diff options
Diffstat (limited to 'src/or')
80 files changed, 777 insertions, 328 deletions
diff --git a/src/or/Makefile.nmake b/src/or/Makefile.nmake index 919edbbf22..3181e79c20 100644 --- a/src/or/Makefile.nmake +++ b/src/or/Makefile.nmake @@ -1,28 +1,28 @@ -all: tor.exe
-
-CFLAGS = /I ..\win32 /I ..\..\..\build-alpha\include /I ..\common
-
-LIBS = ..\..\..\build-alpha\lib\libevent.a \
- ..\..\..\build-alpha\lib\libcrypto.a \
- ..\..\..\build-alpha\lib\libssl.a \
- ..\..\..\build-alpha\lib\libz.a \
- ws2_32.lib advapi32.lib shell32.lib
-
-LIBTOR_OBJECTS = buffers.obj circuitbuild.obj circuitlist.obj circuituse.obj \
- command.obj config.obj connection.obj connection_edge.obj \
- connection_or.obj control.obj cpuworker.obj directory.obj \
- dirserv.obj dirvote.obj dns.obj dnsserv.obj geoip.obj \
- hibernate.obj main.obj microdesc.obj networkstatus.obj \
- nodelist.obj onion.obj policies.obj reasons.obj relay.obj \
- rendclient.obj rendcommon.obj rendmid.obj rendservice.obj \
- rephist.obj router.obj routerlist.obj routerparse.obj status.obj \
- config_codedigest.obj ntmain.obj
-
-libtor.lib: $(LIBTOR_OBJECTS)
- lib $(LIBTOR_OBJECTS) /out:libtor.lib
-
-tor.exe: libtor.lib tor_main.obj
- $(CC) $(CFLAGS) $(LIBS) libtor.lib ..\common\*.lib tor_main.obj
-
-clean:
- del $(LIBTOR_OBJECTS) *.lib tor.exe
+all: tor.exe + +CFLAGS = /I ..\win32 /I ..\..\..\build-alpha\include /I ..\common + +LIBS = ..\..\..\build-alpha\lib\libevent.a \ + ..\..\..\build-alpha\lib\libcrypto.a \ + ..\..\..\build-alpha\lib\libssl.a \ + ..\..\..\build-alpha\lib\libz.a \ + ws2_32.lib advapi32.lib shell32.lib + +LIBTOR_OBJECTS = buffers.obj circuitbuild.obj circuitlist.obj circuituse.obj \ + command.obj config.obj connection.obj connection_edge.obj \ + connection_or.obj control.obj cpuworker.obj directory.obj \ + dirserv.obj dirvote.obj dns.obj dnsserv.obj geoip.obj \ + hibernate.obj main.obj microdesc.obj networkstatus.obj \ + nodelist.obj onion.obj policies.obj reasons.obj relay.obj \ + rendclient.obj rendcommon.obj rendmid.obj rendservice.obj \ + rephist.obj router.obj routerlist.obj routerparse.obj status.obj \ + config_codedigest.obj ntmain.obj + +libtor.lib: $(LIBTOR_OBJECTS) + lib $(LIBTOR_OBJECTS) /out:libtor.lib + +tor.exe: libtor.lib tor_main.obj + $(CC) $(CFLAGS) $(LIBS) libtor.lib ..\common\*.lib tor_main.obj + +clean: + del $(LIBTOR_OBJECTS) *.lib tor.exe diff --git a/src/or/buffers.c b/src/or/buffers.c index d60e54e87a..be1bdd34e9 100644 --- a/src/or/buffers.c +++ b/src/or/buffers.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -108,7 +108,7 @@ chunk_repack(chunk_t *chunk) chunk->data = &chunk->mem[0]; } -#ifdef ENABLE_BUF_FREELISTS +#if defined(ENABLE_BUF_FREELISTS) || defined(RUNNING_DOXYGEN) /** A freelist of chunks. */ typedef struct chunk_freelist_t { size_t alloc_size; /**< What size chunks does this freelist hold? */ @@ -1011,7 +1011,7 @@ fetch_from_buf(char *string, size_t string_len, buf_t *buf) /** True iff the cell command <b>command</b> is one that implies a * variable-length cell in Tor link protocol <b>linkproto</b>. */ -static inline int +static INLINE int cell_command_is_var_length(uint8_t command, int linkproto) { /* If linkproto is v2 (2), CELL_VERSIONS is the only variable-length cells diff --git a/src/or/buffers.h b/src/or/buffers.h index 7b2a2acc3c..a5886adc7a 100644 --- a/src/or/buffers.h +++ b/src/or/buffers.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 5481838ccb..3ab72e4b82 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -236,6 +236,7 @@ circuit_build_times_quantile_cutoff(void) return num/100.0; } +/* DOCDOC circuit_build_times_get_bw_scale */ int circuit_build_times_get_bw_scale(networkstatus_t *ns) { @@ -2847,6 +2848,10 @@ choose_good_exit_server_general(int need_uptime, int need_capacity) if (node) break; smartlist_clear(supporting); + /* If we reach this point, we can't actually support any unhandled + * predicted ports, so clear all the remaining ones. */ + if (smartlist_len(needed_ports)) + rep_hist_remove_predicted_ports(needed_ports); } SMARTLIST_FOREACH(needed_ports, uint16_t *, cp, tor_free(cp)); smartlist_free(needed_ports); @@ -3733,7 +3738,9 @@ entry_guard_free(entry_guard_t *e) /** Remove any entry guard which was selected by an unknown version of Tor, * or which was selected by a version of Tor that's known to select - * entry guards badly. */ + * entry guards badly, or which was selected more 2 months ago. */ +/* XXXX The "obsolete guards" and "chosen long ago guards" things should + * probably be different functions. */ static int remove_obsolete_entry_guards(time_t now) { @@ -3862,6 +3869,8 @@ entry_guards_compute_status(const or_options_t *options, time_t now) if (remove_dead_entry_guards(now)) changed = 1; + if (remove_obsolete_entry_guards(now)) + changed = 1; if (changed) { SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, entry) { @@ -4904,6 +4913,71 @@ learned_router_identity(const tor_addr_t *addr, uint16_t port, } } +/** Return true if <b>bridge</b> has the same identity digest as + * <b>digest</b>. If <b>digest</b> is NULL, it matches + * bridges with unspecified identity digests. */ +static int +bridge_has_digest(const bridge_info_t *bridge, const char *digest) +{ + if (digest) + return tor_memeq(digest, bridge->identity, DIGEST_LEN); + else + return tor_digest_is_zero(bridge->identity); +} + +/** We are about to add a new bridge at <b>addr</b>:<b>port</b>, with optional + * <b>digest</b> and <b>transport_name</b>. Mark for removal any previously + * existing bridge with the same address and port, and warn the user as + * appropriate. + */ +static void +bridge_resolve_conflicts(const tor_addr_t *addr, uint16_t port, + const char *digest, const char *transport_name) +{ + /* Iterate the already-registered bridge list: + + If you find a bridge with the same adress and port, mark it for + removal. It doesn't make sense to have two active bridges with + the same IP:PORT. If the bridge in question has a different + digest or transport than <b>digest</b>/<b>transport_name</b>, + it's probably a misconfiguration and we should warn the user. + */ + SMARTLIST_FOREACH_BEGIN(bridge_list, bridge_info_t *, bridge) { + if (bridge->marked_for_removal) + continue; + + if (tor_addr_eq(&bridge->addr, addr) && (bridge->port == port)) { + + bridge->marked_for_removal = 1; + + if (!bridge_has_digest(bridge, digest) || + strcmp_opt(bridge->transport_name, transport_name)) { + /* warn the user */ + char *bridge_description_new, *bridge_description_old; + tor_asprintf(&bridge_description_new, "%s:%u:%s:%s", + fmt_addr(addr), port, + digest ? hex_str(digest, DIGEST_LEN) : "", + transport_name ? transport_name : ""); + tor_asprintf(&bridge_description_old, "%s:%u:%s:%s", + fmt_addr(&bridge->addr), bridge->port, + tor_digest_is_zero(bridge->identity) ? + "" : hex_str(bridge->identity,DIGEST_LEN), + bridge->transport_name ? bridge->transport_name : ""); + + log_warn(LD_GENERAL,"Tried to add bridge '%s', but we found a conflict" + " with the already registered bridge '%s'. We will discard" + " the old bridge and keep '%s'. If this is not what you" + " wanted, please change your configuration file accordingly.", + bridge_description_new, bridge_description_old, + bridge_description_new); + + tor_free(bridge_description_new); + tor_free(bridge_description_old); + } + } + } SMARTLIST_FOREACH_END(bridge); +} + /** Remember a new bridge at <b>addr</b>:<b>port</b>. If <b>digest</b> * is set, it tells us the identity key too. If we already had the * bridge in our list, unmark it, and don't actually add anything new. @@ -4915,10 +4989,7 @@ bridge_add_from_config(const tor_addr_t *addr, uint16_t port, { bridge_info_t *b; - if ((b = get_configured_bridge_by_addr_port_digest(addr, port, digest))) { - b->marked_for_removal = 0; - return; - } + bridge_resolve_conflicts(addr, port, digest, transport_name); b = tor_malloc_zero(sizeof(bridge_info_t)); tor_addr_copy(&b->addr, addr); @@ -4964,6 +5035,22 @@ find_bridge_by_digest(const char *digest) return NULL; } +/* DOCDOC find_transport_name_by_bridge_addrport */ +const char * +find_transport_name_by_bridge_addrport(const tor_addr_t *addr, uint16_t port) +{ + if (!bridge_list) + return NULL; + + SMARTLIST_FOREACH_BEGIN(bridge_list, const bridge_info_t *, bridge) { + if (tor_addr_eq(&bridge->addr, addr) && + (bridge->port == port)) + return bridge->transport_name; + } SMARTLIST_FOREACH_END(bridge); + + return NULL; +} + /** If <b>addr</b> and <b>port</b> match the address and port of a * bridge of ours that uses pluggable transports, place its transport * in <b>transport</b>. diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h index a7fd208305..5b77399030 100644 --- a/src/or/circuitbuild.h +++ b/src/or/circuitbuild.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -147,6 +147,7 @@ void circuit_build_times_network_is_live(circuit_build_times_t *cbt); int circuit_build_times_network_check_live(circuit_build_times_t *cbt); void circuit_build_times_network_circ_success(circuit_build_times_t *cbt); +/* DOCDOC circuit_build_times_get_bw_scale */ int circuit_build_times_get_bw_scale(networkstatus_t *ns); void clear_transport_list(void); @@ -157,6 +158,10 @@ void transport_free(transport_t *transport); transport_t *transport_new(const tor_addr_t *addr, uint16_t port, const char *name, int socks_ver); +/* DOCDOC find_transport_name_by_bridge_addrport */ +const char *find_transport_name_by_bridge_addrport(const tor_addr_t *addr, + uint16_t port); + int find_transport_by_bridge_addrport(const tor_addr_t *addr, uint16_t port, const transport_t **transport); transport_t *transport_get_by_name(const char *name); diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 85f529194b..5e3370adce 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -1,7 +1,7 @@ /* Copyright 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/circuitlist.h b/src/or/circuitlist.h index e2298c69af..6e7735476b 100644 --- a/src/or/circuitlist.h +++ b/src/or/circuitlist.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/circuituse.c b/src/or/circuituse.c index de0aa7da20..f43ce19c83 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -1412,7 +1412,13 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, need_uptime = !conn->want_onehop && !conn->use_begindir && smartlist_string_num_isin(options->LongLivedPorts, conn->socks_request->port); - need_internal = desired_circuit_purpose != CIRCUIT_PURPOSE_C_GENERAL; + + if (desired_circuit_purpose != CIRCUIT_PURPOSE_C_GENERAL) + need_internal = 1; + else if (conn->use_begindir || conn->want_onehop) + need_internal = 1; + else + need_internal = 0; circ = circuit_get_best(conn, 1, desired_circuit_purpose, need_uptime, need_internal); diff --git a/src/or/circuituse.h b/src/or/circuituse.h index 78948b5f9e..be2bd7ec51 100644 --- a/src/or/circuituse.h +++ b/src/or/circuituse.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/command.c b/src/or/command.c index fb281a7f93..abf664c1e2 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -160,9 +160,11 @@ command_process_cell(cell_t *cell, or_connection_t *conn) if (handshaking && cell->command != CELL_VERSIONS && cell->command != CELL_NETINFO) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, - "Received unexpected cell command %d in state %s; ignoring it.", + "Received unexpected cell command %d in state %s; closing the " + "connection.", (int)cell->command, conn_state_to_string(CONN_TYPE_OR,conn->_base.state)); + connection_mark_for_close(TO_CONN(conn)); return; } @@ -258,8 +260,15 @@ command_process_var_cell(var_cell_t *cell, or_connection_t *conn) switch (conn->_base.state) { case OR_CONN_STATE_OR_HANDSHAKING_V2: - if (cell->command != CELL_VERSIONS) + if (cell->command != CELL_VERSIONS) { + log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, + "Received a cell with command %d in state %s; " + "closing the connection.", + (int)cell->command, + conn_state_to_string(CONN_TYPE_OR,conn->_base.state)); + connection_mark_for_close(TO_CONN(conn)); return; + } break; case OR_CONN_STATE_TLS_HANDSHAKING: /* If we're using bufferevents, it's entirely possible for us to @@ -272,9 +281,10 @@ command_process_var_cell(var_cell_t *cell, or_connection_t *conn) if (! command_allowed_before_handshake(cell->command)) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Received a cell with command %d in state %s; " - "ignoring it.", + "closing the connection.", (int)cell->command, conn_state_to_string(CONN_TYPE_OR,conn->_base.state)); + connection_mark_for_close(TO_CONN(conn)); return; } else { if (enter_v3_handshake_with_cell(cell, conn)<0) @@ -591,7 +601,6 @@ command_process_destroy_cell(cell_t *cell, or_connection_t *conn) int reason; circ = circuit_get_by_circid_orconn(cell->circ_id, conn); - reason = (uint8_t)cell->payload[0]; if (!circ) { log_info(LD_OR,"unknown circuit %d on connection from %s:%d. Dropping.", cell->circ_id, conn->_base.address, conn->_base.port); @@ -599,6 +608,8 @@ command_process_destroy_cell(cell_t *cell, or_connection_t *conn) } log_debug(LD_OR,"Received for circID %d.",cell->circ_id); + reason = (uint8_t)cell->payload[0]; + if (!CIRCUIT_IS_ORIGIN(circ) && cell->circ_id == TO_OR_CIRCUIT(circ)->p_circ_id) { /* the destroy came from behind */ diff --git a/src/or/command.h b/src/or/command.h index 95b0f3a931..078ccc9f5d 100644 --- a/src/or/command.h +++ b/src/or/command.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/config.c b/src/or/config.c index d11835463b..09fcf000be 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -257,7 +257,7 @@ static config_var_t _option_vars[] = { V(DisableAllSwap, BOOL, "0"), V(DisableDebuggerAttachment, BOOL, "1"), V(DisableIOCP, BOOL, "1"), - V(DynamicDHGroups, BOOL, "1"), + V(DynamicDHGroups, BOOL, "0"), V(DNSPort, LINELIST, NULL), V(DNSListenAddress, LINELIST, NULL), V(DownloadExtraInfo, BOOL, "0"), @@ -675,11 +675,12 @@ static const config_format_t state_format = { /** Command-line and config-file options. */ static or_options_t *global_options = NULL; -/** DOCDOC */ +/** The fallback options_t object; this is where we look for options not + * in torrc before we fall back to Tor's defaults. */ static or_options_t *global_default_options = NULL; /** Name of most recently read torrc file. */ static char *torrc_fname = NULL; -/** DOCDOC */ +/** Name of the most recently read torrc-defaults file.*/ static char *torrc_defaults_fname; /** Persistent serialized state. */ static or_state_t *global_state = NULL; @@ -748,7 +749,7 @@ set_options(or_options_t *new_val, char **msg) } /* Issues a CONF_CHANGED event to notify controller of the change. If Tor is * just starting up then the old_options will be undefined. */ - if (old_options) { + if (old_options && old_options != global_options) { elements = smartlist_new(); for (i=0; options_format.vars[i].name; ++i) { const config_var_t *var = &options_format.vars[i]; @@ -774,7 +775,9 @@ set_options(or_options_t *new_val, char **msg) control_event_conf_changed(elements); smartlist_free(elements); } - config_free(&options_format, old_options); + + if (old_options != global_options) + config_free(&options_format, old_options); return 0; } @@ -783,6 +786,9 @@ extern const char tor_git_revision[]; /* from tor_main.c */ /** The version of this Tor process, as parsed. */ static char *the_tor_version = NULL; +/** A shorter version of this Tor process's version, for export in our router + * descriptor. (Does not include the git version, if any.) */ +static char *the_short_tor_version = NULL; /** Return the current Tor version. */ const char * @@ -790,14 +796,30 @@ get_version(void) { if (the_tor_version == NULL) { if (strlen(tor_git_revision)) { - tor_asprintf(&the_tor_version, "%s (git-%s)", VERSION, tor_git_revision); + tor_asprintf(&the_tor_version, "%s (git-%s)", get_short_version(), + tor_git_revision); } else { - the_tor_version = tor_strdup(VERSION); + the_tor_version = tor_strdup(get_short_version()); } } return the_tor_version; } +/** Return the current Tor version, without any git tag. */ +const char * +get_short_version(void) +{ + + if (the_short_tor_version == NULL) { +#ifdef TOR_BUILD_TAG + tor_asprintf(&the_short_tor_version, "%s (%s)", VERSION, TOR_BUILD_TAG); +#else + the_short_tor_version = tor_strdup(VERSION); +#endif + } + return the_short_tor_version; +} + /** Release additional memory allocated in options */ static void @@ -1118,7 +1140,8 @@ options_act_reversible(const or_options_t *old_options, char **msg) * networking is disabled, this will close all but the control listeners, * but disable those. */ if (!we_are_hibernating()) { - if (retry_all_listeners(replaced_listeners, new_listeners) < 0) { + if (retry_all_listeners(replaced_listeners, new_listeners, + options->DisableNetwork) < 0) { *msg = tor_strdup("Failed to bind one of the listener ports."); goto rollback; } @@ -2237,7 +2260,7 @@ config_assign_value(const config_format_t *fmt, or_options_t *options, return 0; } -/** Mark every linelist in <b>options<b> "fragile", so that fresh assignments +/** Mark every linelist in <b>options</b> "fragile", so that fresh assignments * to it will replace old ones. */ static void config_mark_lists_fragile(const config_format_t *fmt, or_options_t *options) @@ -2786,7 +2809,7 @@ print_usage(void) printf( "Copyright (c) 2001-2004, Roger Dingledine\n" "Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson\n" -"Copyright (c) 2007-2011, The Tor Project, Inc.\n\n" +"Copyright (c) 2007-2012, The Tor Project, Inc.\n\n" "tor -f <torrc> [args]\n" "See man page for options, or https://www.torproject.org/ for " "documentation.\n"); @@ -3297,6 +3320,13 @@ compute_publishserverdescriptor(or_options_t *options) * expose more information than we're comfortable with. */ #define MIN_HEARTBEAT_PERIOD (30*60) +/** Lowest recommended value for CircuitBuildTimeout; if it is set too low + * and LearnCircuitBuildTimeout is off, the failure rate for circuit + * construction may be very high. In that case, if it is set below this + * threshold emit a warning. + * */ +#define RECOMMENDED_MIN_CIRCUIT_BUILD_TIMEOUT (10) + /** Return 0 if every setting in <b>options</b> is reasonable, and a * permissible transition from <b>old_options</b>. Else return -1. * Should have no side effects, except for normalizing the contents of @@ -3693,6 +3723,17 @@ options_validate(or_options_t *old_options, or_options_t *options, options->LearnCircuitBuildTimeout = 0; } + if (!(options->LearnCircuitBuildTimeout) && + options->CircuitBuildTimeout < RECOMMENDED_MIN_CIRCUIT_BUILD_TIMEOUT) { + log_warn(LD_CONFIG, + "CircuitBuildTimeout is shorter (%d seconds) than recommended " + "(%d seconds), and LearnCircuitBuildTimeout is disabled. " + "If tor isn't working, raise this value or enable " + "LearnCircuitBuildTimeout.", + options->CircuitBuildTimeout, + RECOMMENDED_MIN_CIRCUIT_BUILD_TIMEOUT ); + } + if (options->MaxCircuitDirtiness < MIN_MAX_CIRCUIT_DIRTINESS) { log_warn(LD_CONFIG, "MaxCircuitDirtiness option is too short; " "raising to %d seconds.", MIN_MAX_CIRCUIT_DIRTINESS); @@ -3913,6 +3954,12 @@ options_validate(or_options_t *old_options, or_options_t *options, if (options->UseEntryGuards && ! options->NumEntryGuards) REJECT("Cannot enable UseEntryGuards with NumEntryGuards set to 0"); + if (options->MyFamily && options->BridgeRelay) { + log_warn(LD_CONFIG, "Listing a family for a bridge relay is not " + "supported: it can reveal bridge fingerprints to censors. " + "You should also make sure you aren't listing this bridge's " + "fingerprint in any other MyFamily."); + } if (check_nickname_list(options->MyFamily, "MyFamily", msg)) return -1; for (cl = options->NodeFamilies; cl; cl = cl->next) { @@ -4273,7 +4320,7 @@ static char * get_windows_conf_root(void) { static int is_set = 0; - static char path[MAX_PATH+1]; + static char path[MAX_PATH*2+1]; TCHAR tpath[MAX_PATH] = {0}; LPITEMIDLIST idl; @@ -4303,7 +4350,8 @@ get_windows_conf_root(void) /* Convert the path from an "ID List" (whatever that is!) to a path. */ result = SHGetPathFromIDList(idl, tpath); #ifdef UNICODE - wcstombs(path,tpath,MAX_PATH); + wcstombs(path,tpath,sizeof(path)); + path[sizeof(path)-1] = '\0'; #else strlcpy(path,tpath,sizeof(path)); #endif @@ -4324,8 +4372,8 @@ get_windows_conf_root(void) } #endif -/** Return the default location for our torrc file. - * DOCDOC defaults_file */ +/** Return the default location for our torrc file (if <b>defaults_file</b> is + * false), or for the torrc-defaults file (if <b>defaults_file</b> is true). */ static const char * get_default_conf_file(int defaults_file) { @@ -4375,12 +4423,21 @@ check_nickname_list(const char *lst, const char *name, char **msg) return r; } -/** Learn config file name from command line arguments, or use the default, - * DOCDOC defaults_file */ +/** Learn config file name from command line arguments, or use the default. + * + * If <b>defaults_file</b> is true, we're looking for torrc-defaults; + * otherwise, we're looking for the regular torrc_file. + * + * Set *<b>using_default_fname</b> to true if we're using the default + * configuration file name; or false if we've set it from the command line. + * + * Set *<b>ignore_missing_torrc</b> to true if we should ignore the resulting + * filename if it doesn't exist. + */ static char * find_torrc_filename(int argc, char **argv, int defaults_file, - int *using_default_torrc, int *ignore_missing_torrc) + int *using_default_fname, int *ignore_missing_torrc) { char *fname=NULL; int i; @@ -4406,14 +4463,14 @@ find_torrc_filename(int argc, char **argv, fname = absfname; } - *using_default_torrc = 0; + *using_default_fname = 0; ++i; } else if (ignore_opt && !strcmp(argv[i],ignore_opt)) { *ignore_missing_torrc = 1; } } - if (*using_default_torrc) { + if (*using_default_fname) { /* didn't find one, try CONFDIR */ const char *dflt = get_default_conf_file(defaults_file); if (dflt && file_status(dflt) == FN_FILE) { @@ -4437,8 +4494,13 @@ find_torrc_filename(int argc, char **argv, return fname; } -/** Load torrc from disk, setting torrc_fname if successful. - * DOCDOC defaults_file */ +/** Load a configuration file from disk, setting torrc_fname or + * torrc_defaults_fname if successful. + * + * If <b>defaults_file</b> is true, load torrc-defaults; otherwise load torrc. + * + * Return the contents of the file on success, and NULL on failure. + */ static char * load_torrc_from_disk(int argc, char **argv, int defaults_file) { @@ -5434,7 +5496,10 @@ warn_nonlocal_client_ports(const smartlist_t *ports, const char *portname) } SMARTLIST_FOREACH_END(port); } -/** DOCDOC */ +/** Given a list of port_cfg_t in <b>ports</b>, warn any controller port there + * is listening on any non-loopback address. If <b>forbid</b> is true, + * then emit a stronger warning and remove the port from the list. + */ static void warn_nonlocal_controller_ports(smartlist_t *ports, unsigned forbid) { @@ -5818,10 +5883,12 @@ parse_port_config(smartlist_t *out, return retval; } -/** DOCDOC */ +/** Parse a list of config_line_t for an AF_UNIX unix socket listener option + * from <b>cfg</b> and add them to <b>out</b>. No fancy options are + * supported: the line contains nothing but the path to the AF_UNIX socket. */ static int -parse_socket_config(smartlist_t *out, const config_line_t *cfg, - int listener_type) +parse_unix_socket_config(smartlist_t *out, const config_line_t *cfg, + int listener_type) { if (!out) @@ -5907,9 +5974,9 @@ parse_ports(const or_options_t *options, int validate_only, "configuration"); goto err; } - if (parse_socket_config(ports, - options->ControlSocket, - CONN_TYPE_CONTROL_LISTENER) < 0) { + if (parse_unix_socket_config(ports, + options->ControlSocket, + CONN_TYPE_CONTROL_LISTENER) < 0) { *msg = tor_strdup("Invalid ControlSocket configuration"); goto err; } @@ -5959,7 +6026,8 @@ parse_ports(const or_options_t *options, int validate_only, return retval; } -/** DOCDOC */ +/** Given a list of <b>port_cfg_t</b> in <b>ports</b>, check them for internal + * consistency and warn as appropriate. */ static int check_server_ports(const smartlist_t *ports, const or_options_t *options) @@ -6040,7 +6108,7 @@ get_configured_ports(void) return configured_ports; } -/** Return an <address>:<port> string representation of the address +/** Return an address:port string representation of the address * where the first <b>listener_type</b> listener waits for * connections. Return NULL if we couldn't find a listener. The * string is allocated on the heap and it's the responsibility of the diff --git a/src/or/config.h b/src/or/config.h index 0495186514..ce7e319746 100644 --- a/src/or/config.h +++ b/src/or/config.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -22,6 +22,7 @@ const char *safe_str(const char *address); const char *escaped_safe_str_client(const char *address); const char *escaped_safe_str(const char *address); const char *get_version(void); +const char *get_short_version(void); int config_get_lines(const char *string, config_line_t **result, int extended); void config_free_lines(config_line_t *front); diff --git a/src/or/config_codedigest.c b/src/or/config_codedigest.c index be9eaa331d..86d14bacef 100644 --- a/src/or/config_codedigest.c +++ b/src/or/config_codedigest.c @@ -1,6 +1,8 @@ const char *tor_get_digests(void); +/** Return a string describing the digest of the source files in src/or/ + */ const char * tor_get_digests(void) { diff --git a/src/or/connection.c b/src/or/connection.c index d379533494..34e1a5cb06 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -80,6 +80,7 @@ static int get_proxy_type(void); * XXX024 We should really use the entire list of interfaces here. **/ static tor_addr_t *last_interface_ipv4 = NULL; +/* DOCDOC last_interface_ipv6 */ static tor_addr_t *last_interface_ipv6 = NULL; /** A list of tor_addr_t for addresses we've used in outgoing connections. * Used to detect IP address changes. */ @@ -731,7 +732,7 @@ connection_expire_held_open(void) }); } -#ifdef HAVE_SYS_UN_H +#if defined(HAVE_SYS_UN_H) || defined(RUNNING_DOXYGEN) /** Create an AF_UNIX listenaddr struct. * <b>listenaddress</b> provides the path to the Unix socket. * @@ -777,8 +778,9 @@ create_unix_sockaddr(const char *listenaddress, char **readable_address, log_fn(LOG_ERR, LD_BUG, "Unix domain sockets not supported, yet we tried to create one."); *len_out = 0; - tor_assert(0); -}; + tor_fragile_assert(); + return NULL; +} #endif /* HAVE_SYS_UN_H */ /** Warn that an accept or a connect has failed because we're running up @@ -1415,9 +1417,6 @@ connection_connect(connection_t *conn, const char *address, } } - if (!server_mode(options)) - client_check_address_changed(s); - /* it succeeded. we're connected. */ log_fn(inprogress?LOG_DEBUG:LOG_INFO, LD_NET, "Connection to %s:%u %s (sock %d).", @@ -1661,7 +1660,8 @@ connection_send_socks5_connect(connection_t *conn) conn->proxy_state = PROXY_SOCKS5_WANT_CONNECT_OK; } -/** DOCDOC */ +/** Wrapper around fetch_from_(buf/evbuffer)_socks_client: see those functions + * for documentation of its behavior. */ static int connection_fetch_from_buf_socks_client(connection_t *conn, int state, char **reason) @@ -1811,17 +1811,28 @@ connection_read_proxy_handshake(connection_t *conn) * entry in <b>ports</b>. Add to <b>new_conns</b> new every connection we * launch. * + * If <b>control_listeners_only</b> is true, then we only open control + * listeners, and we do not remove any noncontrol listeners from old_conns. + * * Return 0 on success, -1 on failure. **/ static int retry_listener_ports(smartlist_t *old_conns, const smartlist_t *ports, - smartlist_t *new_conns) + smartlist_t *new_conns, + int control_listeners_only) { smartlist_t *launch = smartlist_new(); int r = 0; - smartlist_add_all(launch, ports); + if (control_listeners_only) { + SMARTLIST_FOREACH(ports, port_cfg_t *, p, { + if (p->type == CONN_TYPE_CONTROL_LISTENER) + smartlist_add(launch, p); + }); + } else { + smartlist_add_all(launch, ports); + } /* Iterate through old_conns, comparing it to launch: remove from both lists * each pair of elements that corresponds to the same port. */ @@ -1921,10 +1932,13 @@ retry_listener_ports(smartlist_t *old_conns, * * Add all old conns that should be closed to <b>replaced_conns</b>. * Add all new connections to <b>new_conns</b>. + * + * If <b>close_all_noncontrol</b> is true, then we only open control + * listeners, and we close all other listeners. */ int retry_all_listeners(smartlist_t *replaced_conns, - smartlist_t *new_conns) + smartlist_t *new_conns, int close_all_noncontrol) { smartlist_t *listeners = smartlist_new(); const or_options_t *options = get_options(); @@ -1939,7 +1953,8 @@ retry_all_listeners(smartlist_t *replaced_conns, if (retry_listener_ports(listeners, get_configured_ports(), - new_conns) < 0) + new_conns, + close_all_noncontrol) < 0) retval = -1; /* Any members that were still in 'listeners' don't correspond to @@ -2226,7 +2241,9 @@ global_write_bucket_low(connection_t *conn, size_t attempt, int priority) return 0; } -/** DOCDOC */ +/** Helper: adjusts our bandwidth history and informs the controller as + * appropriate, given that we have just read <b>num_read</b> bytes and written + * <b>num_written</b> bytes on <b>conn</b>. */ static void record_num_bytes_transferred_impl(connection_t *conn, time_t now, size_t num_read, size_t num_written) @@ -2257,7 +2274,8 @@ record_num_bytes_transferred_impl(connection_t *conn, } #ifdef USE_BUFFEREVENTS -/** DOCDOC */ +/** Wrapper around fetch_from_(buf/evbuffer)_socks_client: see those functions + * for documentation of its behavior. */ static void record_num_bytes_transferred(connection_t *conn, time_t now, size_t num_read, size_t num_written) @@ -2579,7 +2597,8 @@ connection_get_rate_limit_totals(uint64_t *read_out, uint64_t *written_out) } } -/** DOCDOC */ +/** Perform whatever operations are needed on <b>conn</b> to enable + * rate-limiting. */ void connection_enable_rate_limiting(connection_t *conn) { @@ -2712,6 +2731,7 @@ connection_handle_read_impl(connection_t *conn) return 0; } +/* DOCDOC connection_handle_read */ int connection_handle_read(connection_t *conn) { @@ -3304,6 +3324,7 @@ connection_handle_write_impl(connection_t *conn, int force) return 0; } +/* DOCDOC connection_handle_write */ int connection_handle_write(connection_t *conn, int force) { @@ -3882,6 +3903,14 @@ static int connection_finished_connecting(connection_t *conn) { tor_assert(conn); + + if (!server_mode(get_options())) { + /* See whether getsockname() says our address changed. We need to do this + * now that the connection has finished, because getsockname() on Windows + * won't work until then. */ + client_check_address_changed(conn->s); + } + switch (conn->type) { case CONN_TYPE_OR: diff --git a/src/or/connection.h b/src/or/connection.h index c4b8bf8abe..785625e44b 100644 --- a/src/or/connection.h +++ b/src/or/connection.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -64,7 +64,8 @@ int get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type, const connection_t *conn); int retry_all_listeners(smartlist_t *replaced_conns, - smartlist_t *new_conns); + smartlist_t *new_conns, + int close_all_noncontrol); void connection_mark_all_noncontrol_listeners(void); void connection_mark_all_noncontrol_connections(void); @@ -91,8 +92,10 @@ int connection_flush(connection_t *conn); void _connection_write_to_buf_impl(const char *string, size_t len, connection_t *conn, int zlib); +/* DOCDOC connection_write_to_buf */ static void connection_write_to_buf(const char *string, size_t len, connection_t *conn); +/* DOCDOC connection_write_to_buf_zlib */ static void connection_write_to_buf_zlib(const char *string, size_t len, dir_connection_t *conn, int done); static INLINE void @@ -107,7 +110,9 @@ connection_write_to_buf_zlib(const char *string, size_t len, _connection_write_to_buf_impl(string, len, TO_CONN(conn), done ? -1 : 1); } +/* DOCDOC connection_get_inbuf_len */ static size_t connection_get_inbuf_len(connection_t *conn); +/* DOCDOC connection_get_outbuf_len */ static size_t connection_get_outbuf_len(connection_t *conn); static INLINE size_t diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 0dd43f2723..eae19bad47 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -457,7 +457,7 @@ connection_edge_about_to_close(edge_connection_t *edge_conn) } } -/* Called when we're about to finally unlink and free an AP (client) +/** Called when we're about to finally unlink and free an AP (client) * connection: perform necessary accounting and cleanup */ void connection_ap_about_to_close(entry_connection_t *entry_conn) @@ -492,7 +492,7 @@ connection_ap_about_to_close(entry_connection_t *entry_conn) circuit_detach_stream(circ, edge_conn); } -/* Called when we're about to finally unlink and free an exit +/** Called when we're about to finally unlink and free an exit * connection: perform necessary accounting and cleanup */ void connection_exit_about_to_close(edge_connection_t *edge_conn) @@ -2045,20 +2045,35 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, if (options->ClientRejectInternalAddresses && !conn->use_begindir && !conn->chosen_exit_name && !circ) { tor_addr_t addr; - if (tor_addr_parse(&addr, socks->address) >= 0 && - tor_addr_is_internal(&addr, 0)) { + if (tor_addr_hostname_is_local(socks->address) || + (tor_addr_parse(&addr, socks->address) >= 0 && + tor_addr_is_internal(&addr, 0))) { /* If this is an explicit private address with no chosen exit node, * then we really don't want to try to connect to it. That's * probably an error. */ if (conn->is_transparent_ap) { - log_warn(LD_NET, - "Rejecting request for anonymous connection to private " - "address %s on a TransPort or NATDPort. Possible loop " - "in your NAT rules?", safe_str_client(socks->address)); +#define WARN_INTRVL_LOOP 300 + static ratelim_t loop_warn_limit = RATELIM_INIT(WARN_INTRVL_LOOP); + char *m; + if ((m = rate_limit_log(&loop_warn_limit, approx_time()))) { + log_warn(LD_NET, + "Rejecting request for anonymous connection to private " + "address %s on a TransPort or NATDPort. Possible loop " + "in your NAT rules?%s", safe_str_client(socks->address), + m); + tor_free(m); + } } else { - log_warn(LD_NET, - "Rejecting SOCKS request for anonymous connection to " - "private address %s", safe_str_client(socks->address)); +#define WARN_INTRVL_PRIV 300 + static ratelim_t priv_warn_limit = RATELIM_INIT(WARN_INTRVL_PRIV); + char *m; + if ((m = rate_limit_log(&priv_warn_limit, approx_time()))) { + log_warn(LD_NET, + "Rejecting SOCKS request for anonymous connection to " + "private address %s.%s", + safe_str_client(socks->address),m); + tor_free(m); + } } connection_mark_unattached_ap(conn, END_STREAM_REASON_PRIVATE_ADDR); return -1; @@ -2349,6 +2364,11 @@ connection_ap_handshake_process_socks(entry_connection_t *conn) connection_write_to_buf((const char*)socks->reply, socks->replylen, base_conn); socks->replylen = 0; + if (sockshere == -1) { + /* An invalid request just got a reply, no additional + * one is necessary. */ + socks->has_finished = 1; + } } if (sockshere == 0) { @@ -2698,12 +2718,12 @@ connection_ap_handshake_send_resolve(entry_connection_t *ap_conn) return 0; } -/** Make an AP connection_t, make a new linked connection pair, and attach - * one side to the conn, connection_add it, initialize it to circuit_wait, - * and call connection_ap_handshake_attach_circuit(conn) on it. +/** Make an AP connection_t linked to the connection_t <b>partner</b>. make a + * new linked connection pair, and attach one side to the conn, connection_add + * it, initialize it to circuit_wait, and call + * connection_ap_handshake_attach_circuit(conn) on it. * - * Return the other end of the linked connection pair, or -1 if error. - * DOCDOC partner. + * Return the newly created end of the linked connection pair, or -1 if error. */ entry_connection_t * connection_ap_make_link(connection_t *partner, diff --git a/src/or/connection_edge.h b/src/or/connection_edge.h index b69e476ede..c320d6ba49 100644 --- a/src/or/connection_edge.h +++ b/src/or/connection_edge.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -80,7 +80,8 @@ int addressmap_have_mapping(const char *address, int update_timeout); void addressmap_register(const char *address, char *new_address, time_t expires, addressmap_entry_source_t source, - int address_wildcard, int new_address_wildcard); + const int address_wildcard, + const int new_address_wildcard); int parse_virtual_addr_network(const char *val, int validate_only, char **msg); int client_dns_incr_failures(const char *address); diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 0d3f9d87f2..cbb1110c6d 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -358,7 +358,12 @@ connection_or_reached_eof(or_connection_t *conn) int connection_or_process_inbuf(or_connection_t *conn) { - int ret; + /** Don't let the inbuf of a nonopen OR connection grow beyond this many + * bytes: it's either a broken client, a non-Tor client, or a DOS + * attempt. */ +#define MAX_OR_INBUF_WHEN_NONOPEN 0 + + int ret = 0; tor_assert(conn); switch (conn->_base.state) { @@ -389,8 +394,27 @@ connection_or_process_inbuf(or_connection_t *conn) case OR_CONN_STATE_OR_HANDSHAKING_V3: return connection_or_process_cells_from_inbuf(conn); default: - return 0; /* don't do anything */ + break; /* don't do anything */ + } + + /* This check was necessary with 0.2.2, when the TLS_SERVER_RENEGOTIATING + * check would otherwise just let data accumulate. It serves no purpose + * in 0.2.3. + * + * XXX023 Remove this check once we verify that the above paragraph is + * 100% true. */ + if (buf_datalen(conn->_base.inbuf) > MAX_OR_INBUF_WHEN_NONOPEN) { + log_fn(LOG_PROTOCOL_WARN, LD_NET, "Accumulated too much data (%d bytes) " + "on nonopen OR connection %s %s:%u in state %s; closing.", + (int)buf_datalen(conn->_base.inbuf), + connection_or_nonopen_was_started_here(conn) ? "to" : "from", + conn->_base.address, conn->_base.port, + conn_state_to_string(conn->_base.type, conn->_base.state)); + connection_mark_for_close(TO_CONN(conn)); + ret = -1; } + + return ret; } /** When adding cells to an OR connection's outbuf, keep adding until the @@ -484,7 +508,7 @@ connection_or_finished_connecting(or_connection_t *or_conn) return 0; } -/* Called when we're about to finally unlink and free an OR connection: +/** Called when we're about to finally unlink and free an OR connection: * perform necessary accounting and cleanup */ void connection_or_about_to_close(or_connection_t *or_conn) @@ -1051,8 +1075,27 @@ connection_or_connect(const tor_addr_t *_addr, uint16_t port, conn->_base.proxy_state = PROXY_INFANT; } } else { - log_warn(LD_GENERAL, "Tried to connect through proxy, but proxy address " - "could not be found."); + /* get_proxy_addrport() might fail if we have a Bridge line that + references a transport, but no ClientTransportPlugin lines + defining its transport proxy. If this is the case, let's try to + output a useful log message to the user. */ + const char *transport_name = + find_transport_name_by_bridge_addrport(&TO_CONN(conn)->addr, + TO_CONN(conn)->port); + + if (transport_name) { + log_warn(LD_GENERAL, "We were supposed to connect to bridge '%s:%u' " + "using pluggable transport '%s', but it seems that we can't " + "find a pluggable transport proxy supporting '%s'. Please make " + "sure that your configuration file is valid.", + fmt_addr(&TO_CONN(conn)->addr), TO_CONN(conn)->port, + transport_name, transport_name); + } else { + log_warn(LD_GENERAL, "Tried to connect to '%s:%u' through a proxy, but " + "the proxy address could not be found.", + fmt_addr(&TO_CONN(conn)->addr), TO_CONN(conn)->port); + } + connection_free(TO_CONN(conn)); return NULL; } @@ -1267,27 +1310,29 @@ connection_or_handle_event_cb(struct bufferevent *bufev, short event, return; /* ???? */ } } - } else if (tor_tls_get_num_server_handshakes(conn->tls) == 1) { - /* v2 or v3 handshake, as a server. Only got one handshake, so - * wait for the next one. */ - tor_tls_set_renegotiate_callback(conn->tls, - connection_or_tls_renegotiated_cb, - conn); - conn->_base.state = OR_CONN_STATE_TLS_SERVER_RENEGOTIATING; - /* return 0; */ - return; /* ???? */ } else { const int handshakes = tor_tls_get_num_server_handshakes(conn->tls); - tor_assert(handshakes >= 2); - if (handshakes == 2) { + + if (handshakes == 1) { + /* v2 or v3 handshake, as a server. Only got one handshake, so + * wait for the next one. */ + tor_tls_set_renegotiate_callback(conn->tls, + connection_or_tls_renegotiated_cb, + conn); + conn->_base.state = OR_CONN_STATE_TLS_SERVER_RENEGOTIATING; + } else if (handshakes == 2) { /* v2 handshake, as a server. Two handshakes happened already, * so we treat renegotiation as done. */ connection_or_tls_renegotiated_cb(conn->tls, conn); - } else { + } else if (handshakes > 2) { log_warn(LD_OR, "More than two handshakes done on connection. " "Closing."); connection_mark_for_close(TO_CONN(conn)); + } else { + log_warn(LD_BUG, "We were unexpectedly told that a connection " + "got %d handshakes. Closing.", handshakes); + connection_mark_for_close(TO_CONN(conn)); } return; } @@ -1607,7 +1652,7 @@ or_handshake_state_free(or_handshake_state_t *state) /** * Remember that <b>cell</b> has been transmitted (if <b>incoming</b> is - * false) or received (if <b>incoming is true) during a V3 handshake using + * false) or received (if <b>incoming</b> is true) during a V3 handshake using * <b>state</b>. * * (We don't record the cell, but we keep a digest of everything sent or @@ -1646,8 +1691,8 @@ or_handshake_state_record_cell(or_handshake_state_t *state, } /** Remember that a variable-length <b>cell</b> has been transmitted (if - * <b>incoming</b> is false) or received (if <b>incoming is true) during a V3 - * handshake using <b>state</b>. + * <b>incoming</b> is false) or received (if <b>incoming</b> is true) during a + * V3 handshake using <b>state</b>. * * (We don't record the cell, but we keep a digest of everything sent or * received during the v3 handshake, and the client signs it in an @@ -2054,7 +2099,8 @@ connection_or_send_auth_challenge_cell(or_connection_t *conn) * * If <b>server</b> is false and <b>signing_key</b> is provided, calculate the * entire authenticator, signed with <b>signing_key</b>. - * DOCDOC return value + * + * Return the length of the cell body on success, and -1 on failure. */ int connection_or_compute_authenticate_cell_body(or_connection_t *conn, diff --git a/src/or/connection_or.h b/src/or/connection_or.h index e5093f5ead..3e98f5cce1 100644 --- a/src/or/connection_or.h +++ b/src/or/connection_or.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/control.c b/src/or/control.c index 976997dcf0..dfa7d364c7 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -1,5 +1,5 @@ /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -30,6 +30,7 @@ #include "nodelist.h" #include "policies.h" #include "reasons.h" +#include "rephist.h" #include "router.h" #include "routerlist.h" #include "routerparse.h" @@ -135,6 +136,13 @@ typedef int event_format_t; static void connection_printf_to_buf(control_connection_t *conn, const char *format, ...) CHECK_PRINTF(2,3); +static void send_control_event_impl(uint16_t event, event_format_t which, + const char *format, va_list ap) + CHECK_PRINTF(3,0); +static int control_event_status(int type, int severity, const char *format, + va_list args) + CHECK_PRINTF(3,0); + static void send_control_done(control_connection_t *conn); static void send_control_event(uint16_t event, event_format_t which, const char *format, ...) @@ -912,10 +920,13 @@ handle_control_loadconf(control_connection_t *conn, uint32_t len, return 0; } +/** Helper structure: maps event values to their names. */ struct control_event_t { uint16_t event_code; const char *event_name; }; +/** Table mapping event values to their names. Used to implement SETEVENTS + * and GETINFO events/names, and to keep they in sync. */ static const struct control_event_t control_event_table[] = { { EVENT_CIRCUIT_STATUS, "CIRC" }, { EVENT_CIRCUIT_STATUS_MINOR, "CIRC_MINOR" }, @@ -1397,6 +1408,9 @@ getinfo_helper_misc(control_connection_t *conn, const char *question, *answer = options_dump(get_options(), 1); } else if (!strcmp(question, "info/names")) { *answer = list_getinfo_options(); + } else if (!strcmp(question, "dormant")) { + int dormant = rep_hist_circbuilding_dormant(time(NULL)); + *answer = tor_strdup(dormant ? "1" : "0"); } else if (!strcmp(question, "events/names")) { int i; smartlist_t *event_names = smartlist_new(); @@ -2138,12 +2152,13 @@ static const getinfo_item_t getinfo_items[] = { "Brief summary of router status by nickname (v2 directory format)."), PREFIX("ns/purpose/", networkstatus, "Brief summary of router status by purpose (v2 directory format)."), - ITEM("network-status", dir, "Brief summary of router status (v1 directory format)"), ITEM("circuit-status", events, "List of current circuits originating here."), ITEM("stream-status", events,"List of current streams."), ITEM("orconn-status", events, "A list of current OR connections."), + ITEM("dormant", misc, + "Is Tor dormant (not building circuits because it's idle)?"), PREFIX("address-mappings/", events, NULL), DOC("address-mappings/all", "Current address mappings."), DOC("address-mappings/cache", "Current cached DNS replies."), @@ -2530,6 +2545,10 @@ handle_control_setcircuitpurpose(control_connection_t *conn, { const char *purp = find_element_starting_with(args,1,"PURPOSE="); + if (!purp) { + connection_write_str_to_buf("552 No purpose given\r\n", conn); + goto done; + } new_purpose = circuit_purpose_from_string(purp); if (new_purpose == CIRCUIT_PURPOSE_UNKNOWN) { connection_printf_to_buf(conn, "552 Unknown purpose \"%s\"\r\n", purp); @@ -3199,6 +3218,10 @@ is_valid_initial_command(control_connection_t *conn, const char *cmd) * interfaces is broken. */ #define MAX_COMMAND_LINE_LENGTH (1024*1024) +/** Wrapper around peek_(evbuffer|buf)_has_control0 command: presents the same + * interface as those underlying functions, but takes a connection_t intead of + * an evbuffer or a buf_t. + */ static int peek_connection_has_control0_command(connection_t *conn) { @@ -4199,6 +4222,7 @@ control_event_my_descriptor_changed(void) static int control_event_status(int type, int severity, const char *format, va_list args) { + char *user_buf = NULL; char format_buf[160]; const char *status, *sev; @@ -4230,13 +4254,15 @@ control_event_status(int type, int severity, const char *format, va_list args) log_warn(LD_BUG, "Unrecognized status severity %d", severity); return -1; } - if (tor_snprintf(format_buf, sizeof(format_buf), "650 %s %s %s\r\n", - status, sev, format)<0) { + if (tor_snprintf(format_buf, sizeof(format_buf), "650 %s %s", + status, sev)<0) { log_warn(LD_BUG, "Format string too long."); return -1; } + tor_vasprintf(&user_buf, format, args); - send_control_event_impl(type, ALL_FORMATS, format_buf, args); + send_control_event(type, ALL_FORMATS, "%s %s\r\n", format_buf, user_buf); + tor_free(user_buf); return 0; } diff --git a/src/or/control.h b/src/or/control.h index 7af4449d49..f301ce91be 100644 --- a/src/or/control.h +++ b/src/or/control.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -50,7 +50,7 @@ int control_event_or_conn_status(or_connection_t *conn, int control_event_bandwidth_used(uint32_t n_read, uint32_t n_written); int control_event_stream_bandwidth(edge_connection_t *edge_conn); int control_event_stream_bandwidth_used(void); -void control_event_logmsg(int severity, unsigned int domain, const char *msg); +void control_event_logmsg(int severity, uint32_t domain, const char *msg); int control_event_descriptors_changed(smartlist_t *routers); int control_event_address_mapped(const char *from, const char *to, time_t expires, const char *error); diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c index 411d9bbb5b..9d48dd7cf7 100644 --- a/src/or/cpuworker.c +++ b/src/or/cpuworker.c @@ -1,6 +1,6 @@ /* Copyright (c) 2003-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/cpuworker.h b/src/or/cpuworker.h index 04e37ee459..91172caa56 100644 --- a/src/or/cpuworker.h +++ b/src/or/cpuworker.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/directory.c b/src/or/directory.c index 6394aece71..ee05ff897c 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "or.h" @@ -130,8 +130,9 @@ purpose_needs_anonymity(uint8_t dir_purpose, uint8_t router_purpose) { if (get_options()->AllDirActionsPrivate) return 1; - if (router_purpose == ROUTER_PURPOSE_BRIDGE && can_complete_circuit) - return 1; /* if no circuits yet, we may need this info to bootstrap. */ + if (router_purpose == ROUTER_PURPOSE_BRIDGE) + return 1; /* if no circuits yet, this might break bootstrapping, but it's + * needed to be safe. */ if (dir_purpose == DIR_PURPOSE_UPLOAD_DIR || dir_purpose == DIR_PURPOSE_UPLOAD_VOTE || dir_purpose == DIR_PURPOSE_UPLOAD_SIGNATURES || @@ -2437,7 +2438,8 @@ write_http_response_header(dir_connection_t *conn, ssize_t length, cache_lifetime); } -#ifdef INSTRUMENT_DOWNLOADS +#if defined(INSTRUMENT_DOWNLOADS) || defined(RUNNING_DOXYGEN) +/* DOCDOC */ typedef struct request_t { uint64_t bytes; /**< How many bytes have we transferred? */ uint64_t count; /**< How many requests have we made? */ @@ -2795,7 +2797,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers, want_fps = url+strlen(CONSENSUS_URL_PREFIX); } - /* XXXX MICRODESC NM NM should check document of correct flavor */ + /* XXXX023 MICRODESC NM NM should check document of correct flavor */ if (v && want_fps && !client_likes_consensus(v, want_fps)) { write_http_status_line(conn, 404, "Consensus not signed by sufficient " @@ -3787,7 +3789,10 @@ dir_routerdesc_download_failed(smartlist_t *failed, int status_code, * every 10 or 60 seconds (FOO_DESCRIPTOR_RETRY_INTERVAL) in main.c. */ } -/* DOCDOC NM */ +/** Called when a connection to download microdescriptors has failed in whole + * or in part. <b>failed</b> is a list of every microdesc digest we didn't + * get. <b>status_code</b> is the http status code we received. Reschedule the + * microdesc downloads as appropriate. */ static void dir_microdesc_download_failed(smartlist_t *failed, int status_code) diff --git a/src/or/directory.h b/src/or/directory.h index 5050f700d2..584fe84311 100644 --- a/src/or/directory.h +++ b/src/or/directory.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 1c2579865f..67b18fb523 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define DIRSERV_PRIVATE @@ -951,6 +951,7 @@ list_single_server_status(const routerinfo_t *desc, int is_live) return tor_strdup(buf); } +/* DOCDOC running_long_enough_to_decide_unreachable */ static INLINE int running_long_enough_to_decide_unreachable(void) { @@ -1252,6 +1253,15 @@ directory_caches_v2_dir_info(const or_options_t *options) return options->DirPort != NULL; } +/** Return true iff we want to fetch and keep certificates for authorities + * that we don't acknowledge as aurthorities ourself. + */ +int +directory_caches_unknown_auth_certs(const or_options_t *options) +{ + return options->DirPort || options->BridgeRelay; +} + /** Return 1 if we want to keep descriptors, networkstatuses, etc around * and we're willing to serve them to others. Else return 0. */ @@ -1845,7 +1855,7 @@ dirserv_thinks_router_is_hs_dir(const routerinfo_t *router, * *clients* suffering from bug 2722 are obsolete. The first version * to fix the bug was 0.2.2.25-alpha. */ return (router->wants_to_be_hs_dir && router->dir_port && - uptime > get_options()->MinUptimeHidServDirectoryV2 && + uptime >= get_options()->MinUptimeHidServDirectoryV2 && node->is_running); } @@ -1985,7 +1995,7 @@ dirserv_compute_performance_thresholds(routerlist_t *rl) log(LOG_INFO, LD_DIRSERV, "Cutoffs: For Stable, %lu sec uptime, %lu sec MTBF. " "For Fast: %lu bytes/sec. " - "For Guard: WFU %.03lf%%, time-known %lu sec, " + "For Guard: WFU %.03f%%, time-known %lu sec, " "and bandwidth %lu or %lu bytes/sec. We%s have enough stability data.", (unsigned long)stable_uptime, (unsigned long)stable_mtbf, diff --git a/src/or/dirserv.h b/src/or/dirserv.h index fc48e489e8..22269b2009 100644 --- a/src/or/dirserv.h +++ b/src/or/dirserv.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -76,6 +76,7 @@ int directory_fetches_dir_info_early(const or_options_t *options); int directory_fetches_dir_info_later(const or_options_t *options); int directory_caches_v2_dir_info(const or_options_t *options); #define directory_caches_v1_dir_info(o) directory_caches_v2_dir_info(o) +int directory_caches_unknown_auth_certs(const or_options_t *options); int directory_caches_dir_info(const or_options_t *options); int directory_permits_begindir_requests(const or_options_t *options); int directory_permits_controller_requests(const or_options_t *options); diff --git a/src/or/dirvote.c b/src/or/dirvote.c index 20dc8c2649..c5bd213e53 100644 --- a/src/or/dirvote.c +++ b/src/or/dirvote.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define DIRVOTE_PRIVATE @@ -33,6 +33,7 @@ typedef struct pending_consensus_t { networkstatus_t *consensus; } pending_consensus_t; +/* DOCDOC dirvote_add_signatures_to_all_pending_consensuses */ static int dirvote_add_signatures_to_all_pending_consensuses( const char *detached_signatures_body, const char *source, @@ -2679,6 +2680,7 @@ static smartlist_t *pending_vote_list = NULL; * build a consensus, the votes go here for the next period. */ static smartlist_t *previous_vote_list = NULL; +/* DOCDOC pending_consensuses */ static pending_consensus_t pending_consensuses[N_CONSENSUS_FLAVORS]; /** The detached signatures for the consensus that we're currently diff --git a/src/or/dirvote.h b/src/or/dirvote.h index 9248d47dc1..e6f9700614 100644 --- a/src/or/dirvote.h +++ b/src/or/dirvote.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -66,7 +66,6 @@ void set_routerstatus_from_routerinfo(routerstatus_t *rs, routerinfo_t *ri, time_t now, int naming, int listbadexits, int listbaddirs, int vote_on_hsdirs); -void router_clear_status_flags(routerinfo_t *ri); networkstatus_t * dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, authority_cert_t *cert); diff --git a/src/or/dns.c b/src/or/dns.c index 2b7d3e3506..77c1a21d21 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -1,6 +1,6 @@ /* Copyright (c) 2003-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -1389,7 +1389,7 @@ evdns_callback(int result, char type, int count, int ttl, void *addresses, static int launch_resolve(edge_connection_t *exitconn) { - char *addr = tor_strdup(exitconn->_base.address); + char *addr; struct evdns_request *req = NULL; tor_addr_t a; int r; @@ -1408,6 +1408,8 @@ launch_resolve(edge_connection_t *exitconn) } } + addr = tor_strdup(exitconn->_base.address); + r = tor_addr_parse_PTR_name( &a, exitconn->_base.address, AF_UNSPEC, 0); diff --git a/src/or/dns.h b/src/or/dns.h index 25ff86e2c6..8c8b476ac8 100644 --- a/src/or/dns.h +++ b/src/or/dns.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c index 7f519398fa..183c5b8d4a 100644 --- a/src/or/dnsserv.c +++ b/src/or/dnsserv.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2007-2011, The Tor Project, Inc. */ +/* Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/dnsserv.h b/src/or/dnsserv.h index 73ec365647..3aaa038d2b 100644 --- a/src/or/dnsserv.h +++ b/src/or/dnsserv.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/eventdns.c b/src/or/eventdns.c index 61a28361ab..768693aba6 100644 --- a/src/or/eventdns.c +++ b/src/or/eventdns.c @@ -3213,7 +3213,7 @@ static int config_nameserver_from_reg_key(HKEY key, const TCHAR *subkey) { char *buf; - char ansibuf[MAX_PATH] = {0}; + char ansibuf[MAX_PATH] = {0}; DWORD bufsz = 0, type = 0; int status = 0; @@ -3226,6 +3226,7 @@ config_nameserver_from_reg_key(HKEY key, const TCHAR *subkey) if (RegQueryValueEx(key, subkey, 0, &type, (LPBYTE)buf, &bufsz) == ERROR_SUCCESS && bufsz > 1) { wcstombs(ansibuf,(wchar_t*)buf,MAX_PATH);/*XXXX UNICODE */ + abuf[MAX_PATH-1] = '\0'; status = evdns_nameserver_ip_add_line(ansibuf); } diff --git a/src/or/eventdns_tor.h b/src/or/eventdns_tor.h index c75cff2d1f..4c40b3524b 100644 --- a/src/or/eventdns_tor.h +++ b/src/or/eventdns_tor.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2007-2011, The Tor Project, Inc. */ +/* Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" diff --git a/src/or/geoip.c b/src/or/geoip.c index 5e3735c73e..5d6488817a 100644 --- a/src/or/geoip.c +++ b/src/or/geoip.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2007-2011, The Tor Project, Inc. */ +/* Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -613,6 +613,7 @@ dirreq_map_ent_eq(const dirreq_map_entry_t *a, return a->dirreq_id == b->dirreq_id && a->type == b->type; } +/* DOCDOC dirreq_map_ent_hash */ static unsigned dirreq_map_ent_hash(const dirreq_map_entry_t *entry) { @@ -1024,9 +1025,9 @@ geoip_format_dirreq_stats(time_t now) #undef RESPONSE_GRANULARITY if (!geoip_get_mean_shares(now, &v2_share, &v3_share)) { - tor_asprintf(&v2_share_string, "dirreq-v2-share %0.2lf%%\n", + tor_asprintf(&v2_share_string, "dirreq-v2-share %0.2f%%\n", v2_share*100); - tor_asprintf(&v3_share_string, "dirreq-v3-share %0.2lf%%\n", + tor_asprintf(&v3_share_string, "dirreq-v3-share %0.2f%%\n", v3_share*100); } diff --git a/src/or/geoip.h b/src/or/geoip.h index 7c2eddce99..4aed4e07bb 100644 --- a/src/or/geoip.h +++ b/src/or/geoip.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/hibernate.c b/src/or/hibernate.c index bdf407d3be..3a9c1e4224 100644 --- a/src/or/hibernate.c +++ b/src/or/hibernate.c @@ -1,5 +1,5 @@ /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -102,9 +102,11 @@ static time_unit_t cfg_unit = UNIT_MONTH; /** How many days,hours,minutes into each unit does our accounting interval * start? */ +/** @{ */ static int cfg_start_day = 0, cfg_start_hour = 0, cfg_start_min = 0; +/** @} */ static void reset_accounting(time_t now); static int read_bandwidth_usage(void); diff --git a/src/or/hibernate.h b/src/or/hibernate.h index d77e946d4f..9aa026b7b0 100644 --- a/src/or/hibernate.h +++ b/src/or/hibernate.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/main.c b/src/or/main.c index 9022f2eb87..163dd5d0fb 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -94,7 +94,9 @@ static int stats_prev_global_read_bucket; static int stats_prev_global_write_bucket; #endif +/* DOCDOC stats_prev_n_read */ static uint64_t stats_prev_n_read = 0; +/* DOCDOC stats_prev_n_written */ static uint64_t stats_prev_n_written = 0; /* XXX we might want to keep stats about global_relayed_*_bucket too. Or not.*/ @@ -443,6 +445,7 @@ get_bytes_read(void) return stats_n_bytes_read; } +/* DOCDOC get_bytes_written */ uint64_t get_bytes_written(void) { @@ -1428,7 +1431,7 @@ run_scheduled_events(time_t now) /** 3d. And every 60 seconds, we relaunch listeners if any died. */ if (!net_is_disabled() && time_to_check_listeners < now) { - retry_all_listeners(NULL, NULL); + retry_all_listeners(NULL, NULL, 0); time_to_check_listeners = now+60; } @@ -1773,8 +1776,16 @@ do_hup(void) } options = get_options(); /* they have changed now */ } else { + char *msg = NULL; log_notice(LD_GENERAL, "Not reloading config file: the controller told " "us not to."); + /* Make stuff get rescanned, reloaded, etc. */ + if (set_options((or_options_t*)options, &msg) < 0) { + if (!msg) + msg = tor_strdup("Unknown error"); + log_warn(LD_GENERAL, "Unable to re-set previous options: %s", msg); + tor_free(msg); + } } if (authdir_mode_handles_descs(options, -1)) { /* reload the approved-routers file */ diff --git a/src/or/main.h b/src/or/main.h index c8903642de..f843b6f9fc 100644 --- a/src/or/main.h +++ b/src/or/main.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/microdesc.c b/src/or/microdesc.c index be9b99759c..ba6c88f8a0 100644 --- a/src/or/microdesc.c +++ b/src/or/microdesc.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2009-2011, The Tor Project, Inc. */ +/* Copyright (c) 2009-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "or.h" @@ -80,7 +80,12 @@ dump_microdescriptor(FILE *f, microdesc_t *md, size_t *annotation_len_out) char annotation[ISO_TIME_LEN+32]; format_iso_time(buf, md->last_listed); tor_snprintf(annotation, sizeof(annotation), "@last-listed %s\n", buf); - fputs(annotation, f); + if (fputs(annotation, f) < 0) { + log_warn(LD_DIR, + "Couldn't write microdescriptor annotation: %s", + strerror(ferror(f))); + return -1; + } r += strlen(annotation); *annotation_len_out = r; } else { @@ -182,7 +187,7 @@ microdescs_add_to_cache(microdesc_cache_t *cache, return added; } -/* As microdescs_add_to_cache, but takes a list of micrdescriptors instead of +/** As microdescs_add_to_cache, but takes a list of micrdescriptors instead of * a string to decode. Frees any members of <b>descriptors</b> that it does * not add. */ smartlist_t * @@ -226,9 +231,10 @@ microdescs_add_list_to_cache(microdesc_cache_t *cache, size_t annotation_len; size = dump_microdescriptor(f, md, &annotation_len); if (size < 0) { - /* XXX handle errors from dump_microdescriptor() */ - /* log? return -1? die? coredump the universe? */ - continue; + /* we already warned in dump_microdescriptor; */ + abort_writing_to_file(open_file); + smartlist_clear(added); + return added; } md->saved_location = SAVED_IN_JOURNAL; cache->journal_len += size; diff --git a/src/or/microdesc.h b/src/or/microdesc.h index 4564132810..5646fc7a85 100644 --- a/src/or/microdesc.h +++ b/src/or/microdesc.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 910b99c5c0..e787ec5c65 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -78,6 +78,9 @@ typedef struct consensus_waiting_for_certs_t { int dl_failed; } consensus_waiting_for_certs_t; +/** An array, for each flavor of consensus we might want, of consensuses that + * we have downloaded, but which we cannot verify due to having insufficient + * authority certificates. */ static consensus_waiting_for_certs_t consensus_waiting_for_certs[N_CONSENSUS_FLAVORS]; @@ -1006,8 +1009,8 @@ networkstatus_get_v2_list(void) return networkstatus_v2_list; } -/* As router_get_consensus_status_by_descriptor_digest, but does not return - * a const pointer */ +/** As router_get_consensus_status_by_descriptor_digest, but does not return + * a const pointer. */ routerstatus_t * router_get_mutable_consensus_status_by_descriptor_digest( networkstatus_t *consensus, @@ -1183,7 +1186,8 @@ update_v2_networkstatus_cache_downloads(time_t now) } } -/** DOCDOC */ +/** Return true iff, given the options listed in <b>options</b>, <b>flavor</b> + * is the flavor of a consensus networkstatus that we would like to fetch. */ static int we_want_to_fetch_flavor(const or_options_t *options, int flavor) { @@ -1455,7 +1459,8 @@ networkstatus_get_latest_consensus(void) return current_consensus; } -/** DOCDOC */ +/** Return the latest consensus we have whose flavor matches <b>f</b>, or NULL + * if we don't have one. */ networkstatus_t * networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f) { @@ -1463,8 +1468,10 @@ networkstatus_get_latest_consensus_by_flavor(consensus_flavor_t f) return current_ns_consensus; else if (f == FLAV_MICRODESC) return current_md_consensus; - else + else { tor_assert(0); + return NULL; + } } /** Return the most recent consensus that we have downloaded, or NULL if it is @@ -2190,6 +2197,7 @@ networkstatus_dump_bridge_status_to_file(time_t now) tor_free(status); } +/* DOCDOC get_net_param_from_list */ static int32_t get_net_param_from_list(smartlist_t *net_params, const char *param_name, int32_t default_val, int32_t min_val, int32_t max_val) diff --git a/src/or/networkstatus.h b/src/or/networkstatus.h index 1b10f27388..0af17512dd 100644 --- a/src/or/networkstatus.h +++ b/src/or/networkstatus.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/nodelist.c b/src/or/nodelist.c index 4654f307e3..f7f3024179 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "or.h" diff --git a/src/or/nodelist.h b/src/or/nodelist.h index 1b7549dade..1e9da88d4e 100644 --- a/src/or/nodelist.h +++ b/src/or/nodelist.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/ntmain.c b/src/or/ntmain.c index bd07df1b3e..d001f7be13 100644 --- a/src/or/ntmain.c +++ b/src/or/ntmain.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define MAIN_PRIVATE @@ -455,7 +455,7 @@ static char * nt_service_command_line(int *using_default_torrc) { TCHAR tor_exe[MAX_PATH+1]; - char tor_exe_ascii[MAX_PATH+1]; + char tor_exe_ascii[MAX_PATH*2+1]; char *command=NULL, *options=NULL; smartlist_t *sl; int i; @@ -483,6 +483,7 @@ nt_service_command_line(int *using_default_torrc) #ifdef UNICODE wcstombs(tor_exe_ascii, tor_exe, sizeof(tor_exe_ascii)); + tor_exe_ascii[sizeof(tor_exe_ascii)-1] = '\0'; #else strlcpy(tor_exe_ascii, tor_exe, sizeof(tor_exe_ascii)); #endif diff --git a/src/or/ntmain.h b/src/or/ntmain.h index 6d95a0987d..07fdcf466b 100644 --- a/src/or/ntmain.h +++ b/src/or/ntmain.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/onion.c b/src/or/onion.c index 09349a4d27..ff1556c3e1 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -29,9 +29,11 @@ typedef struct onion_queue_t { #define ONIONQUEUE_WAIT_CUTOFF 5 /** First and last elements in the linked list of circuits waiting for CPU - * workers, or NULL if the list is empty. */ + * workers, or NULL if the list is empty. + * @{ */ static onion_queue_t *ol_list=NULL; static onion_queue_t *ol_tail=NULL; +/**@}*/ /** Length of ol_list */ static int ol_length=0; diff --git a/src/or/onion.h b/src/or/onion.h index 4b2de792a1..7e0f873c73 100644 --- a/src/or/onion.h +++ b/src/or/onion.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/or.h b/src/or/or.h index b77f4c6097..7ff628411a 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -23,11 +23,8 @@ #endif #ifdef _WIN32 -#ifndef WIN32_WINNT -#define WIN32_WINNT 0x400 -#endif #ifndef _WIN32_WINNT -#define _WIN32_WINNT 0x400 +#define _WIN32_WINNT 0x0501 #endif #define WIN32_LEAN_AND_MEAN #endif @@ -1068,6 +1065,7 @@ typedef struct connection_t { uint64_t dirreq_id; } connection_t; +/** Subtype of connection_t; used for a listener socket. */ typedef struct listener_connection_t { connection_t _base; @@ -1254,7 +1252,8 @@ typedef struct or_connection_t { * bandwidthburst. (OPEN ORs only) */ int write_bucket; /**< When this hits 0, stop writing. Like read_bucket. */ #else - /** DOCDOC */ + /** A rate-limiting configuration object to determine how this connection + * set its read- and write- limits. */ /* XXXX we could share this among all connections. */ struct ev_token_bucket_cfg *bucket_cfg; #endif @@ -1732,7 +1731,7 @@ typedef struct { uint16_t or_port; /**< Port for TLS connections. */ uint16_t dir_port; /**< Port for HTTP directory connections. */ - /* DOCDOC */ + /** A router's IPv6 address, if it has one. */ /* XXXXX187 Actually these should probably be part of a list of addresses, * not just a special case. Use abstractions to access these; don't do it * directly. */ diff --git a/src/or/policies.c b/src/or/policies.c index 5eaebfaf1c..b2b962dfd7 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -535,6 +535,7 @@ typedef struct policy_map_ent_t { addr_policy_t *policy; } policy_map_ent_t; +/* DOCDOC policy_root */ static HT_HEAD(policy_map, policy_map_ent_t) policy_root = HT_INITIALIZER(); /** Return true iff a and b are equal. */ diff --git a/src/or/policies.h b/src/or/policies.h index 51716ab0a7..31f3f06c7d 100644 --- a/src/or/policies.h +++ b/src/or/policies.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/reasons.c b/src/or/reasons.c index bcf15ff8f4..c51d8ee6f5 100644 --- a/src/or/reasons.c +++ b/src/or/reasons.c @@ -1,5 +1,5 @@ /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -184,6 +184,8 @@ errno_to_stream_end_reason(int e) S_CASE(ENOBUFS): case ENOMEM: case ENFILE: + S_CASE(EADDRINUSE): + S_CASE(EADDRNOTAVAIL): E_CASE(EMFILE): return END_STREAM_REASON_RESOURCELIMIT; default: diff --git a/src/or/reasons.h b/src/or/reasons.h index 01f9717948..377b61b113 100644 --- a/src/or/reasons.h +++ b/src/or/reasons.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/relay.c b/src/or/relay.c index ad98e05041..0c99c3497b 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -64,6 +64,7 @@ static struct timeval cached_time_hires = {0, 0}; * cells. */ #define CELL_QUEUE_LOWWATER_SIZE 64 +/** Return a fairly recent view of the current time. */ static void tor_gettimeofday_cached(struct timeval *tv) { @@ -73,6 +74,8 @@ tor_gettimeofday_cached(struct timeval *tv) *tv = cached_time_hires; } +/** Reset the cached view of the current time, so that the next time we try + * to learn it, we will get an up-to-date value. */ void tor_gettimeofday_cache_clear(void) { @@ -1125,8 +1128,12 @@ connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ, (!layer_hint && --circ->deliver_window < 0)) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "(relay data) circ deliver_window below 0. Killing."); - connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL); - connection_mark_for_close(TO_CONN(conn)); + if (conn) { + /* XXXX Do we actually need to do this? Will killing the circuit + * not send an END and mark the stream for close as appropriate? */ + connection_edge_end(conn, END_STREAM_REASON_TORPROTOCOL); + connection_mark_for_close(TO_CONN(conn)); + } return -END_CIRC_REASON_TORPROTOCOL; } log_debug(domain,"circ deliver_window now %d.", layer_hint ? @@ -2086,9 +2093,12 @@ cell_ewma_get_tick(void) * has value ewma_scale_factor ** N.) */ static double ewma_scale_factor = 0.1; +/* DOCDOC ewma_enabled */ static int ewma_enabled = 0; +/*DOCDOC*/ #define EPSILON 0.00001 +/*DOCDOC*/ #define LOG_ONEHALF -0.69314718055994529 /** Adjust the global cell scale factor based on <b>options</b> */ diff --git a/src/or/relay.h b/src/or/relay.h index 1cd4008bb9..6a54373654 100644 --- a/src/or/relay.h +++ b/src/or/relay.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/rendclient.c b/src/or/rendclient.c index da32791f00..79e017b0c0 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -1,5 +1,5 @@ /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/rendclient.h b/src/or/rendclient.h index 89da47789a..393b556e32 100644 --- a/src/or/rendclient.h +++ b/src/or/rendclient.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index 20bbdafec9..4722690c15 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -1,5 +1,5 @@ /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -797,6 +797,8 @@ rend_cache_entry_free(rend_cache_entry_t *e) tor_free(e); } +/** Helper: deallocate a rend_cache_entry_t. (Used with strmap_free(), which + * requires a function pointer whose argument is void*). */ static void _rend_cache_entry_free(void *p) { diff --git a/src/or/rendcommon.h b/src/or/rendcommon.h index e633155038..be6bd13d2c 100644 --- a/src/or/rendcommon.h +++ b/src/or/rendcommon.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/rendmid.c b/src/or/rendmid.c index 894bbb3c54..bacd0ef93e 100644 --- a/src/or/rendmid.c +++ b/src/or/rendmid.c @@ -1,5 +1,5 @@ /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/rendmid.h b/src/or/rendmid.h index 5ed87fd2b1..0af6436dea 100644 --- a/src/or/rendmid.h +++ b/src/or/rendmid.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/rendservice.c b/src/or/rendservice.c index f2fc6a7837..5ffc58625e 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -1,5 +1,5 @@ /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/rendservice.h b/src/or/rendservice.h index 8a2994c4c0..e5848785a8 100644 --- a/src/or/rendservice.h +++ b/src/or/rendservice.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/rephist.c b/src/or/rephist.c index 0cd60eeb83..341a5a3e98 100644 --- a/src/or/rephist.c +++ b/src/or/rephist.c @@ -1,5 +1,5 @@ /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -839,7 +839,7 @@ rep_hist_record_mtbf_data(time_t now, int missing_means_down) format_iso_time(time_buf, hist->start_of_run); t = time_buf; } - PRINTF((f, "+MTBF %lu %.5lf%s%s\n", + PRINTF((f, "+MTBF %lu %.5f%s%s\n", hist->weighted_run_length, hist->total_run_weights, t ? " S=" : "", t ? t : "")); t = NULL; @@ -889,10 +889,10 @@ rep_hist_format_router_status(or_history_t *hist, time_t now) tor_asprintf(&cp, "%s%s%s" "%s%s%s" - "wfu %0.3lf\n" + "wfu %0.3f\n" " weighted-time %lu\n" " weighted-uptime %lu\n" - "mtbf %0.1lf\n" + "mtbf %0.1f\n" " weighted-run-length %lu\n" " total-run-weights %f\n", up?"uptime-started ":"", up?sor_buf:"", up?" UTC\n":"", @@ -1772,8 +1772,13 @@ rep_hist_load_state(or_state_t *state, char **err) /*********************************************************************/ +/** A single predicted port: used to remember which ports we've made + * connections to, so that we can try to keep making circuits that can handle + * those ports. */ typedef struct predicted_port_t { + /** The port we connected to */ uint16_t port; + /** The time at which we last used it */ time_t time; } predicted_port_t; @@ -1868,6 +1873,26 @@ rep_hist_get_predicted_ports(time_t now) return out; } +/** + * Take a list of uint16_t *, and remove every port in the list from the + * current list of predicted ports. + */ +void +rep_hist_remove_predicted_ports(const smartlist_t *rmv_ports) +{ + /* Let's do this on O(N), not O(N^2). */ + bitarray_t *remove_ports = bitarray_init_zero(UINT16_MAX); + SMARTLIST_FOREACH(rmv_ports, const uint16_t *, p, + bitarray_set(remove_ports, *p)); + SMARTLIST_FOREACH_BEGIN(predicted_ports_list, predicted_port_t *, pp) { + if (bitarray_is_set(remove_ports, pp->port)) { + tor_free(pp); + SMARTLIST_DEL_CURRENT(predicted_ports_list, pp); + } + } SMARTLIST_FOREACH_END(pp); + bitarray_free(remove_ports); +} + /** The user asked us to do a resolve. Rather than keeping track of * timings and such of resolves, we fake it for now by treating * it the same way as a connection to port 80. This way we will continue @@ -2453,8 +2478,9 @@ char * rep_hist_format_buffer_stats(time_t now) { #define SHARES 10 - int processed_cells[SHARES], circs_in_share[SHARES], - number_of_circuits, i; + uint64_t processed_cells[SHARES]; + uint32_t circs_in_share[SHARES]; + int number_of_circuits, i; double queued_cells[SHARES], time_in_queue[SHARES]; smartlist_t *processed_cells_strings, *queued_cells_strings, *time_in_queue_strings; @@ -2469,8 +2495,8 @@ rep_hist_format_buffer_stats(time_t now) tor_assert(now >= start_of_buffer_stats_interval); /* Calculate deciles if we saw at least one circuit. */ - memset(processed_cells, 0, SHARES * sizeof(int)); - memset(circs_in_share, 0, SHARES * sizeof(int)); + memset(processed_cells, 0, SHARES * sizeof(uint64_t)); + memset(circs_in_share, 0, SHARES * sizeof(uint32_t)); memset(queued_cells, 0, SHARES * sizeof(double)); memset(time_in_queue, 0, SHARES * sizeof(double)); if (!circuits_for_buffer_stats) @@ -2498,8 +2524,9 @@ rep_hist_format_buffer_stats(time_t now) time_in_queue_strings = smartlist_new(); for (i = 0; i < SHARES; i++) { smartlist_add_asprintf(processed_cells_strings, - "%d", !circs_in_share[i] ? 0 : - processed_cells[i] / circs_in_share[i]); + U64_FORMAT, !circs_in_share[i] ? 0 : + U64_PRINTF_ARG(processed_cells[i] / + circs_in_share[i])); } for (i = 0; i < SHARES; i++) { smartlist_add_asprintf(queued_cells_strings, "%.2f", @@ -2650,24 +2677,30 @@ rep_hist_format_desc_stats(time_t now) const char *key; void *val; unsigned size; - int *vals; + int *vals, max = 0, q3 = 0, md = 0, q1 = 0, min = 0; int n = 0; if (!start_of_served_descs_stats_interval) return NULL; - size = digestmap_size(served_descs); - if (size == 0) - return NULL; - vals = tor_malloc(size * sizeof(int)); - - for (iter = digestmap_iter_init(served_descs); !digestmap_iter_done(iter); - iter = digestmap_iter_next(served_descs, iter) ) { - uintptr_t count; - digestmap_iter_get(iter, &key, &val); - count = (uintptr_t)val; - vals[n++] = (int)count; - (void)key; + size = digestmap_size(served_descs); + if (size > 0) { + vals = tor_malloc(size * sizeof(int)); + for (iter = digestmap_iter_init(served_descs); + !digestmap_iter_done(iter); + iter = digestmap_iter_next(served_descs, iter)) { + uintptr_t count; + digestmap_iter_get(iter, &key, &val); + count = (uintptr_t)val; + vals[n++] = (int)count; + (void)key; + } + max = find_nth_int(vals, size, size-1); + q3 = find_nth_int(vals, size, (3*size-1)/4); + md = find_nth_int(vals, size, (size-1)/2); + q1 = find_nth_int(vals, size, (size-1)/4); + min = find_nth_int(vals, size, 0); + tor_free(vals); } format_iso_time(t, now); @@ -2678,14 +2711,8 @@ rep_hist_format_desc_stats(time_t now) t, (unsigned) (now - start_of_served_descs_stats_interval), total_descriptor_downloads, - size, - find_nth_int(vals, size, size-1), - find_nth_int(vals, size, (3*size-1)/4), - find_nth_int(vals, size, (size-1)/2), - find_nth_int(vals, size, (size-1)/4), - find_nth_int(vals, size, 0)); - - tor_free(vals); + size, max, q3, md, q1, min); + return result; } @@ -2705,6 +2732,7 @@ rep_hist_desc_stats_write(time_t now) return start_of_served_descs_stats_interval + WRITE_STATS_INTERVAL; str = rep_hist_format_desc_stats(now); + tor_assert(str != NULL); statsdir = get_datadir_fname("stats"); if (check_private_dir(statsdir, CPD_CREATE, get_options()->User) < 0) { @@ -2724,6 +2752,7 @@ rep_hist_desc_stats_write(time_t now) return start_of_served_descs_stats_interval + WRITE_STATS_INTERVAL; } +/* DOCDOC rep_hist_note_desc_served */ void rep_hist_note_desc_served(const char * desc) { @@ -2765,27 +2794,27 @@ rep_hist_conn_stats_init(time_t now) * connection stats. */ #define BIDI_INTERVAL 10 -/* Start of next BIDI_INTERVAL second interval. */ +/** Start of next BIDI_INTERVAL second interval. */ static time_t bidi_next_interval = 0; -/* Number of connections that we read and wrote less than BIDI_THRESHOLD +/** Number of connections that we read and wrote less than BIDI_THRESHOLD * bytes from/to in BIDI_INTERVAL seconds. */ static uint32_t below_threshold = 0; -/* Number of connections that we read at least BIDI_FACTOR times more +/** Number of connections that we read at least BIDI_FACTOR times more * bytes from than we wrote to in BIDI_INTERVAL seconds. */ static uint32_t mostly_read = 0; -/* Number of connections that we wrote at least BIDI_FACTOR times more +/** Number of connections that we wrote at least BIDI_FACTOR times more * bytes to than we read from in BIDI_INTERVAL seconds. */ static uint32_t mostly_written = 0; -/* Number of connections that we read and wrote at least BIDI_THRESHOLD +/** Number of connections that we read and wrote at least BIDI_THRESHOLD * bytes from/to, but not BIDI_FACTOR times more in either direction in * BIDI_INTERVAL seconds. */ static uint32_t both_read_and_written = 0; -/* Entry in a map from connection ID to the number of read and written +/** Entry in a map from connection ID to the number of read and written * bytes on this connection in a BIDI_INTERVAL second interval. */ typedef struct bidi_map_entry_t { HT_ENTRY(bidi_map_entry_t) node; @@ -2805,6 +2834,7 @@ bidi_map_ent_eq(const bidi_map_entry_t *a, const bidi_map_entry_t *b) return a->conn_id == b->conn_id; } +/* DOCDOC bidi_map_ent_hash */ static unsigned bidi_map_ent_hash(const bidi_map_entry_t *entry) { @@ -2816,6 +2846,7 @@ HT_PROTOTYPE(bidimap, bidi_map_entry_t, node, bidi_map_ent_hash, HT_GENERATE(bidimap, bidi_map_entry_t, node, bidi_map_ent_hash, bidi_map_ent_eq, 0.6, malloc, realloc, free); +/* DOCDOC bidi_map_free */ static void bidi_map_free(void) { diff --git a/src/or/rephist.h b/src/or/rephist.h index 0a3e46ae1a..d47724edb5 100644 --- a/src/or/rephist.h +++ b/src/or/rephist.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -34,7 +34,7 @@ int rep_hist_load_state(or_state_t *state, char **err); void rep_history_clean(time_t before); void rep_hist_note_router_reachable(const char *id, const tor_addr_t *at_addr, - uint16_t at_port, time_t when); + const uint16_t at_port, time_t when); void rep_hist_note_router_unreachable(const char *id, time_t when); int rep_hist_record_mtbf_data(time_t now, int missing_means_down); int rep_hist_load_mtbf_data(time_t now); @@ -49,6 +49,7 @@ const char *rep_hist_get_router_stability_doc(time_t now); void rep_hist_note_used_port(time_t now, uint16_t port); smartlist_t *rep_hist_get_predicted_ports(time_t now); +void rep_hist_remove_predicted_ports(const smartlist_t *rmv_ports); void rep_hist_note_used_resolve(time_t now); void rep_hist_note_used_internal(time_t now, int need_uptime, int need_capacity); diff --git a/src/or/router.c b/src/or/router.c index 4468c7b26a..352c456f1f 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #define ROUTER_PRIVATE @@ -484,6 +484,8 @@ v3_authority_check_key_expiry(void) last_warned = now; } +/** Set up Tor's TLS contexts, based on our configuration and keys. Return 0 + * on success, and -1 on failure. */ int router_initialize_tls_context(void) { @@ -1596,7 +1598,7 @@ router_rebuild_descriptor(int force) ri->is_valid = ri->is_named = 1; /* believe in yourself */ #endif - if (options->MyFamily) { + if (options->MyFamily && ! options->BridgeRelay) { smartlist_t *family; if (!warned_nonexistent_family) warned_nonexistent_family = smartlist_new(); @@ -1694,12 +1696,15 @@ router_rebuild_descriptor(int force) ri->purpose = options->BridgeRelay ? ROUTER_PURPOSE_BRIDGE : ROUTER_PURPOSE_GENERAL; - ri->cache_info.send_unencrypted = 1; - /* Let bridges serve their own descriptors unencrypted, so they can - * pass reachability testing. (If they want to be harder to notice, - * they can always leave the DirPort off). */ - if (ei && !options->BridgeRelay) - ei->cache_info.send_unencrypted = 1; + if (options->BridgeRelay) { + /* Bridges shouldn't be able to send their descriptors unencrypted, + anyway, since they don't have a DirPort, and always connect to the + bridge authority anonymously. But just in case they somehow think of + sending them on an unencrypted connection, don't allow them to try. */ + ri->cache_info.send_unencrypted = ei->cache_info.send_unencrypted = 0; + } else { + ri->cache_info.send_unencrypted = ei->cache_info.send_unencrypted = 1; + } router_get_router_hash(ri->cache_info.signed_descriptor_body, strlen(ri->cache_info.signed_descriptor_body), @@ -1949,7 +1954,8 @@ router_guess_address_from_dir_headers(uint32_t *guess) void get_platform_str(char *platform, size_t len) { - tor_snprintf(platform, len, "Tor %s on %s", get_version(), get_uname()); + tor_snprintf(platform, len, "Tor %s on %s", + get_short_version(), get_uname()); } /* XXX need to audit this thing and count fenceposts. maybe diff --git a/src/or/router.h b/src/or/router.h index 294736e70c..69805d6f2d 100644 --- a/src/or/router.h +++ b/src/or/router.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/routerlist.c b/src/or/routerlist.c index a64b93f3a9..feda4f1f19 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -104,9 +104,12 @@ static time_t last_descriptor_download_attempted = 0; /** When we last computed the weights to use for bandwidths on directory * requests, what were the total weighted bandwidth, and our share of that * bandwidth? Used to determine what fraction of directory requests we should - * expect to see. */ + * expect to see. + * + * @{ */ static uint64_t sl_last_total_weighted_bw = 0, sl_last_weighted_bw_of_me = 0; +/**@}*/ /** Return the number of directory authorities whose type matches some bit set * in <b>type</b> */ @@ -229,7 +232,7 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store, "signing key %s", from_store ? "cached" : "downloaded", ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN)); } else { - int adding = directory_caches_dir_info(get_options()); + int adding = directory_caches_unknown_auth_certs(get_options()); log_info(LD_DIR, "%s %s certificate for unrecognized directory " "authority with signing key %s", adding ? "Adding" : "Not adding", @@ -480,7 +483,7 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now) smartlist_t *missing_digests; char *resource = NULL; cert_list_t *cl; - const int cache = directory_caches_dir_info(get_options()); + const int cache = directory_caches_unknown_auth_certs(get_options()); if (should_delay_dir_fetches(get_options())) return; @@ -1430,7 +1433,7 @@ nodelist_add_node_and_family(smartlist_t *sl, const node_t *node) } /** Given a <b>router</b>, add every node_t in its family (including the - * node itself</b>) to <b>sl</b>. + * node itself!) to <b>sl</b>. * * Note the type mismatch: This function takes a routerinfo, but adds nodes * to the smartlist! @@ -1696,7 +1699,7 @@ smartlist_choose_node_by_bandwidth_weights(smartlist_t *sl, int64_t rand_bw; double Wg = -1, Wm = -1, We = -1, Wd = -1; double Wgb = -1, Wmb = -1, Web = -1, Wdb = -1; - double weighted_bw = 0; + double weighted_bw = 0, unweighted_bw = 0; double *bandwidths; double tmp = 0; unsigned int i; @@ -1823,6 +1826,7 @@ smartlist_choose_node_by_bandwidth_weights(smartlist_t *sl, bandwidths[node_sl_idx] = weight*this_bw; weighted_bw += weight*this_bw; + unweighted_bw += this_bw; if (is_me) sl_last_weighted_bw_of_me = weight*this_bw; } SMARTLIST_FOREACH_END(node); @@ -1838,10 +1842,20 @@ smartlist_choose_node_by_bandwidth_weights(smartlist_t *sl, /* If there is no bandwidth, choose at random */ if (DBL_TO_U64(weighted_bw) == 0) { /* Don't warn when using bridges/relays not in the consensus */ - if (!have_unknown) - log_warn(LD_CIRC, - "Weighted bandwidth is %f in node selection for rule %s", - weighted_bw, bandwidth_weight_rule_to_string(rule)); + if (!have_unknown) { +#define ZERO_BANDWIDTH_WARNING_INTERVAL (15) + static ratelim_t zero_bandwidth_warning_limit = + RATELIM_INIT(ZERO_BANDWIDTH_WARNING_INTERVAL); + char *msg; + if ((msg = rate_limit_log(&zero_bandwidth_warning_limit, + approx_time()))) { + log_warn(LD_CIRC, + "Weighted bandwidth is %f in node selection for rule %s " + "(unweighted was %f) %s", + weighted_bw, bandwidth_weight_rule_to_string(rule), + unweighted_bw, msg); + } + } tor_free(bandwidths); return smartlist_choose(sl); } @@ -2294,7 +2308,7 @@ hex_digest_nickname_matches(const char *hexdigest, const char *identity_digest, return tor_memeq(digest, identity_digest, DIGEST_LEN); } -/* Return true iff <b>router</b> is listed as named in the current +/** Return true iff <b>router</b> is listed as named in the current * consensus. */ int router_is_named(const routerinfo_t *router) @@ -2838,6 +2852,13 @@ routerlist_insert(routerlist_t *rl, routerinfo_t *ri) ri->cache_info.signed_descriptor_digest, &(ri->cache_info)); if (sd_old) { + int idx = sd_old->routerlist_index; + sd_old->routerlist_index = -1; + smartlist_del(rl->old_routers, idx); + if (idx < smartlist_len(rl->old_routers)) { + signed_descriptor_t *d = smartlist_get(rl->old_routers, idx); + d->routerlist_index = idx; + } rl->desc_store.bytes_dropped += sd_old->signed_descriptor_len; sdmap_remove(rl->desc_by_eid_map, sd_old->extra_info_digest); signed_descriptor_free(sd_old); @@ -4181,9 +4202,9 @@ any_trusted_dir_is_v1_authority(void) /** For every current directory connection whose purpose is <b>purpose</b>, * and where the resource being downloaded begins with <b>prefix</b>, split - * rest of the resource into base16 fingerprints, decode them, and set the + * rest of the resource into base16 fingerprints (or base64 fingerprints if + * purpose==DIR_PURPPOSE_FETCH_MICRODESC), decode them, and set the * corresponding elements of <b>result</b> to a nonzero value. - * DOCDOC purpose==microdesc */ static void list_pending_downloads(digestmap_t *result, @@ -4228,8 +4249,13 @@ list_pending_descriptor_downloads(digestmap_t *result, int extrainfo) list_pending_downloads(result, purpose, "d/"); } -/** DOCDOC */ -/*XXXX NM should use digest256, if one comes into being. */ +/** For every microdescriptor we are currently downloading by descriptor + * digest, set result[d] to (void*)1. (Note that microdescriptor digests + * are 256-bit, and digestmap_t only holds 160-bit digests, so we're only + * getting the first 20 bytes of each digest here.) + * + * XXXX Let there be a digestmap256_t, and use that instead. + */ void list_pending_microdesc_downloads(digestmap_t *result) { @@ -4997,7 +5023,14 @@ update_router_have_minimum_dir_info(void) count_usable_descriptors(&num_exit_present, &num_exit_usable, consensus, options, now, options->ExitNodes, 1); - if (num_present < num_usable/4) { +/* What fraction of desired server descriptors do we need before we will + * build circuits? */ +#define FRAC_USABLE_NEEDED .75 +/* What fraction of desired _exit_ server descriptors do we need before we + * will build circuits? */ +#define FRAC_EXIT_USABLE_NEEDED .5 + + if (num_present < num_usable * FRAC_USABLE_NEEDED) { tor_snprintf(dir_info_status, sizeof(dir_info_status), "We have only %d/%d usable %sdescriptors.", num_present, num_usable, using_md ? "micro" : ""); @@ -5010,7 +5043,7 @@ update_router_have_minimum_dir_info(void) num_present, using_md ? "micro" : "", num_present ? "" : "s"); res = 0; goto done; - } else if (num_exit_present < num_exit_usable / 3) { + } else if (num_exit_present < num_exit_usable * FRAC_EXIT_USABLE_NEEDED) { tor_snprintf(dir_info_status, sizeof(dir_info_status), "We have only %d/%d usable exit node descriptors.", num_exit_present, num_exit_usable); diff --git a/src/or/routerlist.h b/src/or/routerlist.h index cae8814333..8dcc6eb026 100644 --- a/src/or/routerlist.h +++ b/src/or/routerlist.h @@ -1,6 +1,6 @@ /* Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -85,14 +85,16 @@ void router_set_status(const char *digest, int up); static int WRA_WAS_ADDED(was_router_added_t s); static int WRA_WAS_OUTDATED(was_router_added_t s); static int WRA_WAS_REJECTED(was_router_added_t s); -/** Return true iff the descriptor was added. It might still be necessary to - * check whether the descriptor generator should be notified. +/** Return true iff the outcome code in <b>s</b> indicates that the descriptor + * was added. It might still be necessary to check whether the descriptor + * generator should be notified. */ static INLINE int WRA_WAS_ADDED(was_router_added_t s) { return s == ROUTER_ADDED_SUCCESSFULLY || s == ROUTER_ADDED_NOTIFY_GENERATOR; } -/** Return true iff the descriptor was not added because it was either: +/** Return true iff the outcome code in <b>s</b> indicates that the descriptor + * was not added because it was either: * - not in the consensus * - neither in the consensus nor in any networkstatus document * - it was outdated. @@ -103,6 +105,8 @@ static INLINE int WRA_WAS_OUTDATED(was_router_added_t s) s == ROUTER_NOT_IN_CONSENSUS || s == ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS); } +/** Return true iff the outcome code in <b>s</b> indicates that the descriptor + * was flat-out rejected. */ static INLINE int WRA_WAS_REJECTED(was_router_added_t s) { return (s == ROUTER_AUTHDIR_REJECTS); diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 781c57897d..6308f3a310 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -263,7 +263,7 @@ typedef struct token_rule_t { /* Argument multiplicity: exactly <b>n</b> arguments. */ #define EQ(n) n,n,0 -/** List of tokens allowable in router descriptors */ +/** List of tokens recognized in router descriptors */ static token_rule_t routerdesc_token_table[] = { T0N("reject", K_REJECT, ARGS, NO_OBJ ), T0N("accept", K_ACCEPT, ARGS, NO_OBJ ), @@ -296,7 +296,7 @@ static token_rule_t routerdesc_token_table[] = { END_OF_TABLE }; -/** List of tokens allowable in extra-info documents. */ +/** List of tokens recognized in extra-info documents. */ static token_rule_t extrainfo_token_table[] = { T1_END( "router-signature", K_ROUTER_SIGNATURE, NO_ARGS, NEED_OBJ ), T1( "published", K_PUBLISHED, CONCAT_ARGS, NO_OBJ ), @@ -333,7 +333,7 @@ static token_rule_t extrainfo_token_table[] = { END_OF_TABLE }; -/** List of tokens allowable in the body part of v2 and v3 networkstatus +/** List of tokens recognized in the body part of v2 and v3 networkstatus * documents. */ static token_rule_t rtrstatus_token_table[] = { T01("p", K_P, CONCAT_ARGS, NO_OBJ ), @@ -346,7 +346,7 @@ static token_rule_t rtrstatus_token_table[] = { END_OF_TABLE }; -/** List of tokens allowable in the header part of v2 networkstatus documents. +/** List of tokens recognized in the header part of v2 networkstatus documents. */ static token_rule_t netstatus_token_table[] = { T1( "published", K_PUBLISHED, CONCAT_ARGS, NO_OBJ ), @@ -364,14 +364,14 @@ static token_rule_t netstatus_token_table[] = { END_OF_TABLE }; -/** List of tokens allowable in the footer of v1/v2 directory/networkstatus +/** List of tokens recognized in the footer of v1/v2 directory/networkstatus * footers. */ static token_rule_t dir_footer_token_table[] = { T1("directory-signature", K_DIRECTORY_SIGNATURE, EQ(1), NEED_OBJ ), END_OF_TABLE }; -/** List of tokens allowable in v1 directory headers/footers. */ +/** List of tokens recognized in v1 directory headers/footers. */ static token_rule_t dir_token_table[] = { /* don't enforce counts; this is obsolete. */ T( "network-status", K_NETWORK_STATUS, NO_ARGS, NO_OBJ ), @@ -403,14 +403,14 @@ static token_rule_t dir_token_table[] = { NO_ARGS, NEED_OBJ), \ T01("dir-address", K_DIR_ADDRESS, GE(1), NO_OBJ), -/** List of tokens allowable in V3 authority certificates. */ +/** List of tokens recognized in V3 authority certificates. */ static token_rule_t dir_key_certificate_table[] = { CERTIFICATE_MEMBERS T1("fingerprint", K_FINGERPRINT, CONCAT_ARGS, NO_OBJ ), END_OF_TABLE }; -/** List of tokens allowable in rendezvous service descriptors */ +/** List of tokens recognized in rendezvous service descriptors */ static token_rule_t desc_token_table[] = { T1_START("rendezvous-service-descriptor", R_RENDEZVOUS_SERVICE_DESCRIPTOR, EQ(1), NO_OBJ), @@ -424,7 +424,7 @@ static token_rule_t desc_token_table[] = { END_OF_TABLE }; -/** List of tokens allowed in the (encrypted) list of introduction points of +/** List of tokens recognized in the (encrypted) list of introduction points of * rendezvous service descriptors */ static token_rule_t ipo_token_table[] = { T1_START("introduction-point", R_IPO_IDENTIFIER, EQ(1), NO_OBJ), @@ -435,7 +435,7 @@ static token_rule_t ipo_token_table[] = { END_OF_TABLE }; -/** List of tokens allowed in the (possibly encrypted) list of introduction +/** List of tokens recognized in the (possibly encrypted) list of introduction * points of rendezvous service descriptors */ static token_rule_t client_keys_token_table[] = { T1_START("client-name", C_CLIENT_NAME, CONCAT_ARGS, NO_OBJ), @@ -444,7 +444,7 @@ static token_rule_t client_keys_token_table[] = { END_OF_TABLE }; -/** List of tokens allowed in V3 networkstatus votes. */ +/** List of tokens recognized in V3 networkstatus votes. */ static token_rule_t networkstatus_token_table[] = { T1_START("network-status-version", K_NETWORK_STATUS_VERSION, GE(1), NO_OBJ ), @@ -472,7 +472,7 @@ static token_rule_t networkstatus_token_table[] = { END_OF_TABLE }; -/** List of tokens allowed in V3 networkstatus consensuses. */ +/** List of tokens recognized in V3 networkstatus consensuses. */ static token_rule_t networkstatus_consensus_token_table[] = { T1_START("network-status-version", K_NETWORK_STATUS_VERSION, GE(1), NO_OBJ ), @@ -498,7 +498,7 @@ static token_rule_t networkstatus_consensus_token_table[] = { END_OF_TABLE }; -/** List of tokens allowable in the footer of v1/v2 directory/networkstatus +/** List of tokens recognized in the footer of v1/v2 directory/networkstatus * footers. */ static token_rule_t networkstatus_vote_footer_token_table[] = { T01("directory-footer", K_DIRECTORY_FOOTER, NO_ARGS, NO_OBJ ), @@ -507,7 +507,7 @@ static token_rule_t networkstatus_vote_footer_token_table[] = { END_OF_TABLE }; -/** List of tokens allowable in detached networkstatus signature documents. */ +/** List of tokens recognized in detached networkstatus signature documents. */ static token_rule_t networkstatus_detached_signature_token_table[] = { T1_START("consensus-digest", K_CONSENSUS_DIGEST, GE(1), NO_OBJ ), T("additional-digest", K_ADDITIONAL_DIGEST,GE(3), NO_OBJ ), @@ -519,6 +519,7 @@ static token_rule_t networkstatus_detached_signature_token_table[] = { END_OF_TABLE }; +/** List of tokens recognized in microdescriptors */ static token_rule_t microdesc_token_table[] = { T1_START("onion-key", K_ONION_KEY, NO_ARGS, NEED_KEY_1024), T01("family", K_FAMILY, ARGS, NO_OBJ ), @@ -4169,7 +4170,10 @@ _find_by_keyword(smartlist_t *s, directory_keyword keyword, return tok; } -/** DOCDOC */ +/** If there are any directory_token_t entries in <b>s</b> whose keyword is + * <b>k</b>, return a newly allocated smartlist_t containing all such entries, + * in the same order in which they occur in <b>s</b>. Otherwise return + * NULL. */ static smartlist_t * find_all_by_keyword(smartlist_t *s, directory_keyword k) { @@ -4197,6 +4201,13 @@ find_all_exitpolicy(smartlist_t *s) return out; } +/** Helper function for <b>router_get_hash_impl</b>: given <b>s</b>, + * <b>s_len</b>, <b>start_str</b>, <b>end_str</b>, and <b>end_c</b> with the + * same semantics as in that function, set *<b>start_out</b> (inclusive) and + * *<b>end_out</b> (exclusive) to the boundaries of the string to be hashed. + * + * Return 0 on success and -1 on failure. + */ static int router_get_hash_impl_helper(const char *s, size_t s_len, const char *start_str, diff --git a/src/or/routerparse.h b/src/or/routerparse.h index 6486a09c73..c6382a7f6b 100644 --- a/src/or/routerparse.h +++ b/src/or/routerparse.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/status.c b/src/or/status.c index 3e4cb779a3..04cd96eed5 100644 --- a/src/or/status.c +++ b/src/or/status.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2010-2011, The Tor Project, Inc. */ +/* Copyright (c) 2010-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** diff --git a/src/or/status.h b/src/or/status.h index ac726a1d2d..189ac789e1 100644 --- a/src/or/status.h +++ b/src/or/status.h @@ -1,4 +1,4 @@ -/* Copyright (c) 2010, The Tor Project, Inc. */ +/* Copyright (c) 2010-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #ifndef _TOR_STATUS_H diff --git a/src/or/tor_main.c b/src/or/tor_main.c index 1ce14ab768..2f4922317d 100644 --- a/src/or/tor_main.c +++ b/src/or/tor_main.c @@ -1,6 +1,6 @@ /* Copyright 2001-2004 Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** String describing which Tor subversion repository version the source was diff --git a/src/or/transports.c b/src/or/transports.c index 5f650d107a..2fc2adc55e 100644 --- a/src/or/transports.c +++ b/src/or/transports.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2011, The Tor Project, Inc. */ +/* Copyright (c) 2011-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -119,10 +119,6 @@ static INLINE void free_execve_args(char **arg); #define PROTO_CMETHODS_DONE "CMETHODS DONE" #define PROTO_SMETHODS_DONE "SMETHODS DONE" -/* The smallest valid managed proxy protocol line that can - appear. It's the size of "VERSION 1" */ -#define SMALLEST_MANAGED_LINE_SIZE 9 - /** Number of environment variables for managed proxy clients/servers. */ #define ENVIRON_SIZE_CLIENT 3 #define ENVIRON_SIZE_SERVER 7 /* XXX known to be too high, but that's ok */ @@ -633,12 +629,6 @@ handle_proxy_line(const char *line, managed_proxy_t *mp) log_info(LD_GENERAL, "Got a line from managed proxy '%s': (%s)", mp->argv[0], line); - if (strlen(line) < SMALLEST_MANAGED_LINE_SIZE) { - log_warn(LD_GENERAL, "Managed proxy configuration line is too small. " - "Discarding"); - goto err; - } - if (!strcmpstart(line, PROTO_ENV_ERROR)) { if (mp->conf_state != PT_PROTO_LAUNCHED) goto err; @@ -712,7 +702,8 @@ handle_proxy_line(const char *line, managed_proxy_t *mp) return; } - log_warn(LD_CONFIG, "Unknown line received by managed proxy. (%s)", line); + log_notice(LD_GENERAL, "Unknown line received by managed proxy (%s).", line); + return; err: mp->conf_state = PT_PROTO_BROKEN; diff --git a/src/or/transports.h b/src/or/transports.h index 314af2b3a0..02f159a5d6 100644 --- a/src/or/transports.h +++ b/src/or/transports.h @@ -1,6 +1,6 @@ /* Copyright (c) 2003-2004, Roger Dingledine * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** |