diff options
53 files changed, 443 insertions, 313 deletions
diff --git a/src/or/circpathbias.c b/src/or/circpathbias.c index ff42bf91e4..f139c6d7e5 100644 --- a/src/or/circpathbias.c +++ b/src/or/circpathbias.c @@ -35,6 +35,8 @@ #include "networkstatus.h" #include "relay.h" +#include "origin_circuit_st.h" + static void pathbias_count_successful_close(origin_circuit_t *circ); static void pathbias_count_collapse(origin_circuit_t *circ); static void pathbias_count_use_failed(origin_circuit_t *circ); diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 883f930741..c5d1c65f59 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -66,6 +66,8 @@ #include "transports.h" #include "entry_connection_st.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" static channel_t * channel_connect_for_circuit(const tor_addr_t *addr, uint16_t port, diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 1a3f3a2290..7601bc6135 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -94,6 +94,8 @@ #include "dir_connection_st.h" #include "edge_connection_st.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" /********* START VARIABLES **********/ @@ -130,6 +132,31 @@ static int any_opened_circs_cached_val = 0; /********* END VARIABLES ************/ +or_circuit_t * +TO_OR_CIRCUIT(circuit_t *x) +{ + tor_assert(x->magic == OR_CIRCUIT_MAGIC); + return DOWNCAST(or_circuit_t, x); +} +const or_circuit_t * +CONST_TO_OR_CIRCUIT(const circuit_t *x) +{ + tor_assert(x->magic == OR_CIRCUIT_MAGIC); + return DOWNCAST(or_circuit_t, x); +} +origin_circuit_t * +TO_ORIGIN_CIRCUIT(circuit_t *x) +{ + tor_assert(x->magic == ORIGIN_CIRCUIT_MAGIC); + return DOWNCAST(origin_circuit_t, x); +} +const origin_circuit_t * +CONST_TO_ORIGIN_CIRCUIT(const circuit_t *x) +{ + tor_assert(x->magic == ORIGIN_CIRCUIT_MAGIC); + return DOWNCAST(origin_circuit_t, x); +} + /** A map from channel and circuit ID to circuit. (Lookup performance is * very important here, since we need to do it every time a cell arrives.) */ typedef struct chan_circid_circuit_map_t { diff --git a/src/or/circuitlist.h b/src/or/circuitlist.h index 246f0c8815..8eb6fefbfe 100644 --- a/src/or/circuitlist.h +++ b/src/or/circuitlist.h @@ -15,6 +15,15 @@ #include "testsupport.h" #include "hs_ident.h" +/** Convert a circuit_t* to a pointer to the enclosing or_circuit_t. Assert + * if the cast is impossible. */ +or_circuit_t *TO_OR_CIRCUIT(circuit_t *); +const or_circuit_t *CONST_TO_OR_CIRCUIT(const circuit_t *); +/** Convert a circuit_t* to a pointer to the enclosing origin_circuit_t. + * Assert if the cast is impossible. */ +origin_circuit_t *TO_ORIGIN_CIRCUIT(circuit_t *); +const origin_circuit_t *CONST_TO_ORIGIN_CIRCUIT(const circuit_t *); + MOCK_DECL(smartlist_t *, circuit_get_global_list, (void)); smartlist_t *circuit_get_global_origin_circuit_list(void); int circuit_any_opened_circuits(void); diff --git a/src/or/circuitmux.c b/src/or/circuitmux.c index f9f5faa057..5f7f002f41 100644 --- a/src/or/circuitmux.c +++ b/src/or/circuitmux.c @@ -75,6 +75,8 @@ #include "circuitmux.h" #include "relay.h" +#include "or_circuit_st.h" + /* * Private typedefs for circuitmux.c */ diff --git a/src/or/circuitstats.c b/src/or/circuitstats.c index 94f75c590f..bff553a02b 100644 --- a/src/or/circuitstats.c +++ b/src/or/circuitstats.c @@ -41,6 +41,8 @@ #include "circuitlist.h" #include "circuituse.h" +#include "origin_circuit_st.h" + #undef log #include <math.h> diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 45eeff4332..3a18c34038 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -59,6 +59,8 @@ #include "dir_connection_st.h" #include "entry_connection_st.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" static void circuit_expire_old_circuits_clientside(void); static void circuit_increment_failure_count(void); diff --git a/src/or/command.c b/src/or/command.c index 39950f41bf..148578a26b 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -56,6 +56,9 @@ #include "router.h" #include "routerlist.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" + /** How many CELL_CREATE cells have we received, ever? */ uint64_t stats_n_create_cells_processed = 0; /** How many CELL_CREATED cells have we received, ever? */ diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 1ba61609bc..b972724a80 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -99,6 +99,8 @@ #include "dir_connection_st.h" #include "entry_connection_st.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" #ifdef HAVE_LINUX_TYPES_H #include <linux/types.h> diff --git a/src/or/control.c b/src/or/control.c index 45914f0c17..1837788019 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -84,6 +84,8 @@ #include "control_connection_st.h" #include "entry_connection_st.h" #include "or_connection_st.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" #ifndef _WIN32 #include <pwd.h> diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c index 15ef6869cf..ad66268c3a 100644 --- a/src/or/cpuworker.c +++ b/src/or/cpuworker.c @@ -32,6 +32,8 @@ #include "router.h" #include "workqueue.h" +#include "or_circuit_st.h" + static void queue_pending_tasks(void); typedef struct worker_state_s { diff --git a/src/or/directory.h b/src/or/directory.h index e94c02b6c5..8823de4d9a 100644 --- a/src/or/directory.h +++ b/src/or/directory.h @@ -61,6 +61,7 @@ void directory_request_set_dir_addr_port(directory_request_t *req, const tor_addr_port_t *p); void directory_request_set_directory_id_digest(directory_request_t *req, const char *digest); +struct circuit_guard_state_t; void directory_request_set_guard_state(directory_request_t *req, struct circuit_guard_state_t *state); void directory_request_set_router_purpose(directory_request_t *req, diff --git a/src/or/dns.c b/src/or/dns.c index 422751553d..defc86bc93 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -66,6 +66,7 @@ #include "sandbox.h" #include "edge_connection_st.h" +#include "or_circuit_st.h" #include <event2/event.h> #include <event2/dns.h> diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index 27d760f1a8..8aac07451c 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -139,6 +139,8 @@ #include "transports.h" #include "statefile.h" +#include "origin_circuit_st.h" + /** A list of existing guard selection contexts. */ static smartlist_t *guard_contexts = NULL; /** The currently enabled guard selection context. */ diff --git a/src/or/hs_cell.c b/src/or/hs_cell.c index 03273a44f9..f5ed3df571 100644 --- a/src/or/hs_cell.c +++ b/src/or/hs_cell.c @@ -16,6 +16,8 @@ #include "hs_cell.h" #include "hs_ntor.h" +#include "origin_circuit_st.h" + /* Trunnel. */ #include "ed25519_cert.h" #include "hs/cell_common.h" diff --git a/src/or/hs_circuit.c b/src/or/hs_circuit.c index a35d2af8ba..189ebdc1b9 100644 --- a/src/or/hs_circuit.c +++ b/src/or/hs_circuit.c @@ -33,6 +33,8 @@ #include "hs/cell_common.h" #include "hs/cell_establish_intro.h" +#include "origin_circuit_st.h" + /* A circuit is about to become an e2e rendezvous circuit. Check * <b>circ_purpose</b> and ensure that it's properly set. Return true iff * circuit purpose is properly set, otherwise return false. */ diff --git a/src/or/hs_circuitmap.c b/src/or/hs_circuitmap.c index 112c8bdced..fd0a01f8ba 100644 --- a/src/or/hs_circuitmap.c +++ b/src/or/hs_circuitmap.c @@ -18,6 +18,9 @@ #include "circuitlist.h" #include "hs_circuitmap.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" + /************************** HS circuitmap code *******************************/ /* This is the hidden service circuitmap. It's a hash table that maps diff --git a/src/or/hs_client.c b/src/or/hs_client.c index ff84296d04..c4db60e527 100644 --- a/src/or/hs_client.c +++ b/src/or/hs_client.c @@ -37,6 +37,7 @@ #include "dir_connection_st.h" #include "entry_connection_st.h" +#include "origin_circuit_st.h" /* Return a human-readable string for the client fetch status code. */ static const char * diff --git a/src/or/hs_common.c b/src/or/hs_common.c index 33c09b53fe..afe80467aa 100644 --- a/src/or/hs_common.c +++ b/src/or/hs_common.c @@ -34,6 +34,7 @@ #include "dirauth/shared_random_state.h" #include "edge_connection_st.h" +#include "origin_circuit_st.h" /* Trunnel */ #include "ed25519_cert.h" diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c index 3274e8e9c0..58416fbe93 100644 --- a/src/or/hs_intropoint.c +++ b/src/or/hs_intropoint.c @@ -27,6 +27,8 @@ #include "hs_intropoint.h" #include "hs_common.h" +#include "or_circuit_st.h" + /** Extract the authentication key from an ESTABLISH_INTRO or INTRODUCE1 using * the given <b>cell_type</b> from <b>cell</b> and place it in * <b>auth_key_out</b>. */ diff --git a/src/or/hs_service.c b/src/or/hs_service.c index 9f12484ebe..6c2c167347 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -41,6 +41,7 @@ #include "dir_connection_st.h" #include "edge_connection_st.h" +#include "origin_circuit_st.h" /* Trunnel */ #include "ed25519_cert.h" diff --git a/src/or/include.am b/src/or/include.am index de263e9b8c..eb8b52e93c 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -250,9 +250,11 @@ ORHEADERS = \ src/or/onion_ntor.h \ src/or/onion_tap.h \ src/or/or.h \ + src/or/or_circuit_st.h \ src/or/or_connection_st.h \ src/or/or_handshake_certs_st.h \ src/or/or_handshake_state_st.h \ + src/or/origin_circuit_st.h \ src/or/transports.h \ src/or/parsecommon.h \ src/or/periodic.h \ diff --git a/src/or/onion.c b/src/or/onion.c index 829be12bae..813ad265ee 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -77,6 +77,8 @@ #include "rephist.h" #include "router.h" +#include "or_circuit_st.h" + // trunnel #include "ed25519_cert.h" diff --git a/src/or/or.h b/src/or/or.h index c3506d3ffd..61987d8254 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2561,6 +2561,9 @@ typedef struct circuit_t { HT_ENTRY(circuit_t) hs_circuitmap_node; } circuit_t; +typedef struct origin_circuit_t origin_circuit_t; +typedef struct or_circuit_t or_circuit_t; + /** Largest number of relay_early cells that we can send on a given * circuit. */ #define MAX_RELAY_EARLY_CELLS_PER_CIRCUIT 8 @@ -2622,288 +2625,6 @@ typedef enum { } path_state_t; #define path_state_bitfield_t ENUM_BF(path_state_t) -/** An origin_circuit_t holds data necessary to build and use a circuit. - */ -typedef struct origin_circuit_t { - circuit_t base_; - - /** Linked list of AP streams (or EXIT streams if hidden service) - * associated with this circuit. */ - edge_connection_t *p_streams; - - /** Bytes read on this circuit since last call to - * control_event_circ_bandwidth_used(). Only used if we're configured - * to emit CIRC_BW events. */ - uint32_t n_read_circ_bw; - - /** Bytes written to on this circuit since last call to - * control_event_circ_bandwidth_used(). Only used if we're configured - * to emit CIRC_BW events. */ - uint32_t n_written_circ_bw; - - /** Total known-valid relay cell bytes since last call to - * control_event_circ_bandwidth_used(). Only used if we're configured - * to emit CIRC_BW events. */ - uint32_t n_delivered_read_circ_bw; - - /** Total written relay cell bytes since last call to - * control_event_circ_bandwidth_used(). Only used if we're configured - * to emit CIRC_BW events. */ - uint32_t n_delivered_written_circ_bw; - - /** Total overhead data in all known-valid relay data cells since last - * call to control_event_circ_bandwidth_used(). Only used if we're - * configured to emit CIRC_BW events. */ - uint32_t n_overhead_read_circ_bw; - - /** Total written overhead data in all relay data cells since last call to - * control_event_circ_bandwidth_used(). Only used if we're configured - * to emit CIRC_BW events. */ - uint32_t n_overhead_written_circ_bw; - - /** Build state for this circuit. It includes the intended path - * length, the chosen exit router, rendezvous information, etc. - */ - cpath_build_state_t *build_state; - /** The doubly-linked list of crypt_path_t entries, one per hop, - * for this circuit. This includes ciphers for each hop, - * integrity-checking digests for each hop, and package/delivery - * windows for each hop. - */ - crypt_path_t *cpath; - - /** Holds all rendezvous data on either client or service side. */ - rend_data_t *rend_data; - - /** Holds hidden service identifier on either client or service side. This - * is for both introduction and rendezvous circuit. */ - struct hs_ident_circuit_t *hs_ident; - - /** Holds the data that the entry guard system uses to track the - * status of the guard this circuit is using, and thereby to determine - * whether this circuit can be used. */ - struct circuit_guard_state_t *guard_state; - - /** Index into global_origin_circuit_list for this circuit. -1 if not - * present. */ - int global_origin_circuit_list_idx; - - /** How many more relay_early cells can we send on this circuit, according - * to the specification? */ - unsigned int remaining_relay_early_cells : 4; - - /** Set if this circuit is insanely old and we already informed the user */ - unsigned int is_ancient : 1; - - /** Set if this circuit has already been opened. Used to detect - * cannibalized circuits. */ - unsigned int has_opened : 1; - - /** - * Path bias state machine. Used to ensure integrity of our - * circuit building and usage accounting. See path_state_t - * for more details. - */ - path_state_bitfield_t path_state : 3; - - /* If this flag is set, we should not consider attaching any more - * connections to this circuit. */ - unsigned int unusable_for_new_conns : 1; - - /** - * Tristate variable to guard against pathbias miscounting - * due to circuit purpose transitions changing the decision - * of pathbias_should_count(). This variable is informational - * only. The current results of pathbias_should_count() are - * the official decision for pathbias accounting. - */ - uint8_t pathbias_shouldcount; -#define PATHBIAS_SHOULDCOUNT_UNDECIDED 0 -#define PATHBIAS_SHOULDCOUNT_IGNORED 1 -#define PATHBIAS_SHOULDCOUNT_COUNTED 2 - - /** For path probing. Store the temporary probe stream ID - * for response comparison */ - streamid_t pathbias_probe_id; - - /** For path probing. Store the temporary probe address nonce - * (in host byte order) for response comparison. */ - uint32_t pathbias_probe_nonce; - - /** Set iff this is a hidden-service circuit which has timed out - * according to our current circuit-build timeout, but which has - * been kept around because it might still succeed in connecting to - * its destination, and which is not a fully-connected rendezvous - * circuit. - * - * (We clear this flag for client-side rendezvous circuits when they - * are 'joined' to the other side's rendezvous circuit, so that - * connection_ap_handshake_attach_circuit can put client streams on - * the circuit. We also clear this flag for service-side rendezvous - * circuits when they are 'joined' to a client's rend circ, but only - * for symmetry with the client case. Client-side introduction - * circuits are closed when we get a joined rend circ, and - * service-side introduction circuits never have this flag set.) */ - unsigned int hs_circ_has_timed_out : 1; - - /** Set iff this circuit has been given a relaxed timeout because - * no circuits have opened. Used to prevent spamming logs. */ - unsigned int relaxed_timeout : 1; - - /** Set iff this is a service-side rendezvous circuit for which a - * new connection attempt has been launched. We consider launching - * a new service-side rend circ to a client when the previous one - * fails; now that we don't necessarily close a service-side rend - * circ when we launch a new one to the same client, this flag keeps - * us from launching two retries for the same failed rend circ. */ - unsigned int hs_service_side_rend_circ_has_been_relaunched : 1; - - /** What commands were sent over this circuit that decremented the - * RELAY_EARLY counter? This is for debugging task 878. */ - uint8_t relay_early_commands[MAX_RELAY_EARLY_CELLS_PER_CIRCUIT]; - - /** How many RELAY_EARLY cells have been sent over this circuit? This is - * for debugging task 878, too. */ - int relay_early_cells_sent; - - /** The next stream_id that will be tried when we're attempting to - * construct a new AP stream originating at this circuit. */ - streamid_t next_stream_id; - - /* The intro key replaces the hidden service's public key if purpose is - * S_ESTABLISH_INTRO or S_INTRO, provided that no unversioned rendezvous - * descriptor is used. */ - crypto_pk_t *intro_key; - - /** Quasi-global identifier for this circuit; used for control.c */ - /* XXXX NM This can get re-used after 2**32 circuits. */ - uint32_t global_identifier; - - /** True if we have associated one stream to this circuit, thereby setting - * the isolation parameters for this circuit. Note that this doesn't - * necessarily mean that we've <em>attached</em> any streams to the circuit: - * we may only have marked up this circuit during the launch process. - */ - unsigned int isolation_values_set : 1; - /** True iff any stream has <em>ever</em> been attached to this circuit. - * - * In a better world we could use timestamp_dirty for this, but - * timestamp_dirty is far too overloaded at the moment. - */ - unsigned int isolation_any_streams_attached : 1; - - /** A bitfield of ISO_* flags for every isolation field such that this - * circuit has had streams with more than one value for that field - * attached to it. */ - uint8_t isolation_flags_mixed; - - /** @name Isolation parameters - * - * If any streams have been associated with this circ (isolation_values_set - * == 1), and all streams associated with the circuit have had the same - * value for some field ((isolation_flags_mixed & ISO_FOO) == 0), then these - * elements hold the value for that field. - * - * Note again that "associated" is not the same as "attached": we - * preliminarily associate streams with a circuit while the circuit is being - * launched, so that we can tell whether we need to launch more circuits. - * - * @{ - */ - uint8_t client_proto_type; - uint8_t client_proto_socksver; - uint16_t dest_port; - tor_addr_t client_addr; - char *dest_address; - int session_group; - unsigned nym_epoch; - size_t socks_username_len; - uint8_t socks_password_len; - /* Note that the next two values are NOT NUL-terminated; see - socks_username_len and socks_password_len for their lengths. */ - char *socks_username; - char *socks_password; - /** Global identifier for the first stream attached here; used by - * ISO_STREAM. */ - uint64_t associated_isolated_stream_global_id; - /**@}*/ - /** A list of addr_policy_t for this circuit in particular. Used by - * adjust_exit_policy_from_exitpolicy_failure. - */ - smartlist_t *prepend_policy; - - /** How long do we wait before closing this circuit if it remains - * completely idle after it was built, in seconds? This value - * is randomized on a per-circuit basis from CircuitsAvailableTimoeut - * to 2*CircuitsAvailableTimoeut. */ - int circuit_idle_timeout; - -} origin_circuit_t; - -struct onion_queue_t; - -/** An or_circuit_t holds information needed to implement a circuit at an - * OR. */ -typedef struct or_circuit_t { - circuit_t base_; - - /** Pointer to an entry on the onion queue, if this circuit is waiting for a - * chance to give an onionskin to a cpuworker. Used only in onion.c */ - struct onion_queue_t *onionqueue_entry; - /** Pointer to a workqueue entry, if this circuit has given an onionskin to - * a cpuworker and is waiting for a response. Used to decide whether it is - * safe to free a circuit or if it is still in use by a cpuworker. */ - struct workqueue_entry_s *workqueue_entry; - - /** The circuit_id used in the previous (backward) hop of this circuit. */ - circid_t p_circ_id; - /** Queue of cells waiting to be transmitted on p_conn. */ - cell_queue_t p_chan_cells; - /** The channel that is previous in this circuit. */ - channel_t *p_chan; - /** - * Circuit mux associated with p_chan to which this circuit is attached; - * NULL if we have no p_chan. - */ - circuitmux_t *p_mux; - /** Linked list of Exit streams associated with this circuit. */ - edge_connection_t *n_streams; - /** Linked list of Exit streams associated with this circuit that are - * still being resolved. */ - edge_connection_t *resolving_streams; - - /** Cryptographic state used for encrypting and authenticating relay - * cells to and from this hop. */ - relay_crypto_t crypto; - - /** Points to spliced circuit if purpose is REND_ESTABLISHED, and circuit - * is not marked for close. */ - struct or_circuit_t *rend_splice; - - /** Stores KH for the handshake. */ - char rend_circ_nonce[DIGEST_LEN];/* KH in tor-spec.txt */ - - /** How many more relay_early cells can we send on this circuit, according - * to the specification? */ - unsigned int remaining_relay_early_cells : 4; - - /* We have already received an INTRODUCE1 cell on this circuit. */ - unsigned int already_received_introduce1 : 1; - - /** If set, this circuit carries HS traffic. Consider it in any HS - * statistics. */ - unsigned int circuit_carries_hs_traffic_stats : 1; - - /** Number of cells that were removed from circuit queue; reset every - * time when writing buffer stats to disk. */ - uint32_t processed_cells; - - /** Total time in milliseconds that cells spent in both app-ward and - * exit-ward queues of this circuit; reset every time when writing - * buffer stats to disk. */ - uint64_t total_cell_waiting_time; -} or_circuit_t; - #if REND_COOKIE_LEN != DIGEST_LEN #error "The REND_TOKEN_LEN macro assumes REND_COOKIE_LEN == DIGEST_LEN" #endif @@ -2912,15 +2633,6 @@ typedef struct or_circuit_t { /** Convert a circuit subtype to a circuit_t. */ #define TO_CIRCUIT(x) (&((x)->base_)) -/** Convert a circuit_t* to a pointer to the enclosing or_circuit_t. Assert - * if the cast is impossible. */ -static or_circuit_t *TO_OR_CIRCUIT(circuit_t *); -static const or_circuit_t *CONST_TO_OR_CIRCUIT(const circuit_t *); -/** Convert a circuit_t* to a pointer to the enclosing origin_circuit_t. - * Assert if the cast is impossible. */ -static origin_circuit_t *TO_ORIGIN_CIRCUIT(circuit_t *); -static const origin_circuit_t *CONST_TO_ORIGIN_CIRCUIT(const circuit_t *); - /** Return 1 iff <b>node</b> has Exit flag and no BadExit flag. * Otherwise, return 0. */ @@ -2929,28 +2641,6 @@ static inline int node_is_good_exit(const node_t *node) return node->is_exit && ! node->is_bad_exit; } -static inline or_circuit_t *TO_OR_CIRCUIT(circuit_t *x) -{ - tor_assert(x->magic == OR_CIRCUIT_MAGIC); - return DOWNCAST(or_circuit_t, x); -} -static inline const or_circuit_t *CONST_TO_OR_CIRCUIT(const circuit_t *x) -{ - tor_assert(x->magic == OR_CIRCUIT_MAGIC); - return DOWNCAST(or_circuit_t, x); -} -static inline origin_circuit_t *TO_ORIGIN_CIRCUIT(circuit_t *x) -{ - tor_assert(x->magic == ORIGIN_CIRCUIT_MAGIC); - return DOWNCAST(origin_circuit_t, x); -} -static inline const origin_circuit_t *CONST_TO_ORIGIN_CIRCUIT( - const circuit_t *x) -{ - tor_assert(x->magic == ORIGIN_CIRCUIT_MAGIC); - return DOWNCAST(origin_circuit_t, x); -} - /* limits for TCP send and recv buffer size used for constrained sockets */ #define MIN_CONSTRAINED_TCP_BUFFER 2048 #define MAX_CONSTRAINED_TCP_BUFFER 262144 /* 256k */ diff --git a/src/or/or_circuit_st.h b/src/or/or_circuit_st.h new file mode 100644 index 0000000000..19c39f8e67 --- /dev/null +++ b/src/or/or_circuit_st.h @@ -0,0 +1,77 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef OR_CIRCUIT_ST_H +#define OR_CIRCUIT_ST_H + +#include "or.h" + +struct onion_queue_t; + +/** An or_circuit_t holds information needed to implement a circuit at an + * OR. */ +struct or_circuit_t { + circuit_t base_; + + /** Pointer to an entry on the onion queue, if this circuit is waiting for a + * chance to give an onionskin to a cpuworker. Used only in onion.c */ + struct onion_queue_t *onionqueue_entry; + /** Pointer to a workqueue entry, if this circuit has given an onionskin to + * a cpuworker and is waiting for a response. Used to decide whether it is + * safe to free a circuit or if it is still in use by a cpuworker. */ + struct workqueue_entry_s *workqueue_entry; + + /** The circuit_id used in the previous (backward) hop of this circuit. */ + circid_t p_circ_id; + /** Queue of cells waiting to be transmitted on p_conn. */ + cell_queue_t p_chan_cells; + /** The channel that is previous in this circuit. */ + channel_t *p_chan; + /** + * Circuit mux associated with p_chan to which this circuit is attached; + * NULL if we have no p_chan. + */ + circuitmux_t *p_mux; + /** Linked list of Exit streams associated with this circuit. */ + edge_connection_t *n_streams; + /** Linked list of Exit streams associated with this circuit that are + * still being resolved. */ + edge_connection_t *resolving_streams; + + /** Cryptographic state used for encrypting and authenticating relay + * cells to and from this hop. */ + relay_crypto_t crypto; + + /** Points to spliced circuit if purpose is REND_ESTABLISHED, and circuit + * is not marked for close. */ + struct or_circuit_t *rend_splice; + + /** Stores KH for the handshake. */ + char rend_circ_nonce[DIGEST_LEN];/* KH in tor-spec.txt */ + + /** How many more relay_early cells can we send on this circuit, according + * to the specification? */ + unsigned int remaining_relay_early_cells : 4; + + /* We have already received an INTRODUCE1 cell on this circuit. */ + unsigned int already_received_introduce1 : 1; + + /** If set, this circuit carries HS traffic. Consider it in any HS + * statistics. */ + unsigned int circuit_carries_hs_traffic_stats : 1; + + /** Number of cells that were removed from circuit queue; reset every + * time when writing buffer stats to disk. */ + uint32_t processed_cells; + + /** Total time in milliseconds that cells spent in both app-ward and + * exit-ward queues of this circuit; reset every time when writing + * buffer stats to disk. */ + uint64_t total_cell_waiting_time; +}; + +#endif + diff --git a/src/or/origin_circuit_st.h b/src/or/origin_circuit_st.h new file mode 100644 index 0000000000..e995776c20 --- /dev/null +++ b/src/or/origin_circuit_st.h @@ -0,0 +1,233 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef ORIGIN_CIRCUIT_ST_H +#define ORIGIN_CIRCUIT_ST_H + +#include "or.h" + +struct onion_queue_t; + +/** An origin_circuit_t holds data necessary to build and use a circuit. + */ +struct origin_circuit_t { + circuit_t base_; + + /** Linked list of AP streams (or EXIT streams if hidden service) + * associated with this circuit. */ + edge_connection_t *p_streams; + + /** Bytes read on this circuit since last call to + * control_event_circ_bandwidth_used(). Only used if we're configured + * to emit CIRC_BW events. */ + uint32_t n_read_circ_bw; + + /** Bytes written to on this circuit since last call to + * control_event_circ_bandwidth_used(). Only used if we're configured + * to emit CIRC_BW events. */ + uint32_t n_written_circ_bw; + + /** Total known-valid relay cell bytes since last call to + * control_event_circ_bandwidth_used(). Only used if we're configured + * to emit CIRC_BW events. */ + uint32_t n_delivered_read_circ_bw; + + /** Total written relay cell bytes since last call to + * control_event_circ_bandwidth_used(). Only used if we're configured + * to emit CIRC_BW events. */ + uint32_t n_delivered_written_circ_bw; + + /** Total overhead data in all known-valid relay data cells since last + * call to control_event_circ_bandwidth_used(). Only used if we're + * configured to emit CIRC_BW events. */ + uint32_t n_overhead_read_circ_bw; + + /** Total written overhead data in all relay data cells since last call to + * control_event_circ_bandwidth_used(). Only used if we're configured + * to emit CIRC_BW events. */ + uint32_t n_overhead_written_circ_bw; + + /** Build state for this circuit. It includes the intended path + * length, the chosen exit router, rendezvous information, etc. + */ + cpath_build_state_t *build_state; + /** The doubly-linked list of crypt_path_t entries, one per hop, + * for this circuit. This includes ciphers for each hop, + * integrity-checking digests for each hop, and package/delivery + * windows for each hop. + */ + crypt_path_t *cpath; + + /** Holds all rendezvous data on either client or service side. */ + rend_data_t *rend_data; + + /** Holds hidden service identifier on either client or service side. This + * is for both introduction and rendezvous circuit. */ + struct hs_ident_circuit_t *hs_ident; + + /** Holds the data that the entry guard system uses to track the + * status of the guard this circuit is using, and thereby to determine + * whether this circuit can be used. */ + struct circuit_guard_state_t *guard_state; + + /** Index into global_origin_circuit_list for this circuit. -1 if not + * present. */ + int global_origin_circuit_list_idx; + + /** How many more relay_early cells can we send on this circuit, according + * to the specification? */ + unsigned int remaining_relay_early_cells : 4; + + /** Set if this circuit is insanely old and we already informed the user */ + unsigned int is_ancient : 1; + + /** Set if this circuit has already been opened. Used to detect + * cannibalized circuits. */ + unsigned int has_opened : 1; + + /** + * Path bias state machine. Used to ensure integrity of our + * circuit building and usage accounting. See path_state_t + * for more details. + */ + path_state_bitfield_t path_state : 3; + + /* If this flag is set, we should not consider attaching any more + * connections to this circuit. */ + unsigned int unusable_for_new_conns : 1; + + /** + * Tristate variable to guard against pathbias miscounting + * due to circuit purpose transitions changing the decision + * of pathbias_should_count(). This variable is informational + * only. The current results of pathbias_should_count() are + * the official decision for pathbias accounting. + */ + uint8_t pathbias_shouldcount; +#define PATHBIAS_SHOULDCOUNT_UNDECIDED 0 +#define PATHBIAS_SHOULDCOUNT_IGNORED 1 +#define PATHBIAS_SHOULDCOUNT_COUNTED 2 + + /** For path probing. Store the temporary probe stream ID + * for response comparison */ + streamid_t pathbias_probe_id; + + /** For path probing. Store the temporary probe address nonce + * (in host byte order) for response comparison. */ + uint32_t pathbias_probe_nonce; + + /** Set iff this is a hidden-service circuit which has timed out + * according to our current circuit-build timeout, but which has + * been kept around because it might still succeed in connecting to + * its destination, and which is not a fully-connected rendezvous + * circuit. + * + * (We clear this flag for client-side rendezvous circuits when they + * are 'joined' to the other side's rendezvous circuit, so that + * connection_ap_handshake_attach_circuit can put client streams on + * the circuit. We also clear this flag for service-side rendezvous + * circuits when they are 'joined' to a client's rend circ, but only + * for symmetry with the client case. Client-side introduction + * circuits are closed when we get a joined rend circ, and + * service-side introduction circuits never have this flag set.) */ + unsigned int hs_circ_has_timed_out : 1; + + /** Set iff this circuit has been given a relaxed timeout because + * no circuits have opened. Used to prevent spamming logs. */ + unsigned int relaxed_timeout : 1; + + /** Set iff this is a service-side rendezvous circuit for which a + * new connection attempt has been launched. We consider launching + * a new service-side rend circ to a client when the previous one + * fails; now that we don't necessarily close a service-side rend + * circ when we launch a new one to the same client, this flag keeps + * us from launching two retries for the same failed rend circ. */ + unsigned int hs_service_side_rend_circ_has_been_relaunched : 1; + + /** What commands were sent over this circuit that decremented the + * RELAY_EARLY counter? This is for debugging task 878. */ + uint8_t relay_early_commands[MAX_RELAY_EARLY_CELLS_PER_CIRCUIT]; + + /** How many RELAY_EARLY cells have been sent over this circuit? This is + * for debugging task 878, too. */ + int relay_early_cells_sent; + + /** The next stream_id that will be tried when we're attempting to + * construct a new AP stream originating at this circuit. */ + streamid_t next_stream_id; + + /* The intro key replaces the hidden service's public key if purpose is + * S_ESTABLISH_INTRO or S_INTRO, provided that no unversioned rendezvous + * descriptor is used. */ + crypto_pk_t *intro_key; + + /** Quasi-global identifier for this circuit; used for control.c */ + /* XXXX NM This can get re-used after 2**32 circuits. */ + uint32_t global_identifier; + + /** True if we have associated one stream to this circuit, thereby setting + * the isolation parameters for this circuit. Note that this doesn't + * necessarily mean that we've <em>attached</em> any streams to the circuit: + * we may only have marked up this circuit during the launch process. + */ + unsigned int isolation_values_set : 1; + /** True iff any stream has <em>ever</em> been attached to this circuit. + * + * In a better world we could use timestamp_dirty for this, but + * timestamp_dirty is far too overloaded at the moment. + */ + unsigned int isolation_any_streams_attached : 1; + + /** A bitfield of ISO_* flags for every isolation field such that this + * circuit has had streams with more than one value for that field + * attached to it. */ + uint8_t isolation_flags_mixed; + + /** @name Isolation parameters + * + * If any streams have been associated with this circ (isolation_values_set + * == 1), and all streams associated with the circuit have had the same + * value for some field ((isolation_flags_mixed & ISO_FOO) == 0), then these + * elements hold the value for that field. + * + * Note again that "associated" is not the same as "attached": we + * preliminarily associate streams with a circuit while the circuit is being + * launched, so that we can tell whether we need to launch more circuits. + * + * @{ + */ + uint8_t client_proto_type; + uint8_t client_proto_socksver; + uint16_t dest_port; + tor_addr_t client_addr; + char *dest_address; + int session_group; + unsigned nym_epoch; + size_t socks_username_len; + uint8_t socks_password_len; + /* Note that the next two values are NOT NUL-terminated; see + socks_username_len and socks_password_len for their lengths. */ + char *socks_username; + char *socks_password; + /** Global identifier for the first stream attached here; used by + * ISO_STREAM. */ + uint64_t associated_isolated_stream_global_id; + /**@}*/ + /** A list of addr_policy_t for this circuit in particular. Used by + * adjust_exit_policy_from_exitpolicy_failure. + */ + smartlist_t *prepend_policy; + + /** How long do we wait before closing this circuit if it remains + * completely idle after it was built, in seconds? This value + * is randomized on a per-circuit basis from CircuitsAvailableTimoeut + * to 2*CircuitsAvailableTimoeut. */ + int circuit_idle_timeout; + +}; + +#endif + diff --git a/src/or/relay.c b/src/or/relay.c index dca31498f1..55c2abd121 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -84,6 +84,8 @@ #include "dir_connection_st.h" #include "entry_connection_st.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" static edge_connection_t *relay_lookup_conn(circuit_t *circ, cell_t *cell, cell_direction_t cell_direction, diff --git a/src/or/relay_crypto.c b/src/or/relay_crypto.c index 530c8e5828..7603d3b4e1 100644 --- a/src/or/relay_crypto.c +++ b/src/or/relay_crypto.c @@ -5,12 +5,16 @@ /* See LICENSE for licensing information */ #include "or.h" +#include "circuitlist.h" #include "config.h" #include "crypto_util.h" #include "hs_ntor.h" // for HS_NTOR_KEY_EXPANSION_KDF_OUT_LEN #include "relay.h" #include "relay_crypto.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" + /** Update digest from the payload of cell. Assign integrity part to * cell. */ diff --git a/src/or/rendclient.c b/src/or/rendclient.c index c46b8c5656..6762bbfb00 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -35,6 +35,7 @@ #include "dir_connection_st.h" #include "entry_connection_st.h" +#include "origin_circuit_st.h" static extend_info_t *rend_client_get_random_intro_impl( const rend_cache_entry_t *rend_query, diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index f3fa2f64d1..308b91878b 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -12,6 +12,7 @@ #include "or.h" #include "circuitbuild.h" +#include "circuitlist.h" #include "circuituse.h" #include "config.h" #include "control.h" @@ -30,6 +31,8 @@ #include "routerlist.h" #include "routerparse.h" +#include "origin_circuit_st.h" + /** Return 0 if one and two are the same service ids, else -1 or 1 */ int rend_cmp_service_ids(const char *one, const char *two) diff --git a/src/or/rendmid.c b/src/or/rendmid.c index c4a34ca62c..8afc730675 100644 --- a/src/or/rendmid.c +++ b/src/or/rendmid.c @@ -20,6 +20,8 @@ #include "hs_circuitmap.h" #include "hs_intropoint.h" +#include "or_circuit_st.h" + /** Respond to an ESTABLISH_INTRO cell by checking the signed data and * setting the circuit's purpose and service pk digest. */ diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 4d9309e493..d1e6f8a8e3 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -37,6 +37,7 @@ #include "routerset.h" #include "edge_connection_st.h" +#include "origin_circuit_st.h" struct rend_service_t; static origin_circuit_t *find_intro_circuit(rend_intro_point_t *intro, diff --git a/src/or/rephist.c b/src/or/rephist.c index c7117bad63..909cd043b8 100644 --- a/src/or/rephist.c +++ b/src/or/rephist.c @@ -89,6 +89,8 @@ #include "connection_or.h" #include "statefile.h" +#include "or_circuit_st.h" + static void bw_arrays_init(void); static void predicted_ports_alloc(void); diff --git a/src/or/router.c b/src/or/router.c index f1fff6be21..11ee2e6aba 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -41,6 +41,7 @@ #include "dir_connection_st.h" #include "dir_server_st.h" +#include "origin_circuit_st.h" #include "port_cfg_st.h" /** diff --git a/src/test/bench.c b/src/test/bench.c index 9ab23c9921..784bcf326b 100644 --- a/src/test/bench.c +++ b/src/test/bench.c @@ -26,6 +26,8 @@ #include "crypto_rand.h" #include "consdiff.h" +#include "or_circuit_st.h" + #if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_PROCESS_CPUTIME_ID) static uint64_t nanostart; static inline uint64_t diff --git a/src/test/test.c b/src/test/test.c index f0e8b9b728..b92dd3c8a0 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -62,6 +62,8 @@ double fabs(double x); #include "statefile.h" #include "crypto_curve25519.h" +#include "or_circuit_st.h" + /** Run unit tests for the onion handshake code. */ static void test_onion_handshake(void *arg) diff --git a/src/test/test_cell_queue.c b/src/test/test_cell_queue.c index df987f82ce..b41f7ac380 100644 --- a/src/test/test_cell_queue.c +++ b/src/test/test_cell_queue.c @@ -8,6 +8,9 @@ #include "relay.h" #include "test.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" + static void test_cq_manip(void *arg) { diff --git a/src/test/test_channel.c b/src/test/test_channel.c index 76124a6e75..c41afff5d0 100644 --- a/src/test/test_channel.c +++ b/src/test/test_channel.c @@ -20,6 +20,8 @@ #include "scheduler.h" #include "networkstatus.h" +#include "origin_circuit_st.h" + /* Test suite stuff */ #include "log_test_helpers.h" #include "test.h" diff --git a/src/test/test_circuitlist.c b/src/test/test_circuitlist.c index 3794ffc2c6..86e78c331e 100644 --- a/src/test/test_circuitlist.c +++ b/src/test/test_circuitlist.c @@ -14,6 +14,9 @@ #include "test.h" #include "log_test_helpers.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" + static channel_t * new_fake_channel(void) { diff --git a/src/test/test_circuitstats.c b/src/test/test_circuitstats.c index 8ebef659ca..c03164954a 100644 --- a/src/test/test_circuitstats.c +++ b/src/test/test_circuitstats.c @@ -17,6 +17,8 @@ #include "circuituse.h" #include "channel.h" +#include "origin_circuit_st.h" + void test_circuitstats_timeout(void *arg); void test_circuitstats_hoplen(void *arg); origin_circuit_t *subtest_fourhop_circuit(struct timeval, int); diff --git a/src/test/test_circuituse.c b/src/test/test_circuituse.c index df1b43807f..7d1b1d9b00 100644 --- a/src/test/test_circuituse.c +++ b/src/test/test_circuituse.c @@ -14,6 +14,8 @@ #include "circuitbuild.h" #include "nodelist.h" +#include "origin_circuit_st.h" + static void test_circuit_is_available_for_use_ret_false_when_marked_for_close(void *arg) { diff --git a/src/test/test_controller_events.c b/src/test/test_controller_events.c index e81aea8d66..70ce1a6960 100644 --- a/src/test/test_controller_events.c +++ b/src/test/test_controller_events.c @@ -11,6 +11,9 @@ #include "control.h" #include "test.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" + static void add_testing_cell_stats_entry(circuit_t *circ, uint8_t command, unsigned int waiting_time, diff --git a/src/test/test_dns.c b/src/test/test_dns.c index c472b97900..ffc6fb4514 100644 --- a/src/test/test_dns.c +++ b/src/test/test_dns.c @@ -11,6 +11,7 @@ #include "router.h" #include "edge_connection_st.h" +#include "or_circuit_st.h" #define NS_MODULE dns diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c index d4939355d1..19a32aa8a2 100644 --- a/src/test/test_entrynodes.c +++ b/src/test/test_entrynodes.c @@ -34,6 +34,7 @@ #include "test_helpers.h" #include "log_test_helpers.h" +#include "origin_circuit_st.h" /* TODO: * choose_random_entry() test with state set. diff --git a/src/test/test_helpers.c b/src/test/test_helpers.c index 86aeabb7c3..91cc7d4d2e 100644 --- a/src/test/test_helpers.c +++ b/src/test/test_helpers.c @@ -25,6 +25,7 @@ #include "routerlist.h" #include "connection_st.h" +#include "origin_circuit_st.h" #include "test.h" #include "test_helpers.h" diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 0420f70f84..bf0d56f8af 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -39,6 +39,7 @@ #include "dir_connection_st.h" #include "entry_connection_st.h" +#include "origin_circuit_st.h" static int mock_connection_ap_handshake_send_begin(entry_connection_t *ap_conn) diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c index 4253c9a388..b8462d294e 100644 --- a/src/test/test_hs_intropoint.c +++ b/src/test/test_hs_intropoint.c @@ -28,6 +28,8 @@ #include "hs_intropoint.h" #include "hs_service.h" +#include "or_circuit_st.h" + /* Trunnel. */ #include "hs/cell_establish_intro.h" #include "hs/cell_introduce1.h" diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index 33b5e96070..06df50740f 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -53,6 +53,8 @@ #include "dirauth/shared_random_state.h" #include "voting_schedule.h" +#include "origin_circuit_st.h" + /* Trunnel */ #include "hs/cell_establish_intro.h" diff --git a/src/test/test_oom.c b/src/test/test_oom.c index 98935fe455..fcee7cc73f 100644 --- a/src/test/test_oom.c +++ b/src/test/test_oom.c @@ -19,6 +19,8 @@ #include "test_helpers.h" #include "entry_connection_st.h" +#include "or_circuit_st.h" +#include "origin_circuit_st.h" /* small replacement mock for circuit_mark_for_close_ to avoid doing all * the other bookkeeping that comes with marking circuits. */ diff --git a/src/test/test_relay.c b/src/test/test_relay.c index 73c0ed5586..4a526671be 100644 --- a/src/test/test_relay.c +++ b/src/test/test_relay.c @@ -9,6 +9,8 @@ /* For init/free stuff */ #include "scheduler.h" +#include "or_circuit_st.h" + /* Test suite stuff */ #include "test.h" #include "fakechans.h" diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c index b4cb9d4bbc..e6a6734032 100644 --- a/src/test/test_relaycell.c +++ b/src/test/test_relaycell.c @@ -17,6 +17,7 @@ #include "test.h" #include "entry_connection_st.h" +#include "origin_circuit_st.h" static int srm_ncalls; static entry_connection_t *srm_conn; diff --git a/src/test/test_relaycrypt.c b/src/test/test_relaycrypt.c index 60bd479719..62bcedabc9 100644 --- a/src/test/test_relaycrypt.c +++ b/src/test/test_relaycrypt.c @@ -10,6 +10,10 @@ #include "crypto_rand.h" #include "relay.h" #include "relay_crypto.h" + +#include "or_circuit_st.h" +#include "origin_circuit_st.h" + #include "test.h" static const char KEY_MATERIAL[3][CPATH_KEY_MATERIAL_LEN] = { diff --git a/src/test/test_status.c b/src/test/test_status.c index b4ca17891b..062a28f730 100644 --- a/src/test/test_status.c +++ b/src/test/test_status.c @@ -24,6 +24,9 @@ #include "main.h" #include "nodelist.h" #include "statefile.h" + +#include "origin_circuit_st.h" + #include "test.h" #define NS_MODULE status |