED_INT(NumCPUs);
1235 YES_IF_CHANGED_LINELIST(ORPort_lines);
1236 YES_IF_CHANGED_BOOL(ServerDNSSearchDomains);
1237 YES_IF_CHANGED_BOOL(SafeLogging_);
1238 YES_IF_CHANGED_BOOL(ClientOnly);
1239 YES_IF_CHANGED_BOOL(LogMessageDomains);
1240 YES_IF_CHANGED_LINELIST(Logs);
1241
1242 if (server_mode(old_options) != server_mode(new_options) ||
1243 public_server_mode(old_options) != public_server_mode(new_options) ||
1244 dir_server_mode(old_options) != dir_server_mode(new_options))
1245 return 1;
1246
1247 /* Nothing that changed matters. */
1248 return 0;
1249}
1250
1251/** Return 1 if any change from <b>old_options</b> to <b>new_options</b>
1252 * will require us to generate a new descriptor; else return 0. */
1253static int
1255 const or_options_t *new_options)
1256{
1257 /* XXX We can be smarter here. If your DirPort isn't being
1258 * published and you just turned it off, no need to republish. Etc. */
1259
1260 YES_IF_CHANGED_STRING(DataDirectory);
1261 YES_IF_CHANGED_STRING(Nickname);
1262 YES_IF_CHANGED_LINELIST(Address);
1263 YES_IF_CHANGED_LINELIST(ExitPolicy);
1264 YES_IF_CHANGED_BOOL(ExitRelay);
1265 YES_IF_CHANGED_BOOL(ExitPolicyRejectPrivate);
1266 YES_IF_CHANGED_BOOL(ExitPolicyRejectLocalInterfaces);
1267 YES_IF_CHANGED_BOOL(IPv6Exit);
1268 YES_IF_CHANGED_LINELIST(ORPort_lines);
1269 YES_IF_CHANGED_LINELIST(DirPort_lines);
1270 YES_IF_CHANGED_LINELIST(DirPort_lines);
1271 YES_IF_CHANGED_BOOL(ClientOnly);
1272 YES_IF_CHANGED_BOOL(DisableNetwork);
1273 YES_IF_CHANGED_BOOL(PublishServerDescriptor_);
1274 YES_IF_CHANGED_STRING(ContactInfo);
1275 YES_IF_CHANGED_STRING(BridgeDistribution);
1276 YES_IF_CHANGED_LINELIST(MyFamily);
1277 YES_IF_CHANGED_STRING(AccountingStart);
1278 YES_IF_CHANGED_INT(AccountingMax);
1279 YES_IF_CHANGED_INT(AccountingRule);
1280 YES_IF_CHANGED_BOOL(DirCache);
1281 YES_IF_CHANGED_BOOL(AssumeReachable);
1282
1283 if (relay_get_effective_bwrate(old_options) !=
1284 relay_get_effective_bwrate(new_options) ||
1285 relay_get_effective_bwburst(old_options) !=
1286 relay_get_effective_bwburst(new_options) ||
1287 public_server_mode(old_options) != public_server_mode(new_options))
1288 return 1;
1289
1290 return 0;
1291}
1292
1293/** Fetch the active option list, and take relay actions based on it. All of
1294 * the things we do should survive being done repeatedly. If present,
1295 * <b>old_options</b> contains the previous value of the options.
1296 *
1297 * Return 0 if all goes well, return -1 if it's time to die.
1298 *
1299 * Note: We haven't moved all the "act on new configuration" logic
1300 * into the options_act* functions yet. Some is still in do_hup() and other
1301 * places.
1302 */
1303int
1305{
1306 const or_options_t *options = get_options();
1307
1308 const int transition_affects_workers =
1309 old_options && options_transition_affects_workers(old_options, options);
1310
1311 /* We want to reinit keys as needed before we do much of anything else:
1312 keys are important, and other things can depend on them. */
1313 if (transition_affects_workers ||
1314 (authdir_mode_v3(options) && (!old_options ||
1315 !authdir_mode_v3(old_options)))) {
1316 if (init_keys() < 0) {
1317 log_warn(LD_BUG,"Error initializing keys; exiting");
1318 return -1;
1319 }
1320 }
1321
1322 if (server_mode(options)) {
1323 static int cdm_initialized = 0;
1324 if (cdm_initialized == 0) {
1325 cdm_initialized = 1;
1328 }
1329 }
1330
1331 /* Check for transitions that need action. */
1332 if (old_options) {
1333 if (transition_affects_workers) {
1334 log_info(LD_GENERAL,
1335 "Worker-related options changed. Rotating workers.");
1336 const int server_mode_turned_on =
1337 server_mode(options) && !server_mode(old_options);
1338
1339 if (server_mode_turned_on) {
1341 }
1343 }
1344 }
1345
1346 return 0;
1347}
1348
1349/** Fetch the active option list, and take relay accounting actions based on
1350 * it. All of the things we do should survive being done repeatedly. If
1351 * present, <b>old_options</b> contains the previous value of the options.
1352 *
1353 * Return 0 if all goes well, return -1 if it's time to die.
1354 *
1355 * Note: We haven't moved all the "act on new configuration" logic
1356 * into the options_act* functions yet. Some is still in do_hup() and other
1357 * places.
1358 */
1359int
1361{
1362 (void)old_options;
1363
1364 const or_options_t *options = get_options();
1365
1366 /* Set up accounting */
1367 if (accounting_parse_options(options, 0)<0) {
1368 // LCOV_EXCL_START
1369 log_warn(LD_BUG,"Error in previously validated accounting options");
1370 return -1;
1371 // LCOV_EXCL_STOP
1372 }
1373 if (accounting_is_enabled(options))
1374 configure_accounting(time(NULL));
1375
1376 return 0;
1377}
1378
1379/** Fetch the active option list, and take relay bandwidth actions based on
1380 * it. All of the things we do should survive being done repeatedly. If
1381 * present, <b>old_options</b> contains the previous value of the options.
1382 *
1383 * Return 0 if all goes well, return -1 if it's time to die.
1384 *
1385 * Note: We haven't moved all the "act on new configuration" logic
1386 * into the options_act* functions yet. Some is still in do_hup() and other
1387 * places.
1388 */
1389int
1391{
1392 const or_options_t *options = get_options();
1393
1394 /* Check for transitions that need action. */
1395 if (old_options) {
1396 if (options->PerConnBWRate != old_options->PerConnBWRate ||
1397 options->PerConnBWBurst != old_options->PerConnBWBurst)
1399
1400 if (options->RelayBandwidthRate != old_options->RelayBandwidthRate ||
1401 options->RelayBandwidthBurst != old_options->RelayBandwidthBurst)
1402 connection_bucket_adjust(options);
1403 }
1404
1405 return 0;
1406}
1407
1408/** Fetch the active option list, and take bridge statistics actions based on
1409 * it. All of the things we do should survive being done repeatedly. If
1410 * present, <b>old_options</b> contains the previous value of the options.
1411 *
1412 * Return 0 if all goes well, return -1 if it's time to die.
1413 *
1414 * Note: We haven't moved all the "act on new configuration" logic
1415 * into the options_act* functions yet. Some is still in do_hup() and other
1416 * places.
1417 */
1418int
1420{
1421 const or_options_t *options = get_options();
1422
1423/* How long should we delay counting bridge stats after becoming a bridge?
1424 * We use this so we don't count clients who used our bridge thinking it is
1425 * a relay. If you change this, don't forget to change the log message
1426 * below. It's 4 hours (the time it takes to stop being used by clients)
1427 * plus some extra time for clock skew. */
1428#define RELAY_BRIDGE_STATS_DELAY (6 * 60 * 60)
1429
1430 /* Check for transitions that need action. */
1431 if (old_options) {
1432 if (! bool_eq(options->BridgeRelay, old_options->BridgeRelay)) {
1433 int was_relay = 0;
1434 if (options->BridgeRelay) {
1435 time_t int_start = time(NULL);
1436 if (config_lines_eq(old_options->ORPort_lines,options->ORPort_lines)) {
1437 int_start += RELAY_BRIDGE_STATS_DELAY;
1438 was_relay = 1;
1439 }
1440 geoip_bridge_stats_init(int_start);
1441 log_info(LD_CONFIG, "We are acting as a bridge now. Starting new "
1442 "GeoIP stats interval%s.", was_relay ? " in 6 "
1443 "hours from now" : "");
1444 } else {
1446 log_info(LD_GENERAL, "We are no longer acting as a bridge. "
1447 "Forgetting GeoIP stats.");
1448 }
1449 }
1450 }
1451
1452 return 0;
1453}
1454
1455/** Fetch the active option list, and take relay statistics actions based on
1456 * it. All of the things we do should survive being done repeatedly. If
1457 * present, <b>old_options</b> contains the previous value of the options.
1458 *
1459 * Sets <b>*print_notice_out</b> if we enabled stats, and need to print
1460 * a stats log using options_act_relay_stats_msg().
1461 *
1462 * If loading the GeoIP file failed, sets DirReqStatistics and
1463 * EntryStatistics to 0. This breaks the normalization/act ordering
1464 * introduced in 29211.
1465 *
1466 * Return 0 if all goes well, return -1 if it's time to die.
1467 *
1468 * Note: We haven't moved all the "act on new configuration" logic
1469 * into the options_act* functions yet. Some is still in do_hup() and other
1470 * places.
1471 */
1472int
1474 bool *print_notice_out)
1475{
1476 if (BUG(!print_notice_out))
1477 return -1;
1478
1479 or_options_t *options = get_options_mutable();
1480
1481 if (options->CellStatistics || options->DirReqStatistics ||
1482 options->EntryStatistics || options->ExitPortStatistics ||
1483 options->ConnDirectionStatistics ||
1484 options->HiddenServiceStatistics) {
1485 time_t now = time(NULL);
1486 int print_notice = 0;
1487
1488 if ((!old_options || !old_options->CellStatistics) &&
1489 options->CellStatistics) {
1491 print_notice = 1;
1492 }
1493 if ((!old_options || !old_options->DirReqStatistics) &&
1494 options->DirReqStatistics) {
1495 if (geoip_is_loaded(AF_INET)) {
1497 print_notice = 1;
1498 } else {
1499 /* disable statistics collection since we have no geoip file */
1500 /* 29211: refactor to avoid the normalisation/act inversion */
1501 options->DirReqStatistics = 0;
1502 if (options->ORPort_set)
1503 log_notice(LD_CONFIG, "Configured to measure directory request "
1504 "statistics, but no GeoIP database found. "
1505 "Please specify a GeoIP database using the "
1506 "GeoIPFile option.");
1507 }
1508 }
1509 if ((!old_options || !old_options->EntryStatistics) &&
1510 options->EntryStatistics && !should_record_bridge_info(options)) {
1511 /* If we get here, we've started recording bridge info when we didn't
1512 * do so before. Note that "should_record_bridge_info()" will
1513 * always be false at this point, because of the earlier block
1514 * that cleared EntryStatistics when public_server_mode() was false.
1515 * We're leaving it in as defensive programming. */
1516 if (geoip_is_loaded(AF_INET) || geoip_is_loaded(AF_INET6)) {
1518 print_notice = 1;
1519 } else {
1520 options->EntryStatistics = 0;
1521 log_notice(LD_CONFIG, "Configured to measure entry node "
1522 "statistics, but no GeoIP database found. "
1523 "Please specify a GeoIP database using the "
1524 "GeoIPFile option.");
1525 }
1526 }
1527 if ((!old_options || !old_options->ExitPortStatistics) &&
1528 options->ExitPortStatistics) {
1530 print_notice = 1;
1531 }
1532 if ((!old_options || !old_options->ConnDirectionStatistics) &&
1533 options->ConnDirectionStatistics) {
1534 conn_stats_init(now);
1535 }
1536 if ((!old_options || !old_options->HiddenServiceStatistics) &&
1537 options->HiddenServiceStatistics) {
1538 log_info(LD_CONFIG, "Configured to measure hidden service statistics.");
1540 }
1541 if (print_notice)
1542 *print_notice_out = 1;
1543 }
1544
1545 /* If we used to have statistics enabled but we just disabled them,
1546 stop gathering them. */
1547 if (old_options && old_options->CellStatistics &&
1548 !options->CellStatistics)
1550 if (old_options && old_options->DirReqStatistics &&
1551 !options->DirReqStatistics)
1553 if (old_options && old_options->EntryStatistics &&
1554 !options->EntryStatistics)
1556 if (old_options && old_options->HiddenServiceStatistics &&
1557 !options->HiddenServiceStatistics)
1559 if (old_options && old_options->ExitPortStatistics &&
1560 !options->ExitPortStatistics)
1562 if (old_options && old_options->ConnDirectionStatistics &&
1563 !options->ConnDirectionStatistics)
1565
1566 return 0;
1567}
1568
1569/** Print a notice about relay/dirauth stats being enabled. */
1570void
1572{
1573 log_notice(LD_CONFIG, "Configured to measure statistics. Look for "
1574 "the *-stats files that will first be written to the "
1575 "data directory in 24 hours from now.");
1576}
1577
1578/** Fetch the active option list, and take relay descriptor actions based on
1579 * it. All of the things we do should survive being done repeatedly. If
1580 * present, <b>old_options</b> contains the previous value of the options.
1581 *
1582 * Return 0 if all goes well, return -1 if it's time to die.
1583 *
1584 * Note: We haven't moved all the "act on new configuration" logic
1585 * into the options_act* functions yet. Some is still in do_hup() and other
1586 * places.
1587 */
1588int
1590{
1591 const or_options_t *options = get_options();
1592
1593 /* Since our options changed, we might need to regenerate and upload our
1594 * server descriptor.
1595 */
1596 if (!old_options ||
1597 options_transition_affects_descriptor(old_options, options))
1598 mark_my_descriptor_dirty("config change");
1599
1600 return 0;
1601}
1602
1603/** Fetch the active option list, and take relay DoS actions based on
1604 * it. All of the things we do should survive being done repeatedly. If
1605 * present, <b>old_options</b> contains the previous value of the options.
1606 *
1607 * Return 0 if all goes well, return -1 if it's time to die.
1608 *
1609 * Note: We haven't moved all the "act on new configuration" logic
1610 * into the options_act* functions yet. Some is still in do_hup() and other
1611 * places.
1612 */
1613int
1615{
1616 const or_options_t *options = get_options();
1617
1618 /* DoS mitigation subsystem only applies to public relay. */
1619 if (public_server_mode(options)) {
1620 /* If we are configured as a relay, initialize the subsystem. Even on HUP,
1621 * this is safe to call as it will load data from the current options
1622 * or/and the consensus. */
1623 dos_init();
1624 } else if (old_options && public_server_mode(old_options)) {
1625 /* Going from relay to non relay, clean it up. */
1626 dos_free_all();
1627 }
1628
1629 return 0;
1630}
1631
1632/** Fetch the active option list, and take dirport actions based on
1633 * it. All of the things we do should survive being done repeatedly. If
1634 * present, <b>old_options</b> contains the previous value of the options.
1635 *
1636 * Return 0 if all goes well, return -1 if it's time to die.
1637 *
1638 * Note: We haven't moved all the "act on new configuration" logic
1639 * into the options_act* functions yet. Some is still in do_hup() and other
1640 * places.
1641 */
1642int
1644{
1645 (void)old_options;
1646
1647 const or_options_t *options = get_options();
1648
1649 if (!public_server_mode(options))
1650 return 0;
1651
1652 /* Load the webpage we're going to serve every time someone asks for '/' on
1653 our DirPort. */
1655 if (options->DirPortFrontPage) {
1657 read_file_to_str(options->DirPortFrontPage, 0, NULL);
1659 log_warn(LD_CONFIG,
1660 "DirPortFrontPage file '%s' not found. Continuing anyway.",
1661 options->DirPortFrontPage);
1662 }
1663 }
1664
1665 return 0;
1666}
const char * fmt_addrport(const tor_addr_t *addr, uint16_t port)
Definition: address.c:1199
#define fmt_and_decorate_addr(a)
Definition: address.h:243
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:187
#define tor_addr_eq(a, b)
Definition: address.h:280
Header file for directory authority mode.
#define ARRAY_LENGTH(x)
int config_ensure_bandwidth_cap(uint64_t *value, const char *desc, char **msg)
Definition: config.c:2987
or_options_t * get_options_mutable(void)
Definition: config.c:935
const char * name
Definition: config.c:2462
const or_options_t * get_options(void)
Definition: config.c:944
int port_count_real_listeners(const smartlist_t *ports, int listenertype, int count_sockets)
Definition: config.c:6534
int port_parse_config(smartlist_t *out, const config_line_t *ports, const char *portname, int listener_type, const char *defaultaddr, int defaultport, const unsigned flags)
Definition: config.c:6067
Header file for config.c.
int config_count_key(const config_line_t *a, const char *key)
Definition: confline.c:302
int config_lines_eq(const config_line_t *a, const config_line_t *b)
Definition: confline.c:287
Header for confline.c.
Header for confmgt.c.
void connection_bucket_adjust(const or_options_t *options)
Definition: connection.c:3861
Header file for connection.c.
#define CONN_TYPE_DIR_LISTENER
Definition: connection.h:53
#define CONN_TYPE_OR_LISTENER
Definition: connection.h:41
#define CONN_TYPE_EXT_OR_LISTENER
Definition: connection.h:73
void connection_or_update_token_buckets(smartlist_t *conns, const or_options_t *options)
Header file for connection_or.c.
void conn_stats_terminate(void)
Definition: connstats.c:136
void conn_stats_init(time_t now)
Definition: connstats.c:30
Header for feature/stats/connstats.c.
void consdiffmgr_configure(const consdiff_cfg_t *cfg)
Definition: consdiffmgr.c:844
int consdiffmgr_validate(void)
Definition: consdiffmgr.c:868
Header for consdiffmgr.c.
void cpuworkers_rotate_keyinfo(void)
Definition: cpuworker.c:243
Header file for cpuworker.c.
int tor_memeq(const void *a, const void *b, size_t sz)
Definition: di_ops.c:107
Header file for dns.c.
const char * escaped(const char *s)
Definition: escape.c:126
int geoip_is_loaded(sa_family_t family)
Definition: geoip.c:458
Header file for geoip.c.
Header file for geoip_stats.c.
void geoip_dirreq_stats_init(time_t now)
Definition: geoip_stats.c:920
void geoip_bridge_stats_init(time_t now)
Definition: geoip_stats.c:1066
void geoip_bridge_stats_term(void)
Definition: geoip_stats.c:1074
void geoip_entry_stats_init(time_t now)
Definition: geoip_stats.c:1321
void geoip_dirreq_stats_term(void)
Definition: geoip_stats.c:959
void geoip_entry_stats_term(void)
Definition: geoip_stats.c:1337
int should_record_bridge_info(const or_options_t *options)
Definition: geoip_stats.c:112
int accounting_parse_options(const or_options_t *options, int validate_only)
Definition: hibernate.c:190
void configure_accounting(time_t now)
Definition: hibernate.c:430
int accounting_is_enabled(const or_options_t *options)
Definition: hibernate.c:305
Header file for hibernate.c.
Header file containing service data for the HS subsystem.
#define LD_BUG
Definition: log.h:86
#define LD_GENERAL
Definition: log.h:62
#define LD_CONFIG
Definition: log.h:68
#define bool_eq(a, b)
Definition: logic.h:16
void ip_address_changed(int on_client_conn)
Definition: mainloop.c:2318
smartlist_t * get_connection_array(void)
Definition: mainloop.c:443
Header file for mainloop.c.
#define tor_free(p)
Definition: malloc.h:56
int get_total_system_memory(size_t *mem_out)
Definition: meminfo.c:129
Header for meminfo.c.
int is_legal_nickname(const char *s)
Definition: nickname.c:19
int is_legal_nickname_or_hexdigest(const char *s)
Definition: nickname.c:31
Header file for nickname.c.
Master header file for Tor-specific functionality.
#define CFG_AUTO_PORT
Definition: or.h:891
#define UNNAMED_ROUTER_NICKNAME
Definition: or.h:449
dirinfo_type_t
Definition: or.h:787
@ V3_DIRINFO
Definition: or.h:790
@ BRIDGE_DIRINFO
Definition: or.h:792
int policy_using_default_exit_options(const or_options_t *or_options)
Definition: policies.c:1142
Header file for policies.c.
Listener port configuration structure.
Header file for predict_ports.c.
int tor_asprintf(char **strp, const char *fmt,...)
Definition: printf.c:75
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
STATIC void remove_duplicate_orports(smartlist_t *ports)
Definition: relay_config.c:251
STATIC int check_bridge_distribution_setting(const char *bd)
Definition: relay_config.c:703
static char * global_dirfrontpagecontents
Definition: relay_config.c:52
static const char * describe_portnum(int port)
Definition: relay_config.c:143
int options_act_relay_bandwidth(const or_options_t *old_options)
int options_validate_relay_padding(const or_options_t *old_options, or_options_t *options, char **msg)
Definition: relay_config.c:796
int options_act_relay_stats(const or_options_t *old_options, bool *print_notice_out)
void port_update_port_set_relay(or_options_t *options, const smartlist_t *ports)
Definition: relay_config.c:532
int options_act_relay(const or_options_t *old_options)
int options_validate_relay_accounting(const or_options_t *old_options, or_options_t *options, char **msg)
Definition: relay_config.c:930
void relay_config_free_all(void)
Definition: relay_config.c:86
int options_validate_relay_bandwidth(const or_options_t *old_options, or_options_t *options, char **msg)
Definition: relay_config.c:838
static int options_transition_affects_descriptor(const or_options_t *old_options, const or_options_t *new_options)
int options_validate_relay_os(const or_options_t *old_options, or_options_t *options, char **msg)
Definition: relay_config.c:562
int options_act_relay_dir(const or_options_t *old_options)
static int check_and_prune_server_ports(smartlist_t *ports, const or_options_t *options, int *n_low_ports_out)
Definition: relay_config.c:339
static bool port_cfg_eq(const port_cfg_t *p1, const port_cfg_t *p2)
Definition: relay_config.c:197
void port_warn_nonlocal_ext_orports(const smartlist_t *ports, const char *portname)
Definition: relay_config.c:120
int port_parse_ports_relay(or_options_t *options, char **msg, smartlist_t *ports_out, int *have_low_ports_out)
Definition: relay_config.c:451
int options_act_relay_accounting(const or_options_t *old_options)
const char * relay_get_dirportfrontpage(void)
Definition: relay_config.c:77
STATIC const char * describe_relay_port(const port_cfg_t *port)
Definition: relay_config.c:157
static int normalize_nickname_list(config_line_t **normalized_out, const config_line_t *lst, const char *name, char **msg)
Definition: relay_config.c:986
void options_act_relay_stats_msg(void)
uint32_t relay_get_effective_bwrate(const or_options_t *options)
Definition: relay_config.c:94
static int compute_publishserverdescriptor(or_options_t *options)
Definition: relay_config.c:648
uint32_t relay_get_effective_bwburst(const or_options_t *options)
Definition: relay_config.c:108
int options_validate_relay_info(const or_options_t *old_options, or_options_t *options, char **msg)
Definition: relay_config.c:599
int options_validate_publish_server(const or_options_t *old_options, or_options_t *options, char **msg)
Definition: relay_config.c:739
int options_act_relay_dos(const or_options_t *old_options)
int options_act_relay_desc(const or_options_t *old_options)
int options_act_bridge_stats(const or_options_t *old_options)
int options_validate_relay_testing(const or_options_t *old_options, or_options_t *options, char **msg)
STATIC int have_enough_mem_for_dircache(const or_options_t *options, size_t total_mem, char **msg)
int options_validate_relay_mode(const or_options_t *old_options, or_options_t *options, char **msg)
static int options_transition_affects_workers(const or_options_t *old_options, const or_options_t *new_options)
Header for feature/relay/relay_config.c.
void rep_hist_buffer_stats_term(void)
Definition: rephist.c:1922
void rep_hist_hs_stats_term(void)
Definition: rephist.c:2656
void rep_hist_buffer_stats_init(time_t now)
Definition: rephist.c:1830
void rep_hist_exit_stats_init(time_t now)
Definition: rephist.c:1396
void rep_hist_hs_stats_init(time_t now)
Definition: rephist.c:2636
void rep_hist_exit_stats_term(void)
Definition: rephist.c:1417
Header file for rephist.c.
int init_keys(void)
Definition: router.c:991
void mark_my_descriptor_dirty(const char *reason)
Definition: router.c:2599
int public_server_mode(const or_options_t *options)
Definition: routermode.c:43
int dir_server_mode(const or_options_t *options)
Definition: routermode.c:23
int server_mode(const or_options_t *options)
Definition: routermode.c:34
Header file for routermode.c.
Header file for selftest.c.
int have_capability_support(void)
Definition: setuid.c:149
Header for setuid.c.
Header for smartlist.c.
void smartlist_add_all(smartlist_t *s1, const smartlist_t *s2)
smartlist_t * smartlist_new(void)
void smartlist_del_keeporder(smartlist_t *sl, int idx)
#define SMARTLIST_FOREACH_BEGIN(sl, type, var)
#define SMARTLIST_FOREACH(sl, type, var, cmd)
int smartlist_split_string(smartlist_t *sl, const char *str, const char *sep, int flags, int max)
struct smartlist_t * PublishServerDescriptor
int ExitPortStatistics
uint64_t MaxMemInQueues
int ReducedConnectionPadding
dirinfo_type_t PublishServerDescriptor_
struct config_line_t * MyFamily
uint64_t RelayBandwidthBurst
char * ContactInfo
int TestingLinkKeySlop
struct config_line_t * ORPort_lines
char * BridgeDistribution
struct config_line_t * ExtORPort_lines
uint64_t BandwidthRate
int TestingAuthKeyLifetime
uint64_t AccountingMax
struct config_line_t * MyFamily_lines
uint64_t PerConnBWBurst
char * Nickname
Definition: or_options_st.h:97
int HiddenServiceStatistics
int TestingLinkCertLifetime
int KeepBindCapabilities
int ConstrainedSockets
int SigningKeyLifetime
uint64_t RelayBandwidthRate
char * DirPortFrontPage
int TestingSigningKeySlop
uint64_t MaxAdvertisedBandwidth
int ReducedCircuitPadding
int ConnDirectionStatistics
char * AccountingRule_option
struct config_line_t * RendConfigLines
int TestingAuthKeySlop
uint64_t PerConnBWRate
struct config_line_t * DirPort_lines
uint64_t BandwidthBurst
char unix_addr[FLEXIBLE_ARRAY_MEMBER]
Definition: port_cfg_st.h:38
uint8_t type
Definition: port_cfg_st.h:23
unsigned is_unix_addr
Definition: port_cfg_st.h:24
entry_port_cfg_t entry_cfg
Definition: port_cfg_st.h:32
tor_addr_t addr
Definition: port_cfg_st.h:20
#define STATIC
Definition: testsupport.h:32
#define MOCK_IMPL(rv, funcname, arglist)
Definition: testsupport.h:133
const char * get_uname(void)
Definition: uname.c:67
Header for uname.c.
#define tor_assert(expr)
Definition: util_bug.h:103
#define IF_BUG_ONCE(cond)
Definition: util_bug.h:254
int strcmpstart(const char *s1, const char *s2)
Definition: util_string.c:217
int string_is_utf8(const char *str, size_t len)
Definition: util_string.c:518