网络

开发平台：

Unix_Linux

config.c：源码内容

/** Allocate and return a new string holding the written-out values of the vars
* in 'options'. If 'minimal', do not write out any default-valued vars.
* Else, if comment_defaults, write default values as comments.
*/
static char *
config_dump(config_format_t *fmt, void *options, int minimal,
int comment_defaults)
{
smartlist_t *elements;
or_options_t *defaults;
config_line_t *line, *assigned;
char *result;
int i;
const char *desc;
char *msg = NULL;
defaults = config_alloc(fmt);
config_init(fmt, defaults);
/* XXX use a 1 here so we don't add a new log line while dumping */
if (fmt->validate_fn(NULL,defaults, 1, &msg) < 0) {
log_err(LD_BUG, "Failed to validate default config.");
tor_free(msg);
tor_assert(0);
}
elements = smartlist_create();
for (i=0; fmt->vars[i].name; ++i) {
int comment_option = 0;
if (fmt->vars[i].type == CONFIG_TYPE_OBSOLETE ||
fmt->vars[i].type == CONFIG_TYPE_LINELIST_S)
continue;
/* Don't save 'hidden' control variables. */
if (!strcmpstart(fmt->vars[i].name, "__"))
continue;
if (minimal && option_is_same(fmt, options, defaults, fmt->vars[i].name))
continue;
else if (comment_defaults &&
option_is_same(fmt, options, defaults, fmt->vars[i].name))
comment_option = 1;
desc = config_find_description(fmt, fmt->vars[i].name);
line = assigned = get_assigned_option(fmt, options, fmt->vars[i].name, 1);
if (line && desc) {
/* Only dump the description if there's something to describe. */
wrap_string(elements, desc, 78, "# ", "# ");
}
for (; line; line = line->next) {
size_t len = strlen(line->key) + strlen(line->value) + 5;
char *tmp;
tmp = tor_malloc(len);
if (tor_snprintf(tmp, len, "%s%s %sn",
comment_option ? "# " : "",
line->key, line->value)<0) {
log_err(LD_BUG,"Internal error writing option value");
tor_assert(0);
}
smartlist_add(elements, tmp);
}
config_free_lines(assigned);
}
if (fmt->extra) {
line = *(config_line_t**)STRUCT_VAR_P(options, fmt->extra->var_offset);
for (; line; line = line->next) {
size_t len = strlen(line->key) + strlen(line->value) + 3;
char *tmp;
tmp = tor_malloc(len);
if (tor_snprintf(tmp, len, "%s %sn", line->key, line->value)<0) {
log_err(LD_BUG,"Internal error writing option value");
tor_assert(0);
}
smartlist_add(elements, tmp);
}
}
result = smartlist_join_strings(elements, "", 0, NULL);
SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
smartlist_free(elements);
config_free(fmt, defaults);
return result;
}
/** Return a string containing a possible configuration file that would give
* the configuration in options. If minimal is true, do not
* include options that are the same as Tor's defaults.
*/
static char *
options_dump(or_options_t *options, int minimal)
{
return config_dump(&options_format, options, minimal, 0);
}
/** Return 0 if every element of sl is a string holding a decimal
* representation of a port number, or if sl is NULL.
* Otherwise set *msg and return -1. */
static int
validate_ports_csv(smartlist_t *sl, const char *name, char **msg)
{
int i;
char buf[1024];
tor_assert(name);
if (!sl)
return 0;
SMARTLIST_FOREACH(sl, const char *, cp,
{
i = atoi(cp);
if (i < 1 || i > 65535) {
int r = tor_snprintf(buf, sizeof(buf),
"Port '%s' out of range in %s", cp, name);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
});
return 0;
}
/** If value exceeds ROUTER_MAX_DECLARED_BANDWIDTH, write
* a complaint into *msg using string desc, and return -1.
* Else return 0.
*/
static int
ensure_bandwidth_cap(uint64_t *value, const char *desc, char **msg)
{
int r;
char buf[1024];
if (*value > ROUTER_MAX_DECLARED_BANDWIDTH) {
/* This handles an understandable special case where somebody says "2gb"
* whereas our actual maximum is 2gb-1 (INT_MAX) */
--*value;
}
if (*value > ROUTER_MAX_DECLARED_BANDWIDTH) {
r = tor_snprintf(buf, sizeof(buf), "%s ("U64_FORMAT") must be at most %d",
desc, U64_PRINTF_ARG(*value),
ROUTER_MAX_DECLARED_BANDWIDTH);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
return 0;
}
/** Parse an authority type from options->PublishServerDescriptor
* and write it to options->_PublishServerDescriptor. Treat "1"
* as "v2,v3" unless BridgeRelay is 1, in which case treat it as "bridge".
* Treat "0" as "".
* Return 0 on success or -1 if not a recognized authority type (in which
* case the value of _PublishServerDescriptor is undefined). */
static int
compute_publishserverdescriptor(or_options_t *options)
{
smartlist_t *list = options->PublishServerDescriptor;
authority_type_t *auth = &options->_PublishServerDescriptor;
*auth = NO_AUTHORITY;
if (!list) /* empty list, answer is none */
return 0;
SMARTLIST_FOREACH(list, const char *, string, {
if (!strcasecmp(string, "v1"))
*auth |= V1_AUTHORITY;
else if (!strcmp(string, "1"))
if (options->BridgeRelay)
*auth |= BRIDGE_AUTHORITY;
else
*auth |= V2_AUTHORITY | V3_AUTHORITY;
else if (!strcasecmp(string, "v2"))
*auth |= V2_AUTHORITY;
else if (!strcasecmp(string, "v3"))
*auth |= V3_AUTHORITY;
else if (!strcasecmp(string, "bridge"))
*auth |= BRIDGE_AUTHORITY;
else if (!strcasecmp(string, "hidserv"))
*auth |= HIDSERV_AUTHORITY;
else if (!strcasecmp(string, "") || !strcmp(string, "0"))
/* no authority */;
else
return -1;
});
return 0;
}
/** Lowest allowable value for RendPostPeriod; if this is too low, hidden
* services can overload the directory system. */
#define MIN_REND_POST_PERIOD (10*60)
/** Highest allowable value for RendPostPeriod. */
#define MAX_DIR_PERIOD (MIN_ONION_KEY_LIFETIME/2)
/** Lowest allowable value for CircuitBuildTimeout; values too low will
* increase network load because of failing connections being retried, and
* might prevent users from connecting to the network at all. */
#define MIN_CIRCUIT_BUILD_TIMEOUT 30
/** Lowest allowable value for MaxCircuitDirtiness; if this is too low, Tor
* will generate too many circuits and potentially overload the network. */
#define MIN_MAX_CIRCUIT_DIRTINESS 10
/** Return 0 if every setting in options is reasonable, and a
* permissible transition from old_options. Else return -1.
* Should have no side effects, except for normalizing the contents of
* options.
*
* On error, tor_strdup an error explanation into *msg.
*
* XXX
* If from_setconf, we were called by the controller, and our
* Log line should stay empty. If it's 0, then give us a default log
* if there are no logs defined.
*/
static int
options_validate(or_options_t *old_options, or_options_t *options,
int from_setconf, char **msg)
{
int i, r;
config_line_t *cl;
const char *uname = get_uname();
char buf[1024];
#define REJECT(arg)
STMT_BEGIN *msg = tor_strdup(arg); return -1; STMT_END
#define COMPLAIN(arg) STMT_BEGIN log(LOG_WARN, LD_CONFIG, arg); STMT_END
tor_assert(msg);
*msg = NULL;
if (options->ORPort < 0 || options->ORPort > 65535)
REJECT("ORPort option out of bounds.");
if (server_mode(options) &&
(!strcmpstart(uname, "Windows 95") ||
!strcmpstart(uname, "Windows 98") ||
!strcmpstart(uname, "Windows Me"))) {
log(LOG_WARN, LD_CONFIG, "Tor is running as a server, but you are "
"running %s; this probably won't work. See "
"http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ServerOS "
"for details.", uname);
}
if (options->ORPort == 0 && options->ORListenAddress != NULL)
REJECT("ORPort must be defined if ORListenAddress is defined.");
if (options->DirPort == 0 && options->DirListenAddress != NULL)
REJECT("DirPort must be defined if DirListenAddress is defined.");
if (options->DNSPort == 0 && options->DNSListenAddress != NULL)
REJECT("DNSPort must be defined if DNSListenAddress is defined.");
if (options->ControlPort == 0 && options->ControlListenAddress != NULL)
REJECT("ControlPort must be defined if ControlListenAddress is defined.");
if (options->TransPort == 0 && options->TransListenAddress != NULL)
REJECT("TransPort must be defined if TransListenAddress is defined.");
if (options->NatdPort == 0 && options->NatdListenAddress != NULL)
REJECT("NatdPort must be defined if NatdListenAddress is defined.");
/* Don't gripe about SocksPort 0 with SocksListenAddress set; a standard
* configuration does this. */
for (i = 0; i < 3; ++i) {
int is_socks = i==0;
int is_trans = i==1;
config_line_t *line, *opt, *old;
const char *tp;
if (is_socks) {
opt = options->SocksListenAddress;
old = old_options ? old_options->SocksListenAddress : NULL;
tp = "SOCKS proxy";
} else if (is_trans) {
opt = options->TransListenAddress;
old = old_options ? old_options->TransListenAddress : NULL;
tp = "transparent proxy";
} else {
opt = options->NatdListenAddress;
old = old_options ? old_options->NatdListenAddress : NULL;
tp = "natd proxy";
}
for (line = opt; line; line = line->next) {
char *address = NULL;
uint16_t port;
uint32_t addr;
if (parse_addr_port(LOG_WARN, line->value, &address, &addr, &port)<0)
continue; /* We'll warn about this later. */
if (!is_internal_IP(addr, 1) &&
(!old_options || !config_lines_eq(old, opt))) {
log_warn(LD_CONFIG,
"You specified a public address '%s' for a %s. Other "
"people on the Internet might find your computer and use it as "
"an open %s. Please don't allow this unless you have "
"a good reason.", address, tp, tp);
}
tor_free(address);
}
}
if (validate_data_directory(options)<0)
REJECT("Invalid DataDirectory");
if (options->Nickname == NULL) {
if (server_mode(options)) {
if (!(options->Nickname = get_default_nickname())) {
log_notice(LD_CONFIG, "Couldn't pick a nickname based on "
"our hostname; using %s instead.", UNNAMED_ROUTER_NICKNAME);
options->Nickname = tor_strdup(UNNAMED_ROUTER_NICKNAME);
} else {
log_notice(LD_CONFIG, "Choosing default nickname '%s'",
options->Nickname);
}
}
} else {
if (!is_legal_nickname(options->Nickname)) {
r = tor_snprintf(buf, sizeof(buf),
"Nickname '%s' is wrong length or contains illegal characters.",
options->Nickname);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
}
if (server_mode(options) && !options->ContactInfo)
log(LOG_NOTICE, LD_CONFIG, "Your ContactInfo config option is not set. "
"Please consider setting it, so we can contact you if your server is "
"misconfigured or something else goes wrong.");
/* Special case on first boot if no Log options are given. */
if (!options->Logs && !options->RunAsDaemon && !from_setconf)
config_line_append(&options->Logs, "Log", "notice stdout");
if (options_init_logs(options, 1)<0) /* Validate the log(s) */
REJECT("Failed to validate Log options. See logs for details.");
if (options->NoPublish) {
log(LOG_WARN, LD_CONFIG,
"NoPublish is obsolete. Use PublishServerDescriptor instead.");
SMARTLIST_FOREACH(options->PublishServerDescriptor, char *, s,
tor_free(s));
smartlist_clear(options->PublishServerDescriptor);
}
if (authdir_mode(options)) {
/* confirm that our address isn't broken, so we can complain now */
uint32_t tmp;
if (resolve_my_address(LOG_WARN, options, &tmp, NULL) < 0)
REJECT("Failed to resolve/guess local address. See logs for details.");
}
#ifndef MS_WINDOWS
if (options->RunAsDaemon && torrc_fname && path_is_relative(torrc_fname))
REJECT("Can't use a relative path to torrc when RunAsDaemon is set.");
#endif
if (options->SocksPort < 0 || options->SocksPort > 65535)
REJECT("SocksPort option out of bounds.");
if (options->DNSPort < 0 || options->DNSPort > 65535)
REJECT("DNSPort option out of bounds.");
if (options->TransPort < 0 || options->TransPort > 65535)
REJECT("TransPort option out of bounds.");
if (options->NatdPort < 0 || options->NatdPort > 65535)
REJECT("NatdPort option out of bounds.");
if (options->SocksPort == 0 && options->TransPort == 0 &&
options->NatdPort == 0 && options->ORPort == 0 &&
options->DNSPort == 0 && !options->RendConfigLines)
log(LOG_WARN, LD_CONFIG,
"SocksPort, TransPort, NatdPort, DNSPort, and ORPort are all "
"undefined, and there aren't any hidden services configured. "
"Tor will still run, but probably won't do anything.");
if (options->ControlPort < 0 || options->ControlPort > 65535)
REJECT("ControlPort option out of bounds.");
if (options->DirPort < 0 || options->DirPort > 65535)
REJECT("DirPort option out of bounds.");
#ifndef USE_TRANSPARENT
if (options->TransPort || options->TransListenAddress)
REJECT("TransPort and TransListenAddress are disabled in this build.");
#endif
if (options->AccountingMax &&
(is_listening_on_low_port(options->ORPort, options->ORListenAddress) ||
is_listening_on_low_port(options->DirPort, options->DirListenAddress)))
{
log(LOG_WARN, LD_CONFIG,
"You have set AccountingMax to use hibernation. You have also "
"chosen a low DirPort or OrPort. This combination can make Tor stop "
"working when it tries to re-attach the port after a period of "
"hibernation. Please choose a different port or turn off "
"hibernation unless you know this combination will work on your "
"platform.");
}
if (options->ExcludeExitNodes || options->ExcludeNodes) {
options->_ExcludeExitNodesUnion = routerset_new();
routerset_union(options->_ExcludeExitNodesUnion,options->ExcludeExitNodes);
routerset_union(options->_ExcludeExitNodesUnion,options->ExcludeNodes);
}
if (options->StrictExitNodes &&
(!options->ExitNodes) &&
(!old_options ||
(old_options->StrictExitNodes != options->StrictExitNodes) ||
(!routerset_equal(old_options->ExitNodes,options->ExitNodes))))
COMPLAIN("StrictExitNodes set, but no ExitNodes listed.");
if (options->StrictEntryNodes &&
(!options->EntryNodes) &&
(!old_options ||
(old_options->StrictEntryNodes != options->StrictEntryNodes) ||
(!routerset_equal(old_options->EntryNodes,options->EntryNodes))))
COMPLAIN("StrictEntryNodes set, but no EntryNodes listed.");
if (options->EntryNodes && !routerset_is_list(options->EntryNodes)) {
/* XXXX fix this; see entry_guards_prepend_from_config(). */
REJECT("IPs or countries are not yet supported in EntryNodes.");
}
if (options->AuthoritativeDir) {
if (!options->ContactInfo && !options->TestingTorNetwork)
REJECT("Authoritative directory servers must set ContactInfo");
if (options->V1AuthoritativeDir && !options->RecommendedVersions)
REJECT("V1 authoritative dir servers must set RecommendedVersions.");
if (!options->RecommendedClientVersions)
options->RecommendedClientVersions =
config_lines_dup(options->RecommendedVersions);
if (!options->RecommendedServerVersions)
options->RecommendedServerVersions =
config_lines_dup(options->RecommendedVersions);
if (options->VersioningAuthoritativeDir &&
(!options->RecommendedClientVersions ||
!options->RecommendedServerVersions))
REJECT("Versioning authoritative dir servers must set "
"Recommended*Versions.");
if (options->UseEntryGuards) {
log_info(LD_CONFIG, "Authoritative directory servers can't set "
"UseEntryGuards. Disabling.");
options->UseEntryGuards = 0;
}
if (!options->DownloadExtraInfo && authdir_mode_any_main(options)) {
log_info(LD_CONFIG, "Authoritative directories always try to download "
"extra-info documents. Setting DownloadExtraInfo.");
options->DownloadExtraInfo = 1;
}
if (!(options->BridgeAuthoritativeDir || options->HSAuthoritativeDir ||
options->V1AuthoritativeDir || options->V2AuthoritativeDir ||
options->V3AuthoritativeDir))
REJECT("AuthoritativeDir is set, but none of "
"(Bridge/HS/V1/V2/V3)AuthoritativeDir is set.");
}
if (options->AuthoritativeDir && !options->DirPort)
REJECT("Running as authoritative directory, but no DirPort set.");
if (options->AuthoritativeDir && !options->ORPort)
REJECT("Running as authoritative directory, but no ORPort set.");
if (options->AuthoritativeDir && options->ClientOnly)
REJECT("Running as authoritative directory, but ClientOnly also set.");
if (options->HSAuthorityRecordStats && !options->HSAuthoritativeDir)
REJECT("HSAuthorityRecordStats is set but we're not running as "
"a hidden service authority.");
if (options->ConnLimit <= 0) {
r = tor_snprintf(buf, sizeof(buf),
"ConnLimit must be greater than 0, but was set to %d",
options->ConnLimit);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
if (validate_ports_csv(options->FirewallPorts, "FirewallPorts", msg) < 0)
return -1;
if (validate_ports_csv(options->LongLivedPorts, "LongLivedPorts", msg) < 0)
return -1;
if (validate_ports_csv(options->RejectPlaintextPorts,
"RejectPlaintextPorts", msg) < 0)
return -1;
if (validate_ports_csv(options->WarnPlaintextPorts,
"WarnPlaintextPorts", msg) < 0)
return -1;
if (options->FascistFirewall && !options->ReachableAddresses) {
if (options->FirewallPorts && smartlist_len(options->FirewallPorts)) {
/* We already have firewall ports set, so migrate them to
* ReachableAddresses, which will set ReachableORAddresses and
* ReachableDirAddresses if they aren't set explicitly. */
smartlist_t *instead = smartlist_create();
config_line_t *new_line = tor_malloc_zero(sizeof(config_line_t));
new_line->key = tor_strdup("ReachableAddresses");
/* If we're configured with the old format, we need to prepend some
* open ports. */
SMARTLIST_FOREACH(options->FirewallPorts, const char *, portno,
{
int p = atoi(portno);
char *s;
if (p<0) continue;
s = tor_malloc(16);
tor_snprintf(s, 16, "*:%d", p);
smartlist_add(instead, s);
});
new_line->value = smartlist_join_strings(instead,",",0,NULL);
/* These have been deprecated since 0.1.1.5-alpha-cvs */
log(LOG_NOTICE, LD_CONFIG,
"Converting FascistFirewall and FirewallPorts "
"config options to new format: "ReachableAddresses %s"",
new_line->value);
options->ReachableAddresses = new_line;
SMARTLIST_FOREACH(instead, char *, cp, tor_free(cp));
smartlist_free(instead);
} else {
/* We do not have FirewallPorts set, so add 80 to
* ReachableDirAddresses, and 443 to ReachableORAddresses. */
if (!options->ReachableDirAddresses) {
config_line_t *new_line = tor_malloc_zero(sizeof(config_line_t));
new_line->key = tor_strdup("ReachableDirAddresses");
new_line->value = tor_strdup("*:80");
options->ReachableDirAddresses = new_line;
log(LOG_NOTICE, LD_CONFIG, "Converting FascistFirewall config option "
"to new format: "ReachableDirAddresses *:80"");
}
if (!options->ReachableORAddresses) {
config_line_t *new_line = tor_malloc_zero(sizeof(config_line_t));
new_line->key = tor_strdup("ReachableORAddresses");
new_line->value = tor_strdup("*:443");
options->ReachableORAddresses = new_line;
log(LOG_NOTICE, LD_CONFIG, "Converting FascistFirewall config option "
"to new format: "ReachableORAddresses *:443"");
}
}
}
for (i=0; i<3; i++) {
config_line_t **linep =
(i==0) ? &options->ReachableAddresses :
(i==1) ? &options->ReachableORAddresses :
&options->ReachableDirAddresses;
if (!*linep)
continue;
/* We need to end with a reject *:*, not an implicit accept *:* */
for (;;) {
if (!strcmp((*linep)->value, "reject *:*")) /* already there */
break;
linep = &((*linep)->next);
if (!*linep) {
*linep = tor_malloc_zero(sizeof(config_line_t));
(*linep)->key = tor_strdup(
(i==0) ? "ReachableAddresses" :
(i==1) ? "ReachableORAddresses" :
"ReachableDirAddresses");
(*linep)->value = tor_strdup("reject *:*");
break;
}
}
}
if ((options->ReachableAddresses ||
options->ReachableORAddresses ||
options->ReachableDirAddresses) &&
server_mode(options))
REJECT("Servers must be able to freely connect to the rest "
"of the Internet, so they must not set Reachable*Addresses "
"or FascistFirewall.");
if (options->UseBridges &&
server_mode(options))
REJECT("Servers must be able to freely connect to the rest "
"of the Internet, so they must not set UseBridges.");
options->_AllowInvalid = 0;
if (options->AllowInvalidNodes) {
SMARTLIST_FOREACH(options->AllowInvalidNodes, const char *, cp, {
if (!strcasecmp(cp, "entry"))
options->_AllowInvalid |= ALLOW_INVALID_ENTRY;
else if (!strcasecmp(cp, "exit"))
options->_AllowInvalid |= ALLOW_INVALID_EXIT;
else if (!strcasecmp(cp, "middle"))
options->_AllowInvalid |= ALLOW_INVALID_MIDDLE;
else if (!strcasecmp(cp, "introduction"))
options->_AllowInvalid |= ALLOW_INVALID_INTRODUCTION;
else if (!strcasecmp(cp, "rendezvous"))
options->_AllowInvalid |= ALLOW_INVALID_RENDEZVOUS;
else {
r = tor_snprintf(buf, sizeof(buf),
"Unrecognized value '%s' in AllowInvalidNodes", cp);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
});
}
if (compute_publishserverdescriptor(options) < 0) {
r = tor_snprintf(buf, sizeof(buf),
"Unrecognized value in PublishServerDescriptor");
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
if ((options->BridgeRelay
|| options->_PublishServerDescriptor & BRIDGE_AUTHORITY)
&& (options->_PublishServerDescriptor
& (V1_AUTHORITY|V2_AUTHORITY|V3_AUTHORITY))) {
REJECT("Bridges are not supposed to publish router descriptors to the "
"directory authorities. Please correct your "
"PublishServerDescriptor line.");
}
if (options->MinUptimeHidServDirectoryV2 < 0) {
log_warn(LD_CONFIG, "MinUptimeHidServDirectoryV2 option must be at "
"least 0 seconds. Changing to 0.");
options->MinUptimeHidServDirectoryV2 = 0;
}
if (options->RendPostPeriod < MIN_REND_POST_PERIOD) {
log(LOG_WARN,LD_CONFIG,"RendPostPeriod option is too short; "
"raising to %d seconds.", MIN_REND_POST_PERIOD);
options->RendPostPeriod = MIN_REND_POST_PERIOD;
}
if (options->RendPostPeriod > MAX_DIR_PERIOD) {
log(LOG_WARN, LD_CONFIG, "RendPostPeriod is too large; clipping to %ds.",
MAX_DIR_PERIOD);
options->RendPostPeriod = MAX_DIR_PERIOD;
}
if (options->CircuitBuildTimeout < MIN_CIRCUIT_BUILD_TIMEOUT) {
log(LOG_WARN, LD_CONFIG, "CircuitBuildTimeout option is too short; "
"raising to %d seconds.", MIN_CIRCUIT_BUILD_TIMEOUT);
options->CircuitBuildTimeout = MIN_CIRCUIT_BUILD_TIMEOUT;
}
if (options->MaxCircuitDirtiness < MIN_MAX_CIRCUIT_DIRTINESS) {
log(LOG_WARN, LD_CONFIG, "MaxCircuitDirtiness option is too short; "
"raising to %d seconds.", MIN_MAX_CIRCUIT_DIRTINESS);
options->MaxCircuitDirtiness = MIN_MAX_CIRCUIT_DIRTINESS;
}
if (options->KeepalivePeriod < 1)
REJECT("KeepalivePeriod option must be positive.");
if (ensure_bandwidth_cap(&options->BandwidthRate,
"BandwidthRate", msg) < 0)
return -1;
if (ensure_bandwidth_cap(&options->BandwidthBurst,
"BandwidthBurst", msg) < 0)
return -1;
if (ensure_bandwidth_cap(&options->MaxAdvertisedBandwidth,
"MaxAdvertisedBandwidth", msg) < 0)
return -1;
if (ensure_bandwidth_cap(&options->RelayBandwidthRate,
"RelayBandwidthRate", msg) < 0)
return -1;
if (ensure_bandwidth_cap(&options->RelayBandwidthBurst,
"RelayBandwidthBurst", msg) < 0)
return -1;
if (server_mode(options)) {
if (options->BandwidthRate < ROUTER_REQUIRED_MIN_BANDWIDTH) {
r = tor_snprintf(buf, sizeof(buf),
"BandwidthRate is set to %d bytes/second. "
"For servers, it must be at least %d.",
(int)options->BandwidthRate,
ROUTER_REQUIRED_MIN_BANDWIDTH);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
} else if (options->MaxAdvertisedBandwidth <
ROUTER_REQUIRED_MIN_BANDWIDTH/2) {
r = tor_snprintf(buf, sizeof(buf),
"MaxAdvertisedBandwidth is set to %d bytes/second. "
"For servers, it must be at least %d.",
(int)options->MaxAdvertisedBandwidth,
ROUTER_REQUIRED_MIN_BANDWIDTH/2);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
if (options->RelayBandwidthRate &&
options->RelayBandwidthRate < ROUTER_REQUIRED_MIN_BANDWIDTH) {
r = tor_snprintf(buf, sizeof(buf),
"RelayBandwidthRate is set to %d bytes/second. "
"For servers, it must be at least %d.",
(int)options->RelayBandwidthRate,
ROUTER_REQUIRED_MIN_BANDWIDTH);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
}
if (options->RelayBandwidthRate && !options->RelayBandwidthBurst)
options->RelayBandwidthBurst = options->RelayBandwidthRate;
if (options->RelayBandwidthRate > options->RelayBandwidthBurst)
REJECT("RelayBandwidthBurst must be at least equal "
"to RelayBandwidthRate.");
if (options->BandwidthRate > options->BandwidthBurst)
REJECT("BandwidthBurst must be at least equal to BandwidthRate.");
/* if they set relaybandwidth* really high but left bandwidth*
* at the default, raise the defaults. */
if (options->RelayBandwidthRate > options->BandwidthRate)
options->BandwidthRate = options->RelayBandwidthRate;
if (options->RelayBandwidthBurst > options->BandwidthBurst)
options->BandwidthBurst = options->RelayBandwidthBurst;
if (accounting_parse_options(options, 1)<0)
REJECT("Failed to parse accounting options. See logs for details.");
if (options->HttpProxy) { /* parse it now */
if (parse_addr_port(LOG_WARN, options->HttpProxy, NULL,
&options->HttpProxyAddr, &options->HttpProxyPort) < 0)
REJECT("HttpProxy failed to parse or resolve. Please fix.");
if (options->HttpProxyPort == 0) { /* give it a default */
options->HttpProxyPort = 80;
}
}
if (options->HttpProxyAuthenticator) {
if (strlen(options->HttpProxyAuthenticator) >= 48)
REJECT("HttpProxyAuthenticator is too long (>= 48 chars).");
}
if (options->HttpsProxy) { /* parse it now */
if (parse_addr_port(LOG_WARN, options->HttpsProxy, NULL,
&options->HttpsProxyAddr, &options->HttpsProxyPort) <0)
REJECT("HttpsProxy failed to parse or resolve. Please fix.");
if (options->HttpsProxyPort == 0) { /* give it a default */
options->HttpsProxyPort = 443;
}
}
if (options->HttpsProxyAuthenticator) {
if (strlen(options->HttpsProxyAuthenticator) >= 48)
REJECT("HttpsProxyAuthenticator is too long (>= 48 chars).");
}
if (options->HashedControlPassword) {
smartlist_t *sl = decode_hashed_passwords(options->HashedControlPassword);
if (!sl) {
REJECT("Bad HashedControlPassword: wrong length or bad encoding");
} else {
SMARTLIST_FOREACH(sl, char*, cp, tor_free(cp));
smartlist_free(sl);
}
}
if (options->HashedControlSessionPassword) {
smartlist_t *sl = decode_hashed_passwords(
options->HashedControlSessionPassword);
if (!sl) {
REJECT("Bad HashedControlSessionPassword: wrong length or bad encoding");
} else {
SMARTLIST_FOREACH(sl, char*, cp, tor_free(cp));
smartlist_free(sl);
}
}
if (options->ControlListenAddress) {
int all_are_local = 1;
config_line_t *ln;
for (ln = options->ControlListenAddress; ln; ln = ln->next) {
if (strcmpstart(ln->value, "127."))
all_are_local = 0;
}
if (!all_are_local) {
if (!options->HashedControlPassword &&
!options->HashedControlSessionPassword &&
!options->CookieAuthentication) {
log_warn(LD_CONFIG,
"You have a ControlListenAddress set to accept "
"unauthenticated connections from a non-local address. "
"This means that programs not running on your computer "
"can reconfigure your Tor, without even having to guess a "
"password. That's so bad that I'm closing your ControlPort "
"for you. If you need to control your Tor remotely, try "
"enabling authentication and using a tool like stunnel or "
"ssh to encrypt remote access.");
options->ControlPort = 0;
} else {
log_warn(LD_CONFIG, "You have a ControlListenAddress set to accept "
"connections from a non-local address. This means that "
"programs not running on your computer can reconfigure your "
"Tor. That's pretty bad, since the controller "
"protocol isn't encrypted! Maybe you should just listen on "
"127.0.0.1 and use a tool like stunnel or ssh to encrypt "
"remote connections to your control port.");
}
}
}
if (options->ControlPort && !options->HashedControlPassword &&
!options->HashedControlSessionPassword &&
!options->CookieAuthentication) {
log_warn(LD_CONFIG, "ControlPort is open, but no authentication method "
"has been configured. This means that any program on your "
"computer can reconfigure your Tor. That's bad! You should "
"upgrade your Tor controller as soon as possible.");
}
if (options->UseEntryGuards && ! options->NumEntryGuards)
REJECT("Cannot enable UseEntryGuards with NumEntryGuards set to 0");
if (check_nickname_list(options->MyFamily, "MyFamily", msg))
return -1;
for (cl = options->NodeFamilies; cl; cl = cl->next) {
if (check_nickname_list(cl->value, "NodeFamily", msg))
return -1;
}
if (validate_addr_policies(options, msg) < 0)
return -1;
if (validate_dir_authorities(options, old_options) < 0)
REJECT("Directory authority line did not parse. See logs for details.");
if (options->UseBridges && !options->Bridges)
REJECT("If you set UseBridges, you must specify at least one bridge.");
if (options->UseBridges && !options->TunnelDirConns)
REJECT("If you set UseBridges, you must set TunnelDirConns.");
if (options->Bridges) {
for (cl = options->Bridges; cl; cl = cl->next) {
if (parse_bridge_line(cl->value, 1)<0)
REJECT("Bridge line did not parse. See logs for details.");
}
}
if (options->ConstrainedSockets) {
/* If the user wants to constrain socket buffer use, make sure the desired
* limit is between MIN|MAX_TCPSOCK_BUFFER in k increments. */
if (options->ConstrainedSockSize < MIN_CONSTRAINED_TCP_BUFFER ||
options->ConstrainedSockSize > MAX_CONSTRAINED_TCP_BUFFER ||
options->ConstrainedSockSize % 1024) {
r = tor_snprintf(buf, sizeof(buf),
"ConstrainedSockSize is invalid. Must be a value between %d and %d "
"in 1024 byte increments.",
MIN_CONSTRAINED_TCP_BUFFER, MAX_CONSTRAINED_TCP_BUFFER);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
if (options->DirPort) {
/* Providing cached directory entries while system TCP buffers are scarce
* will exacerbate the socket errors. Suggest that this be disabled. */
COMPLAIN("You have requested constrained socket buffers while also "
"serving directory entries via DirPort. It is strongly "
"suggested that you disable serving directory requests when "
"system TCP buffer resources are scarce.");
}
}
if (options->V3AuthVoteDelay + options->V3AuthDistDelay >=
options->V3AuthVotingInterval/2) {
REJECT("V3AuthVoteDelay plus V3AuthDistDelay must be less than half "
"V3AuthVotingInterval");
}
if (options->V3AuthVoteDelay < MIN_VOTE_SECONDS)
REJECT("V3AuthVoteDelay is way too low.");
if (options->V3AuthDistDelay < MIN_DIST_SECONDS)
REJECT("V3AuthDistDelay is way too low.");
if (options->V3AuthNIntervalsValid < 2)
REJECT("V3AuthNIntervalsValid must be at least 2.");
if (options->V3AuthVotingInterval < MIN_VOTE_INTERVAL) {
REJECT("V3AuthVotingInterval is insanely low.");
} else if (options->V3AuthVotingInterval > 24*60*60) {
REJECT("V3AuthVotingInterval is insanely high.");
} else if (((24*60*60) % options->V3AuthVotingInterval) != 0) {
COMPLAIN("V3AuthVotingInterval does not divide evenly into 24 hours.");
}
if (rend_config_services(options, 1) < 0)
REJECT("Failed to configure rendezvous options. See logs for details.");
/* Parse client-side authorization for hidden services. */
if (rend_parse_service_authorization(options, 1) < 0)
REJECT("Failed to configure client authorization for hidden services. "
"See logs for details.");
if (parse_virtual_addr_network(options->VirtualAddrNetwork, 1, NULL)<0)
return -1;
if (options->PreferTunneledDirConns && !options->TunnelDirConns)
REJECT("Must set TunnelDirConns if PreferTunneledDirConns is set.");
if (options->AutomapHostsSuffixes) {
SMARTLIST_FOREACH(options->AutomapHostsSuffixes, char *, suf,
{
size_t len = strlen(suf);
if (len && suf[len-1] == '.')
suf[len-1] = '';
});
}
if (options->TestingTorNetwork && !options->DirServers) {
REJECT("TestingTorNetwork may only be configured in combination with "
"a non-default set of DirServers.");
}
/*XXXX022 checking for defaults manually like this is a bit fragile.*/
/* Keep changes to hard-coded values synchronous to man page and default
* values table. */
if (options->TestingV3AuthInitialVotingInterval != 30*60 &&
!options->TestingTorNetwork) {
REJECT("TestingV3AuthInitialVotingInterval may only be changed in testing "
"Tor networks!");
} else if (options->TestingV3AuthInitialVotingInterval < MIN_VOTE_INTERVAL) {
REJECT("TestingV3AuthInitialVotingInterval is insanely low.");
} else if (((30*60) % options->TestingV3AuthInitialVotingInterval) != 0) {
REJECT("TestingV3AuthInitialVotingInterval does not divide evenly into "
"30 minutes.");
}
if (options->TestingV3AuthInitialVoteDelay != 5*60 &&
!options->TestingTorNetwork) {
REJECT("TestingV3AuthInitialVoteDelay may only be changed in testing "
"Tor networks!");
} else if (options->TestingV3AuthInitialVoteDelay < MIN_VOTE_SECONDS) {
REJECT("TestingV3AuthInitialVoteDelay is way too low.");
}
if (options->TestingV3AuthInitialDistDelay != 5*60 &&
!options->TestingTorNetwork) {
REJECT("TestingV3AuthInitialDistDelay may only be changed in testing "
"Tor networks!");
} else if (options->TestingV3AuthInitialDistDelay < MIN_DIST_SECONDS) {
REJECT("TestingV3AuthInitialDistDelay is way too low.");
}
if (options->TestingV3AuthInitialVoteDelay +
options->TestingV3AuthInitialDistDelay >=
options->TestingV3AuthInitialVotingInterval/2) {
REJECT("TestingV3AuthInitialVoteDelay plus TestingV3AuthInitialDistDelay "
"must be less than half TestingV3AuthInitialVotingInterval");
}
if (options->TestingAuthDirTimeToLearnReachability != 30*60 &&
!options->TestingTorNetwork) {
REJECT("TestingAuthDirTimeToLearnReachability may only be changed in "
"testing Tor networks!");
} else if (options->TestingAuthDirTimeToLearnReachability < 0) {
REJECT("TestingAuthDirTimeToLearnReachability must be non-negative.");
} else if (options->TestingAuthDirTimeToLearnReachability > 2*60*60) {
COMPLAIN("TestingAuthDirTimeToLearnReachability is insanely high.");
}
if (options->TestingEstimatedDescriptorPropagationTime != 10*60 &&
!options->TestingTorNetwork) {
REJECT("TestingEstimatedDescriptorPropagationTime may only be changed in "
"testing Tor networks!");
} else if (options->TestingEstimatedDescriptorPropagationTime < 0) {
REJECT("TestingEstimatedDescriptorPropagationTime must be non-negative.");
} else if (options->TestingEstimatedDescriptorPropagationTime > 60*60) {
COMPLAIN("TestingEstimatedDescriptorPropagationTime is insanely high.");
}
if (options->TestingTorNetwork) {
log_warn(LD_CONFIG, "TestingTorNetwork is set. This will make your node "
"almost unusable in the public Tor network, and is "
"therefore only advised if you are building a "
"testing Tor network!");
}
return 0;
#undef REJECT
#undef COMPLAIN
}
/** Helper: return true iff s1 and s2 are both NULL, or both non-NULL
* equal strings. */
static int
opt_streq(const char *s1, const char *s2)
{
if (!s1 && !s2)
return 1;
else if (s1 && s2 && !strcmp(s1,s2))
return 1;
else
return 0;
}
/** Check if any of the previous options have changed but aren't allowed to. */
static int
options_transition_allowed(or_options_t *old, or_options_t *new_val,
char **msg)
{
if (!old)
return 0;
if (!opt_streq(old->PidFile, new_val->PidFile)) {
*msg = tor_strdup("PidFile is not allowed to change.");
return -1;
}
if (old->RunAsDaemon != new_val->RunAsDaemon) {
*msg = tor_strdup("While Tor is running, changing RunAsDaemon "
"is not allowed.");
return -1;
}
if (strcmp(old->DataDirectory,new_val->DataDirectory)!=0) {
char buf[1024];
int r = tor_snprintf(buf, sizeof(buf),
"While Tor is running, changing DataDirectory "
"("%s"->"%s") is not allowed.",
old->DataDirectory, new_val->DataDirectory);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
if (!opt_streq(old->User, new_val->User)) {
*msg = tor_strdup("While Tor is running, changing User is not allowed.");
return -1;
}
if (!opt_streq(old->Group, new_val->Group)) {
*msg = tor_strdup("While Tor is running, changing Group is not allowed.");
return -1;
}
if (old->HardwareAccel != new_val->HardwareAccel) {
*msg = tor_strdup("While Tor is running, changing HardwareAccel is "
"not allowed.");
return -1;
}
if (old->TestingTorNetwork != new_val->TestingTorNetwork) {
*msg = tor_strdup("While Tor is running, changing TestingTorNetwork "
"is not allowed.");
return -1;
}
return 0;
}
/** Return 1 if any change from old_options to new_options
* will require us to rotate the CPU and DNS workers; else return 0. */
static int
options_transition_affects_workers(or_options_t *old_options,
or_options_t *new_options)
{
if (!opt_streq(old_options->DataDirectory, new_options->DataDirectory) ||
old_options->NumCpus != new_options->NumCpus ||
old_options->ORPort != new_options->ORPort ||
old_options->ServerDNSSearchDomains !=
new_options->ServerDNSSearchDomains ||
old_options->SafeLogging != new_options->SafeLogging ||
old_options->ClientOnly != new_options->ClientOnly ||
!config_lines_eq(old_options->Logs, new_options->Logs))
return 1;
/* Check whether log options match. */
/* Nothing that changed matters. */
return 0;
}
/** Return 1 if any change from old_options to new_options
* will require us to generate a new descriptor; else return 0. */
static int
options_transition_affects_descriptor(or_options_t *old_options,
or_options_t *new_options)
{
/* XXX We can be smarter here. If your DirPort isn't being
* published and you just turned it off, no need to republish. Etc. */
if (!opt_streq(old_options->DataDirectory, new_options->DataDirectory) ||
!opt_streq(old_options->Nickname,new_options->Nickname) ||
!opt_streq(old_options->Address,new_options->Address) ||
!config_lines_eq(old_options->ExitPolicy,new_options->ExitPolicy) ||
old_options->ExitPolicyRejectPrivate !=
new_options->ExitPolicyRejectPrivate ||
old_options->ORPort != new_options->ORPort ||
old_options->DirPort != new_options->DirPort ||
old_options->ClientOnly != new_options->ClientOnly ||
old_options->NoPublish != new_options->NoPublish ||
old_options->_PublishServerDescriptor !=
new_options->_PublishServerDescriptor ||
get_effective_bwrate(old_options) != get_effective_bwrate(new_options) ||
get_effective_bwburst(old_options) !=
get_effective_bwburst(new_options) ||
!opt_streq(old_options->ContactInfo, new_options->ContactInfo) ||
!opt_streq(old_options->MyFamily, new_options->MyFamily) ||
!opt_streq(old_options->AccountingStart, new_options->AccountingStart) ||
old_options->AccountingMax != new_options->AccountingMax)
return 1;
return 0;
}
#ifdef MS_WINDOWS
/** Return the directory on windows where we expect to find our application
* data. */
static char *
get_windows_conf_root(void)
{
static int is_set = 0;
static char path[MAX_PATH+1];
LPITEMIDLIST idl;
IMalloc *m;
HRESULT result;
if (is_set)
return path;
/* Find X:documents and settingsusernameapplication data .
* We would use SHGetSpecialFolder path, but that wasn't added until IE4.
*/
#ifdef ENABLE_LOCAL_APPDATA
#define APPDATA_PATH CSIDL_LOCAL_APPDATA
#else
#define APPDATA_PATH CSIDL_APPDATA
#endif
if (!SUCCEEDED(SHGetSpecialFolderLocation(NULL, APPDATA_PATH, &idl))) {
GetCurrentDirectory(MAX_PATH, path);
is_set = 1;
log_warn(LD_CONFIG,
"I couldn't find your application data folder: are you "
"running an ancient version of Windows 95? Defaulting to "%s"",
path);
return path;
}
/* Convert the path from an "ID List" (whatever that is!) to a path. */
result = SHGetPathFromIDList(idl, path);
/* Now we need to free the */
SHGetMalloc(&m);
if (m) {
m->lpVtbl->Free(m, idl);
m->lpVtbl->Release(m);
}
if (!SUCCEEDED(result)) {
return NULL;
}
strlcat(path,"\tor",MAX_PATH);
is_set = 1;
return path;
}
#endif
/** Return the default location for our torrc file. */
static const char *
get_default_conf_file(void)
{
#ifdef MS_WINDOWS
static char path[MAX_PATH+1];
strlcpy(path, get_windows_conf_root(), MAX_PATH);
strlcat(path,"\torrc",MAX_PATH);
return path;
#else
return (CONFDIR "/torrc");
#endif
}
/** Verify whether lst is a string containing valid-looking comma-separated
* nicknames, or NULL. Return 0 on success. Warn and return -1 on failure.
*/
static int
check_nickname_list(const char *lst, const char *name, char **msg)
{
int r = 0;
smartlist_t *sl;
if (!lst)
return 0;
sl = smartlist_create();
smartlist_split_string(sl, lst, ",",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK|SPLIT_STRIP_SPACE, 0);
SMARTLIST_FOREACH(sl, const char *, s,
{
if (!is_legal_nickname_or_hexdigest(s)) {
char buf[1024];
int tmp = tor_snprintf(buf, sizeof(buf),
"Invalid nickname '%s' in %s line", s, name);
*msg = tor_strdup(tmp >= 0 ? buf : "internal error");
r = -1;
break;
}
});
SMARTLIST_FOREACH(sl, char *, s, tor_free(s));
smartlist_free(sl);
return r;
}
/** Learn config file name from command line arguments, or use the default */
static char *
find_torrc_filename(int argc, char **argv,
int *using_default_torrc, int *ignore_missing_torrc)
{
char *fname=NULL;
int i;
for (i = 1; i < argc; ++i) {
if (i < argc-1 && !strcmp(argv[i],"-f")) {
if (fname) {
log(LOG_WARN, LD_CONFIG, "Duplicate -f options on command line.");
tor_free(fname);
}
#ifdef MS_WINDOWS
/* XXX one day we might want to extend expand_filename to work
* under Windows as well. */
fname = tor_strdup(argv[i+1]);
#else
fname = expand_filename(argv[i+1]);
#endif
*using_default_torrc = 0;
++i;
} else if (!strcmp(argv[i],"--ignore-missing-torrc")) {
*ignore_missing_torrc = 1;
}
}
if (*using_default_torrc) {
/* didn't find one, try CONFDIR */
const char *dflt = get_default_conf_file();
if (dflt && file_status(dflt) == FN_FILE) {
fname = tor_strdup(dflt);
} else {
#ifndef MS_WINDOWS
char *fn;
fn = expand_filename("~/.torrc");
if (fn && file_status(fn) == FN_FILE) {
fname = fn;
} else {
tor_free(fn);
fname = tor_strdup(dflt);
}
#else
fname = tor_strdup(dflt);
#endif
}
}
return fname;
}
/** Load torrc from disk, setting torrc_fname if successful */
static char *
load_torrc_from_disk(int argc, char **argv)
{
char *fname=NULL;
char *cf = NULL;
int using_default_torrc = 1;
int ignore_missing_torrc = 0;
fname = find_torrc_filename(argc, argv,
&using_default_torrc, &ignore_missing_torrc);
tor_assert(fname);
log(LOG_DEBUG, LD_CONFIG, "Opening config file "%s"", fname);
tor_free(torrc_fname);
torrc_fname = fname;
/* Open config file */
if (file_status(fname) != FN_FILE ||
!(cf = read_file_to_str(fname,0,NULL))) {
if (using_default_torrc == 1 || ignore_missing_torrc ) {
log(LOG_NOTICE, LD_CONFIG, "Configuration file "%s" not present, "
"using reasonable defaults.", fname);
tor_free(fname); /* sets fname to NULL */
torrc_fname = NULL;
cf = tor_strdup("");
} else {
log(LOG_WARN, LD_CONFIG,
"Unable to open configuration file "%s".", fname);
goto err;
}
}
return cf;
err:
tor_free(fname);
torrc_fname = NULL;
return NULL;
}
/** Read a configuration file into options, finding the configuration
* file location based on the command line. After loading the file
* call options_init_from_string() to load the config.
* Return 0 if success, -1 if failure. */
int
options_init_from_torrc(int argc, char **argv)
{
char *cf=NULL;
int i, retval, command;
static char **backup_argv;
static int backup_argc;
char *command_arg = NULL;
char *errmsg=NULL;
if (argv) { /* first time we're called. save command line args */
backup_argv = argv;
backup_argc = argc;
} else { /* we're reloading. need to clean up old options first. */
argv = backup_argv;
argc = backup_argc;
}
if (argc > 1 && (!strcmp(argv[1], "-h") || !strcmp(argv[1],"--help"))) {
print_usage();
exit(0);
}
if (argc > 1 && !strcmp(argv[1], "--list-torrc-options")) {
/* For documenting validating whether we've documented everything. */
list_torrc_options();
exit(0);
}
if (argc > 1 && (!strcmp(argv[1],"--version"))) {
printf("Tor version %s.n",get_version());
exit(0);
}
/* Go through command-line variables */
if (!global_cmdline_options) {
/* Or we could redo the list every time we pass this place.
* It does not really matter */
if (config_get_commandlines(argc, argv, &global_cmdline_options) < 0) {
goto err;
}
}
command = CMD_RUN_TOR;
for (i = 1; i < argc; ++i) {
if (!strcmp(argv[i],"--list-fingerprint")) {
command = CMD_LIST_FINGERPRINT;
} else if (!strcmp(argv[i],"--hash-password")) {
command = CMD_HASH_PASSWORD;
command_arg = tor_strdup( (i < argc-1) ? argv[i+1] : "");
++i;
} else if (!strcmp(argv[i],"--verify-config")) {
command = CMD_VERIFY_CONFIG;
}
}
if (command == CMD_HASH_PASSWORD) {
cf = tor_strdup("");
} else {
cf = load_torrc_from_disk(argc, argv);
if (!cf)
goto err;
}
retval = options_init_from_string(cf, command, command_arg, &errmsg);
tor_free(cf);
if (retval < 0)
goto err;
return 0;
err:
if (errmsg) {
log(LOG_WARN,LD_CONFIG,"%s", errmsg);
tor_free(errmsg);
}
return -1;
}
/** Load the options from the configuration in cf, validate
* them for consistency and take actions based on them.
*
* Return 0 if success, negative on error:
* * -1 for general errors.
* * -2 for failure to parse/validate,
* * -3 for transition not allowed
* * -4 for error while setting the new options
*/
setopt_err_t
options_init_from_string(const char *cf,
int command, const char *command_arg,
char **msg)
{
or_options_t *oldoptions, *newoptions;
config_line_t *cl;
int retval;
setopt_err_t err = SETOPT_ERR_MISC;
tor_assert(msg);
oldoptions = global_options; /* get_options unfortunately asserts if
this is the first time we run*/
newoptions = tor_malloc_zero(sizeof(or_options_t));
newoptions->_magic = OR_OPTIONS_MAGIC;
options_init(newoptions);
newoptions->command = command;
newoptions->command_arg = command_arg;
/* get config lines, assign them */
retval = config_get_lines(cf, &cl);
if (retval < 0) {
err = SETOPT_ERR_PARSE;
goto err;
}
retval = config_assign(&options_format, newoptions, cl, 0, 0, msg);
config_free_lines(cl);
if (retval < 0) {
err = SETOPT_ERR_PARSE;
goto err;
}
/* Go through command-line variables too */
retval = config_assign(&options_format, newoptions,
global_cmdline_options, 0, 0, msg);
if (retval < 0) {
err = SETOPT_ERR_PARSE;
goto err;
}
/* If this is a testing network configuration, change defaults
* for a list of dependent config options, re-initialize newoptions
* with the new defaults, and assign all options to it second time. */
if (newoptions->TestingTorNetwork) {
/* XXXX this is a bit of a kludge. perhaps there's a better way to do
* this? We could, for example, make the parsing algorithm do two passes
* over the configuration. If it finds any "suite" options like
* TestingTorNetwork, it could change the defaults before its second pass.
* Not urgent so long as this seems to work, but at any sign of trouble,
* let's clean it up. -NM */
/* Change defaults. */
int i;
for (i = 0; testing_tor_network_defaults[i].name; ++i) {
config_var_t *new_var = &testing_tor_network_defaults[i];
config_var_t *old_var =
config_find_option(&options_format, new_var->name);
tor_assert(new_var);
tor_assert(old_var);
old_var->initvalue = new_var->initvalue;
}
/* Clear newoptions and re-initialize them with new defaults. */
config_free(&options_format, newoptions);
newoptions = tor_malloc_zero(sizeof(or_options_t));
newoptions->_magic = OR_OPTIONS_MAGIC;
options_init(newoptions);
newoptions->command = command;
newoptions->command_arg = command_arg;
/* Assign all options a second time. */
retval = config_get_lines(cf, &cl);
if (retval < 0) {
err = SETOPT_ERR_PARSE;
goto err;
}
retval = config_assign(&options_format, newoptions, cl, 0, 0, msg);
config_free_lines(cl);
if (retval < 0) {
err = SETOPT_ERR_PARSE;
goto err;
}
retval = config_assign(&options_format, newoptions,
global_cmdline_options, 0, 0, msg);
if (retval < 0) {
err = SETOPT_ERR_PARSE;
goto err;
}
}
/* Validate newoptions */
if (options_validate(oldoptions, newoptions, 0, msg) < 0) {
err = SETOPT_ERR_PARSE; /*XXX make this a separate return value.*/
goto err;
}
if (options_transition_allowed(oldoptions, newoptions, msg) < 0) {
err = SETOPT_ERR_TRANSITION;
goto err;
}
if (set_options(newoptions, msg)) {
err = SETOPT_ERR_SETTING;
goto err; /* frees and replaces old options */
}
return SETOPT_OK;
err:
config_free(&options_format, newoptions);
if (*msg) {
int len = (int)strlen(*msg)+256;
char *newmsg = tor_malloc(len);
tor_snprintf(newmsg, len, "Failed to parse/validate config: %s", *msg);
tor_free(*msg);
*msg = newmsg;
}
return err;
}
/** Return the location for our configuration file.
*/
const char *
get_torrc_fname(void)
{
if (torrc_fname)
return torrc_fname;
else
return get_default_conf_file();
}
/** Adjust the address map based on the MapAddress elements in the
* configuration options
*/
static void
config_register_addressmaps(or_options_t *options)
{
smartlist_t *elts;
config_line_t *opt;
char *from, *to;
addressmap_clear_configured();
elts = smartlist_create();
for (opt = options->AddressMap; opt; opt = opt->next) {
smartlist_split_string(elts, opt->value, NULL,
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 2);
if (smartlist_len(elts) >= 2) {
from = smartlist_get(elts,0);
to = smartlist_get(elts,1);
if (address_is_invalid_destination(to, 1)) {
log_warn(LD_CONFIG,
"Skipping invalid argument '%s' to MapAddress", to);
} else {
addressmap_register(from, tor_strdup(to), 0, ADDRMAPSRC_TORRC);
if (smartlist_len(elts)>2) {
log_warn(LD_CONFIG,"Ignoring extra arguments to MapAddress.");
}
}
} else {
log_warn(LD_CONFIG,"MapAddress '%s' has too few arguments. Ignoring.",
opt->value);
}
SMARTLIST_FOREACH(elts, char*, cp, tor_free(cp));
smartlist_clear(elts);
}
smartlist_free(elts);
}
/**
* Initialize the logs based on the configuration file.
*/
static int
options_init_logs(or_options_t *options, int validate_only)
{
config_line_t *opt;
int ok;
smartlist_t *elts;
int daemon =
#ifdef MS_WINDOWS
0;
#else
options->RunAsDaemon;
#endif
ok = 1;
elts = smartlist_create();
for (opt = options->Logs; opt; opt = opt->next) {
log_severity_list_t *severity;
const char *cfg = opt->value;
severity = tor_malloc_zero(sizeof(log_severity_list_t));
if (parse_log_severity_config(&cfg, severity) < 0) {
log_warn(LD_CONFIG, "Couldn't parse log levels in Log option 'Log %s'",
opt->value);
ok = 0; goto cleanup;
}
smartlist_split_string(elts, cfg, NULL,
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 2);
if (smartlist_len(elts) == 0)
smartlist_add(elts, tor_strdup("stdout"));
if (smartlist_len(elts) == 1 &&
(!strcasecmp(smartlist_get(elts,0), "stdout") ||
!strcasecmp(smartlist_get(elts,0), "stderr"))) {
int err = smartlist_len(elts) &&
!strcasecmp(smartlist_get(elts,0), "stderr");
if (!validate_only) {
if (daemon) {
log_warn(LD_CONFIG,
"Can't log to %s with RunAsDaemon set; skipping stdout",
err?"stderr":"stdout");
} else {
add_stream_log(severity, err?"<stderr>":"<stdout>",
fileno(err?stderr:stdout));
}
}
goto cleanup;
}
if (smartlist_len(elts) == 1 &&
!strcasecmp(smartlist_get(elts,0), "syslog")) {
#ifdef HAVE_SYSLOG_H
if (!validate_only) {
add_syslog_log(severity);
}
#else
log_warn(LD_CONFIG, "Syslog is not supported on this system. Sorry.");
#endif
goto cleanup;
}
if (smartlist_len(elts) == 2 &&
!strcasecmp(smartlist_get(elts,0), "file")) {
if (!validate_only) {
if (add_file_log(severity, smartlist_get(elts, 1)) < 0) {
log_warn(LD_CONFIG, "Couldn't open file for 'Log %s': %s",
opt->value, strerror(errno));
ok = 0;
}
}
goto cleanup;
}
log_warn(LD_CONFIG, "Bad syntax on file Log option 'Log %s'",
opt->value);
ok = 0; goto cleanup;
cleanup:
SMARTLIST_FOREACH(elts, char*, cp, tor_free(cp));
smartlist_clear(elts);
tor_free(severity);
}
smartlist_free(elts);
return ok?0:-1;
}
/** Read the contents of a Bridge line from line. Return 0
* if the line is well-formed, and -1 if it isn't. If
* validate_only is 0, and the line is well-formed, then add
* the bridge described in the line to our internal bridge list. */
static int
parse_bridge_line(const char *line, int validate_only)
{
smartlist_t *items = NULL;
int r;
char *addrport=NULL, *fingerprint=NULL;
tor_addr_t addr;
uint16_t port = 0;
char digest[DIGEST_LEN];
items = smartlist_create();
smartlist_split_string(items, line, NULL,
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1);
if (smartlist_len(items) < 1) {
log_warn(LD_CONFIG, "Too few arguments to Bridge line.");
goto err;
}
addrport = smartlist_get(items, 0);
smartlist_del_keeporder(items, 0);
if (tor_addr_port_parse(addrport, &addr, &port)<0) {
log_warn(LD_CONFIG, "Error parsing Bridge address '%s'", addrport);
goto err;
}
if (!port) {
log_info(LD_CONFIG,
"Bridge address '%s' has no port; using default port 443.",
addrport);
port = 443;
}
if (smartlist_len(items)) {
fingerprint = smartlist_join_strings(items, "", 0, NULL);
if (strlen(fingerprint) != HEX_DIGEST_LEN) {
log_warn(LD_CONFIG, "Key digest for Bridge is wrong length.");
goto err;
}
if (base16_decode(digest, DIGEST_LEN, fingerprint, HEX_DIGEST_LEN)<0) {
log_warn(LD_CONFIG, "Unable to decode Bridge key digest.");
goto err;
}
}
if (!validate_only) {
log_debug(LD_DIR, "Bridge at %s:%d (%s)", fmt_addr(&addr),
(int)port,
fingerprint ? fingerprint : "no key listed");
bridge_add_from_config(&addr, port, fingerprint ? digest : NULL);
}
r = 0;
goto done;
err:
r = -1;
done:
SMARTLIST_FOREACH(items, char*, s, tor_free(s));
smartlist_free(items);
tor_free(addrport);
tor_free(fingerprint);
return r;
}
/** Read the contents of a DirServer line from line. If
* validate_only is 0, and the line is well-formed, and it
* shares any bits with required_type or required_type
* is 0, then add the dirserver described in the line (minus whatever
* bits it's missing) as a valid authority. Return 0 on success,
* or -1 if the line isn't well-formed or if we can't add it. */
static int
parse_dir_server_line(const char *line, authority_type_t required_type,
int validate_only)
{
smartlist_t *items = NULL;
int r;
char *addrport=NULL, *address=NULL, *nickname=NULL, *fingerprint=NULL;
uint16_t dir_port = 0, or_port = 0;
char digest[DIGEST_LEN];
char v3_digest[DIGEST_LEN];
authority_type_t type = V2_AUTHORITY;
int is_not_hidserv_authority = 0, is_not_v2_authority = 0;
items = smartlist_create();
smartlist_split_string(items, line, NULL,
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1);
if (smartlist_len(items) < 1) {
log_warn(LD_CONFIG, "No arguments on DirServer line.");
goto err;
}
if (is_legal_nickname(smartlist_get(items, 0))) {
nickname = smartlist_get(items, 0);
smartlist_del_keeporder(items, 0);
}
while (smartlist_len(items)) {
char *flag = smartlist_get(items, 0);
if (TOR_ISDIGIT(flag[0]))
break;
if (!strcasecmp(flag, "v1")) {
type |= (V1_AUTHORITY | HIDSERV_AUTHORITY);
} else if (!strcasecmp(flag, "hs")) {
type |= HIDSERV_AUTHORITY;
} else if (!strcasecmp(flag, "no-hs")) {
is_not_hidserv_authority = 1;
} else if (!strcasecmp(flag, "bridge")) {
type |= BRIDGE_AUTHORITY;
} else if (!strcasecmp(flag, "no-v2")) {
is_not_v2_authority = 1;
} else if (!strcasecmpstart(flag, "orport=")) {
int ok;
char *portstring = flag + strlen("orport=");
or_port = (uint16_t) tor_parse_long(portstring, 10, 1, 65535, &ok, NULL);
if (!ok)
log_warn(LD_CONFIG, "Invalid orport '%s' on DirServer line.",
portstring);
} else if (!strcasecmpstart(flag, "v3ident=")) {
char *idstr = flag + strlen("v3ident=");
if (strlen(idstr) != HEX_DIGEST_LEN ||
base16_decode(v3_digest, DIGEST_LEN, idstr, HEX_DIGEST_LEN)<0) {
log_warn(LD_CONFIG, "Bad v3 identity digest '%s' on DirServer line",
flag);
} else {
type |= V3_AUTHORITY;
}
} else {
log_warn(LD_CONFIG, "Unrecognized flag '%s' on DirServer line",
flag);
}
tor_free(flag);
smartlist_del_keeporder(items, 0);
}
if (is_not_hidserv_authority)
type &= ~HIDSERV_AUTHORITY;
if (is_not_v2_authority)
type &= ~V2_AUTHORITY;
if (smartlist_len(items) < 2) {
log_warn(LD_CONFIG, "Too few arguments to DirServer line.");
goto err;
}
addrport = smartlist_get(items, 0);
smartlist_del_keeporder(items, 0);
if (parse_addr_port(LOG_WARN, addrport, &address, NULL, &dir_port)<0) {
log_warn(LD_CONFIG, "Error parsing DirServer address '%s'", addrport);
goto err;
}
if (!dir_port) {
log_warn(LD_CONFIG, "Missing port in DirServer address '%s'",addrport);
goto err;
}
fingerprint = smartlist_join_strings(items, "", 0, NULL);
if (strlen(fingerprint) != HEX_DIGEST_LEN) {
log_warn(LD_CONFIG, "Key digest for DirServer is wrong length %d.",
(int)strlen(fingerprint));
goto err;
}
if (!strcmp(fingerprint, "E623F7625FBE0C87820F11EC5F6D5377ED816294")) {
/* a known bad fingerprint. refuse to use it. We can remove this
* clause once Tor 0.1.2.17 is obsolete. */
log_warn(LD_CONFIG, "Dangerous dirserver line. To correct, erase your "
"torrc file (%s), or reinstall Tor and use the default torrc.",
get_torrc_fname());
goto err;
}
if (base16_decode(digest, DIGEST_LEN, fingerprint, HEX_DIGEST_LEN)<0) {
log_warn(LD_CONFIG, "Unable to decode DirServer key digest.");
goto err;
}
if (!validate_only && (!required_type || required_type & type)) {
if (required_type)
type &= required_type; /* pare down what we think of them as an
* authority for. */
log_debug(LD_DIR, "Trusted %d dirserver at %s:%d (%s)", (int)type,
address, (int)dir_port, (char*)smartlist_get(items,0));
if (!add_trusted_dir_server(nickname, address, dir_port, or_port,
digest, v3_digest, type))
goto err;
}
r = 0;
goto done;
err:
r = -1;
done:
SMARTLIST_FOREACH(items, char*, s, tor_free(s));
smartlist_free(items);
tor_free(addrport);
tor_free(address);
tor_free(nickname);
tor_free(fingerprint);
return r;
}
/** Adjust the value of options->DataDirectory, or fill it in if it's
* absent. Return 0 on success, -1 on failure. */
static int
normalize_data_directory(or_options_t *options)
{
#ifdef MS_WINDOWS
char *p;
if (options->DataDirectory)
return 0; /* all set */
p = tor_malloc(MAX_PATH);
strlcpy(p,get_windows_conf_root(),MAX_PATH);
options->DataDirectory = p;
return 0;
#else
const char *d = options->DataDirectory;
if (!d)
d = "~/.tor";
if (strncmp(d,"~/",2) == 0) {
char *fn = expand_filename(d);
if (!fn) {
log_warn(LD_CONFIG,"Failed to expand filename "%s".", d);
return -1;
}
if (!options->DataDirectory && !strcmp(fn,"/.tor")) {
/* If our homedir is /, we probably don't want to use it. */
/* Default to LOCALSTATEDIR/tor which is probably closer to what we
* want. */
log_warn(LD_CONFIG,
"Default DataDirectory is "~/.tor". This expands to "
""%s", which is probably not what you want. Using "
""%s"PATH_SEPARATOR"tor" instead", fn, LOCALSTATEDIR);
tor_free(fn);
fn = tor_strdup(LOCALSTATEDIR PATH_SEPARATOR "tor");
}
tor_free(options->DataDirectory);
options->DataDirectory = fn;
}
return 0;
#endif
}
/** Check and normalize the value of options->DataDirectory; return 0 if it
* sane, -1 otherwise. */
static int
validate_data_directory(or_options_t *options)
{
if (normalize_data_directory(options) < 0)
return -1;
tor_assert(options->DataDirectory);
if (strlen(options->DataDirectory) > (512-128)) {
log_warn(LD_CONFIG, "DataDirectory is too long.");
return -1;
}
return 0;
}
/** This string must remain the same forevermore. It is how we
* recognize that the torrc file doesn't need to be backed up. */
#define GENERATED_FILE_PREFIX "# This file was generated by Tor; "
"if you edit it, comments will not be preserved"
/** This string can change; it tries to give the reader an idea
* that editing this file by hand is not a good plan. */
#define GENERATED_FILE_COMMENT "# The old torrc file was renamed "
"to torrc.orig.1 or similar, and Tor will ignore it"
/** Save a configuration file for the configuration in options
* into the file fname. If the file already exists, and
* doesn't begin with GENERATED_FILE_PREFIX, rename it. Otherwise
* replace it. Return 0 on success, -1 on failure. */
static int
write_configuration_file(const char *fname, or_options_t *options)
{
char *old_val=NULL, *new_val=NULL, *new_conf=NULL;
int rename_old = 0, r;
size_t len;
tor_assert(fname);
switch (file_status(fname)) {
case FN_FILE:
old_val = read_file_to_str(fname, 0, NULL);
if (strcmpstart(old_val, GENERATED_FILE_PREFIX)) {
rename_old = 1;
}
tor_free(old_val);
break;
case FN_NOENT:
break;
case FN_ERROR:
case FN_DIR:
default:
log_warn(LD_CONFIG,
"Config file "%s" is not a file? Failing.", fname);
return -1;
}
if (!(new_conf = options_dump(options, 1))) {
log_warn(LD_BUG, "Couldn't get configuration string");
goto err;
}
len = strlen(new_conf)+256;
new_val = tor_malloc(len);
tor_snprintf(new_val, len, "%sn%snn%s",
GENERATED_FILE_PREFIX, GENERATED_FILE_COMMENT, new_conf);
if (rename_old) {
int i = 1;
size_t fn_tmp_len = strlen(fname)+32;
char *fn_tmp;
tor_assert(fn_tmp_len > strlen(fname)); /*check for overflow*/
fn_tmp = tor_malloc(fn_tmp_len);
while (1) {
if (tor_snprintf(fn_tmp, fn_tmp_len, "%s.orig.%d", fname, i)<0) {
log_warn(LD_BUG, "tor_snprintf failed inexplicably");
tor_free(fn_tmp);
goto err;
}
if (file_status(fn_tmp) == FN_NOENT)
break;
++i;
}
log_notice(LD_CONFIG, "Renaming old configuration file to "%s"", fn_tmp);
if (rename(fname, fn_tmp) < 0) {
log_warn(LD_FS,
"Couldn't rename configuration file "%s" to "%s": %s",
fname, fn_tmp, strerror(errno));
tor_free(fn_tmp);
goto err;
}
tor_free(fn_tmp);
}
if (write_str_to_file(fname, new_val, 0) < 0)
goto err;
r = 0;
goto done;
err:
r = -1;
done:
tor_free(new_val);
tor_free(new_conf);
return r;
}
/**
* Save the current configuration file value to disk. Return 0 on
* success, -1 on failure.
**/
int
options_save_current(void)
{
if (torrc_fname) {
/* This fails if we can't write to our configuration file.
*
* If we try falling back to datadirectory or something, we have a better
* chance of saving the configuration, but a better chance of doing
* something the user never expected. Let's just warn instead. */
return write_configuration_file(torrc_fname, get_options());
}
return write_configuration_file(get_default_conf_file(), get_options());
}
/** Mapping from a unit name to a multiplier for converting that unit into a
* base unit. */
struct unit_table_t {
const char *unit;
uint64_t multiplier;
};
/** Table to map the names of memory units to the number of bytes they
* contain. */
static struct unit_table_t memory_units[] = {
{ "", 1 },
{ "b", 1<< 0 },
{ "byte", 1<< 0 },
{ "bytes", 1<< 0 },
{ "kb", 1<<10 },
{ "kbyte", 1<<10 },
{ "kbytes", 1<<10 },
{ "kilobyte", 1<<10 },
{ "kilobytes", 1<<10 },
{ "m", 1<<20 },
{ "mb", 1<<20 },
{ "mbyte", 1<<20 },
{ "mbytes", 1<<20 },
{ "megabyte", 1<<20 },
{ "megabytes", 1<<20 },
{ "gb", 1<<30 },
{ "gbyte", 1<<30 },
{ "gbytes", 1<<30 },
{ "gigabyte", 1<<30 },
{ "gigabytes", 1<<30 },
{ "tb", U64_LITERAL(1)<<40 },
{ "terabyte", U64_LITERAL(1)<<40 },
{ "terabytes", U64_LITERAL(1)<<40 },
{ NULL, 0 },
};
/** Table to map the names of time units to the number of seconds they
* contain. */
static struct unit_table_t time_units[] = {
{ "", 1 },
{ "second", 1 },
{ "seconds", 1 },
{ "minute", 60 },
{ "minutes", 60 },
{ "hour", 60*60 },
{ "hours", 60*60 },
{ "day", 24*60*60 },
{ "days", 24*60*60 },
{ "week", 7*24*60*60 },
{ "weeks", 7*24*60*60 },
{ NULL, 0 },
};
/** Parse a string val containing a number, zero or more
* spaces, and an optional unit string. If the unit appears in the
* table u, then multiply the number by the unit multiplier.
* On success, set *ok to 1 and return this product.
* Otherwise, set *ok to 0.
*/
static uint64_t
config_parse_units(const char *val, struct unit_table_t *u, int *ok)
{
uint64_t v;
char *cp;
tor_assert(ok);
v = tor_parse_uint64(val, 10, 0, UINT64_MAX, ok, &cp);
if (!*ok)
return 0;
if (!cp) {
*ok = 1;
return v;
}
while (TOR_ISSPACE(*cp))
++cp;
for ( ;u->unit;++u) {
if (!strcasecmp(u->unit, cp)) {
v *= u->multiplier;
*ok = 1;
return v;
}
}
log_warn(LD_CONFIG, "Unknown unit '%s'.", cp);
*ok = 0;
return 0;
}
/** Parse a string in the format "number unit", where unit is a unit of
* information (byte, KB, M, etc). On success, set *ok to true
* and return the number of bytes specified. Otherwise, set
* *ok to false and return 0. */
static uint64_t
config_parse_memunit(const char *s, int *ok)
{
return config_parse_units(s, memory_units, ok);
}
/** Parse a string in the format "number unit", where unit is a unit of time.
* On success, set *ok to true and return the number of seconds in
* the provided interval. Otherwise, set *ok to 0 and return -1.
*/
static int
config_parse_interval(const char *s, int *ok)
{
uint64_t r;
r = config_parse_units(s, time_units, ok);
if (!ok)
return -1;
if (r > INT_MAX) {
log_warn(LD_CONFIG, "Interval '%s' is too long", s);
*ok = 0;
return -1;
}
return (int)r;
}
/* This is what passes for version detection on OSX. We set
* MACOSX_KQUEUE_IS_BROKEN to true iff we're on a version of OSX before
* 10.4.0 (aka 1040). */
#ifdef __APPLE__
#ifdef __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__
#define MACOSX_KQUEUE_IS_BROKEN
(__ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ < 1040)
#else
#define MACOSX_KQUEUE_IS_BROKEN 0
#endif
#endif
/**
* Initialize the libevent library.
*/
static void
init_libevent(void)
{
configure_libevent_logging();
/* If the kernel complains that some method (say, epoll) doesn't
* exist, we don't care about it, since libevent will cope.
*/
suppress_libevent_log_msg("Function not implemented");
#ifdef __APPLE__
if (MACOSX_KQUEUE_IS_BROKEN ||
decode_libevent_version(event_get_version(), NULL) < LE_11B) {
setenv("EVENT_NOKQUEUE","1",1);
}
#endif
/* In libevent versions before 2.0, it's hard to keep binary compatibility
* between upgrades, and unpleasant to detect when the version we compiled
* against is unlike the version we have linked against. Here's how. */
#if defined(_EVENT_VERSION) && defined(HAVE_EVENT_GET_VERSION)
/* We have a header-file version and a function-call version. Easy. */
if (strcmp(_EVENT_VERSION, event_get_version())) {
int compat1 = -1, compat2 = -1;
int verybad, prettybad ;
decode_libevent_version(_EVENT_VERSION, &compat1);
decode_libevent_version(event_get_version(), &compat2);
verybad = compat1 != compat2;
prettybad = (compat1 == -1 || compat2 == -1) && compat1 != compat2;
log(verybad ? LOG_WARN : (prettybad ? LOG_NOTICE : LOG_INFO),
LD_GENERAL, "We were compiled with headers from version %s "
"of Libevent, but we're using a Libevent library that says it's "
"version %s.", _EVENT_VERSION, event_get_version());
if (verybad)
log_warn(LD_GENERAL, "This will almost certainly make Tor crash.");
else if (prettybad)
log_notice(LD_GENERAL, "If Tor crashes, this might be why.");
else
log_info(LD_GENERAL, "I think these versions are binary-compatible.");
}
#elif defined(HAVE_EVENT_GET_VERSION)
/* event_get_version but no _EVENT_VERSION. We might be in 1.4.0-beta or
earlier, where that's normal. To see whether we were compiled with an
earlier version, let's see whether the struct event defines MIN_HEAP_IDX.
*/
#ifdef HAVE_STRUCT_EVENT_MIN_HEAP_IDX
/* The header files are 1.4.0-beta or later. If the version is not
* 1.4.0-beta, we are incompatible. */
{
if (strcmp(event_get_version(), "1.4.0-beta")) {
log_warn(LD_GENERAL, "It's a little hard to tell, but you seem to have "
"Libevent 1.4.0-beta header files, whereas you have linked "
"against Libevent %s. This will probably make Tor crash.",
event_get_version());
}
}
#else
/* Our headers are 1.3e or earlier. If the library version is not 1.4.x or
later, we're probably fine. */
{
const char *v = event_get_version();
if ((v[0] == '1' && v[2] == '.' && v[3] > '3') || v[0] > '1') {
log_warn(LD_GENERAL, "It's a little hard to tell, but you seem to have "
"Libevent header file from 1.3e or earlier, whereas you have "
"linked against Libevent %s. This will probably make Tor "
"crash.", event_get_version());
}
}
#endif
#elif defined(_EVENT_VERSION)
#warn "_EVENT_VERSION is defined but not get_event_version(): Libevent is odd."
#else
/* Your libevent is ancient. */
#endif
event_init();
suppress_libevent_log_msg(NULL);
#if defined(HAVE_EVENT_GET_VERSION) && defined(HAVE_EVENT_GET_METHOD)
/* Making this a NOTICE for now so we can link bugs to a libevent versions
* or methods better. */
log(LOG_NOTICE, LD_GENERAL,
"Initialized libevent version %s using method %s. Good.",
event_get_version(), event_get_method());
check_libevent_version(event_get_method(), get_options()->ORPort != 0);
#else
log(LOG_NOTICE, LD_GENERAL,
"Initialized old libevent (version 1.0b or earlier).");
log(LOG_WARN, LD_GENERAL,
"You have a *VERY* old version of libevent. It is likely to be buggy; "
"please build Tor with a more recent version.");
#endif
}
/** Table mapping return value of event_get_version() to le_version_t. */
static const struct {
const char *name; le_version_t version; int bincompat;
} le_version_table[] = {
/* earlier versions don't have get_version. */
{ "1.0c", LE_10C, 1},
{ "1.0d", LE_10D, 1},
{ "1.0e", LE_10E, 1},
{ "1.1", LE_11, 1 },
{ "1.1a", LE_11A, 1 },
{ "1.1b", LE_11B, 1 },
{ "1.2", LE_12, 1 },
{ "1.2a", LE_12A, 1 },
{ "1.3", LE_13, 1 },
{ "1.3a", LE_13A, 1 },
{ "1.3b", LE_13B, 1 },
{ "1.3c", LE_13C, 1 },
{ "1.3d", LE_13D, 1 },
{ "1.3e", LE_13E, 1 },
{ "1.4.0-beta", LE_140, 2 },
{ "1.4.1-beta", LE_141, 2 },
{ "1.4.2-rc", LE_142, 2 },
{ "1.4.3-stable", LE_143, 2 },
{ "1.4.4-stable", LE_144, 2 },
{ "1.4.5-stable", LE_145, 2 },
{ "1.4.6-stable", LE_146, 2 },
{ "1.4.7-stable", LE_147, 2 },
{ "1.4.8-stable", LE_148, 2 },
{ "1.4.99-trunk", LE_1499, 3 },
{ NULL, LE_OTHER, 0 }
};
/** Return the le_version_t for the current version of libevent. If the
* version is very new, return LE_OTHER. If the version is so old that it
* doesn't support event_get_version(), return LE_OLD. */
static le_version_t
decode_libevent_version(const char *v, int *bincompat_out)
{
int i;
for (i=0; le_version_table[i].name; ++i) {
if (!strcmp(le_version_table[i].name, v)) {
if (bincompat_out)
*bincompat_out = le_version_table[i].bincompat;
return le_version_table[i].version;
}
}
if (v[0] != '1' && bincompat_out)
*bincompat_out = 100;
else if (!strcmpstart(v, "1.4") && bincompat_out)
*bincompat_out = 2;
return LE_OTHER;
}
#if defined(HAVE_EVENT_GET_VERSION) && defined(HAVE_EVENT_GET_METHOD)
/**
* Compare the given libevent method and version to a list of versions
* which are known not to work. Warn the user as appropriate.
*/
static void
check_libevent_version(const char *m, int server)
{
int buggy = 0, iffy = 0, slow = 0, thread_unsafe = 0;
le_version_t version;
const char *v = event_get_version();
const char *badness = NULL;
const char *sad_os = "";
version = decode_libevent_version(v, NULL);
/* XXX Would it be worthwhile disabling the methods that we know
* are buggy, rather than just warning about them and then proceeding
* to use them? If so, we should probably not wrap this whole thing
* in HAVE_EVENT_GET_VERSION and HAVE_EVENT_GET_METHOD. -RD */
/* XXXX The problem is that it's not trivial to get libevent to change it's
* method once it's initialized, and it's not trivial to tell what method it
* will use without initializing it. I guess we could preemptively disable
* buggy libevent modes based on the version _before_ initializing it,
* though, but then there's no good way (afaict) to warn "I would have used
* kqueue, but instead I'm using select." -NM */
if (!strcmp(m, "kqueue")) {
if (version < LE_11B)
buggy = 1;
} else if (!strcmp(m, "epoll")) {
if (version < LE_11)
iffy = 1;
} else if (!strcmp(m, "poll")) {
if (version < LE_10E)
buggy = 1;
else if (version < LE_11)
slow = 1;
} else if (!strcmp(m, "select")) {
if (version < LE_11)
slow = 1;
} else if (!strcmp(m, "win32")) {
if (version < LE_11B)
buggy = 1;
}
/* Libevent versions before 1.3b do very badly on operating systems with
* user-space threading implementations. */
#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(__NetBSD__)
if (server && version < LE_13B) {
thread_unsafe = 1;
sad_os = "BSD variants";
}
#elif defined(__APPLE__) || defined(__darwin__)
if (server && version < LE_13B) {
thread_unsafe = 1;
sad_os = "Mac OS X";
}
#endif
if (thread_unsafe) {
log(LOG_WARN, LD_GENERAL,
"Libevent version %s often crashes when running a Tor server with %s. "
"Please use the latest version of libevent (1.3b or later)",v,sad_os);
badness = "BROKEN";
} else if (buggy) {
log(LOG_WARN, LD_GENERAL,
"There are serious bugs in using %s with libevent %s. "
"Please use the latest version of libevent.", m, v);
badness = "BROKEN";
} else if (iffy) {
log(LOG_WARN, LD_GENERAL,
"There are minor bugs in using %s with libevent %s. "
"You may want to use the latest version of libevent.", m, v);
badness = "BUGGY";
} else if (slow && server) {
log(LOG_WARN, LD_GENERAL,
"libevent %s can be very slow with %s. "
"When running a server, please use the latest version of libevent.",
v,m);
badness = "SLOW";
}
if (badness) {
control_event_general_status(LOG_WARN,
"BAD_LIBEVENT VERSION=%s METHOD=%s BADNESS=%s RECOVERED=NO",
v, m, badness);
}
}
#endif
/** Return the persistent state struct for this Tor. */
or_state_t *
get_or_state(void)
{
tor_assert(global_state);
return global_state;
}
/** Return a newly allocated string holding a filename relative to the data
* directory. If sub1 is present, it is the first path component after
* the data directory. If sub2 is also present, it is the second path
* component after the data directory. If suffix is present, it
* is appended to the filename.
*
* Examples:
* get_datadir_fname2_suffix("a", NULL, NULL) -> $DATADIR/a
* get_datadir_fname2_suffix("a", NULL, ".tmp") -> $DATADIR/a.tmp
* get_datadir_fname2_suffix("a", "b", ".tmp") -> $DATADIR/a/b/.tmp
* get_datadir_fname2_suffix("a", "b", NULL) -> $DATADIR/a/b
*
* Note: Consider using the get_datadir_fname* macros in or.h.
*/
char *
options_get_datadir_fname2_suffix(or_options_t *options,
const char *sub1, const char *sub2,
const char *suffix)
{
char *fname = NULL;
size_t len;
tor_assert(options);
tor_assert(options->DataDirectory);
tor_assert(sub1 || !sub2); /* If sub2 is present, sub1 must be present. */
len = strlen(options->DataDirectory);
if (sub1) {
len += strlen(sub1)+1;
if (sub2)
len += strlen(sub2)+1;
}
if (suffix)
len += strlen(suffix);
len++;
fname = tor_malloc(len);
if (sub1) {
if (sub2) {
tor_snprintf(fname, len, "%s"PATH_SEPARATOR"%s"PATH_SEPARATOR"%s",
options->DataDirectory, sub1, sub2);
} else {
tor_snprintf(fname, len, "%s"PATH_SEPARATOR"%s",
options->DataDirectory, sub1);
}
} else {
strlcpy(fname, options->DataDirectory, len);
}
if (suffix)
strlcat(fname, suffix, len);
return fname;
}
/** Return 0 if every setting in state is reasonable, and a
* permissible transition from old_state. Else warn and return -1.
* Should have no side effects, except for normalizing the contents of
* state.
*/
/* XXX from_setconf is here because of bug 238 */
static int
or_state_validate(or_state_t *old_state, or_state_t *state,
int from_setconf, char **msg)
{
/* We don't use these; only options do. Still, we need to match that
* signature. */
(void) from_setconf;
(void) old_state;
if (entry_guards_parse_state(state, 0, msg)<0)
return -1;
return 0;
}
/** Replace the current persistent state with new_state */
static void
or_state_set(or_state_t *new_state)
{
char *err = NULL;
tor_assert(new_state);
if (global_state)
config_free(&state_format, global_state);
global_state = new_state;
if (entry_guards_parse_state(global_state, 1, &err)<0) {
log_warn(LD_GENERAL,"%s",err);
tor_free(err);
}
if (rep_hist_load_state(global_state, &err)<0) {
log_warn(LD_GENERAL,"Unparseable bandwidth history state: %s",err);
tor_free(err);
}
}
/** Reload the persistent state from disk, generating a new state as needed.
* Return 0 on success, less than 0 on failure.
*/
static int
or_state_load(void)
{
or_state_t *new_state = NULL;
char *contents = NULL, *fname;
char *errmsg = NULL;
int r = -1, badstate = 0;
fname = get_datadir_fname("state");
switch (file_status(fname)) {
case FN_FILE:
if (!(contents = read_file_to_str(fname, 0, NULL))) {
log_warn(LD_FS, "Unable to read state file "%s"", fname);
goto done;
}
break;
case FN_NOENT:
break;
case FN_ERROR:
case FN_DIR:
default:
log_warn(LD_GENERAL,"State file "%s" is not a file? Failing.", fname);
goto done;
}
new_state = tor_malloc_zero(sizeof(or_state_t));
new_state->_magic = OR_STATE_MAGIC;
config_init(&state_format, new_state);
if (contents) {
config_line_t *lines=NULL;
int assign_retval;
if (config_get_lines(contents, &lines)<0)
goto done;
assign_retval = config_assign(&state_format, new_state,
lines, 0, 0, &errmsg);
config_free_lines(lines);
if (assign_retval<0)
badstate = 1;
if (errmsg) {
log_warn(LD_GENERAL, "%s", errmsg);
tor_free(errmsg);
}
}
if (!badstate && or_state_validate(NULL, new_state, 1, &errmsg) < 0)
badstate = 1;
if (errmsg) {
log_warn(LD_GENERAL, "%s", errmsg);
tor_free(errmsg);
}
if (badstate && !contents) {
log_warn(LD_BUG, "Uh oh. We couldn't even validate our own default state."
" This is a bug in Tor.");
goto done;
} else if (badstate && contents) {
int i;
file_status_t status;
size_t len = strlen(fname)+16;
char *fname2 = tor_malloc(len);
for (i = 0; i < 100; ++i) {
tor_snprintf(fname2, len, "%s.%d", fname, i);
status = file_status(fname2);
if (status == FN_NOENT)
break;
}
if (i == 100) {
log_warn(LD_BUG, "Unable to parse state in "%s"; too many saved bad "
"state files to move aside. Discarding the old state file.",
fname);
unlink(fname);
} else {
log_warn(LD_BUG, "Unable to parse state in "%s". Moving it aside "
"to "%s". This could be a bug in Tor; please tell "
"the developers.", fname, fname2);
if (rename(fname, fname2) < 0) {
log_warn(LD_BUG, "Weirdly, I couldn't even move the state aside. The "
"OS gave an error of %s", strerror(errno));
}
}
tor_free(fname2);
tor_free(contents);
config_free(&state_format, new_state);
new_state = tor_malloc_zero(sizeof(or_state_t));
new_state->_magic = OR_STATE_MAGIC;
config_init(&state_format, new_state);
} else if (contents) {
log_info(LD_GENERAL, "Loaded state from "%s"", fname);
} else {
log_info(LD_GENERAL, "Initialized state");
}
or_state_set(new_state);
new_state = NULL;
if (!contents) {
global_state->next_write = 0;
or_state_save(time(NULL));
}
r = 0;
done:
tor_free(fname);
tor_free(contents);
if (new_state)
config_free(&state_format, new_state);
return r;
}
/** Write the persistent state to disk. Return 0 for success, <0 on failure. */
int
or_state_save(time_t now)
{
char *state, *contents;
char tbuf[ISO_TIME_LEN+1];
size_t len;
char *fname;
tor_assert(global_state);
if (global_state->next_write > now)
return 0;
/* Call everything else that might dirty the state even more, in order
* to avoid redundant writes. */
entry_guards_update_state(global_state);
rep_hist_update_state(global_state);
if (accounting_is_enabled(get_options()))
accounting_run_housekeeping(now);
global_state->LastWritten = time(NULL);
tor_free(global_state->TorVersion);
len = strlen(get_version())+8;
global_state->TorVersion = tor_malloc(len);
tor_snprintf(global_state->TorVersion, len, "Tor %s", get_version());
state = config_dump(&state_format, global_state, 1, 0);
len = strlen(state)+256;
contents = tor_malloc(len);
format_local_iso_time(tbuf, time(NULL));
tor_snprintf(contents, len,
"# Tor state file last generated on %s local timen"
"# Other times below are in GMTn"
"# You *do not* need to edit this file.nn%s",
tbuf, state);
tor_free(state);
fname = get_datadir_fname("state");
if (write_str_to_file(fname, contents, 0)<0) {
log_warn(LD_FS, "Unable to write state to file "%s"", fname);
tor_free(fname);
tor_free(contents);
return -1;
}
log_info(LD_GENERAL, "Saved state to "%s"", fname);
tor_free(fname);
tor_free(contents);
global_state->next_write = TIME_MAX;
return 0;
}
/** Given a file name check to see whether the file exists but has not been
* modified for a very long time. If so, remove it. */
void
remove_file_if_very_old(const char *fname, time_t now)
{
#define VERY_OLD_FILE_AGE (28*24*60*60)
struct stat st;
if (stat(fname, &st)==0 && st.st_mtime < now-VERY_OLD_FILE_AGE) {
char buf[ISO_TIME_LEN+1];
format_local_iso_time(buf, st.st_mtime);
log_notice(LD_GENERAL, "Obsolete file %s hasn't been modified since %s. "
"Removing it.", fname, buf);
unlink(fname);
}
}
/** Helper to implement GETINFO functions about configuration variables (not
* their values). Given a "config/names" question, set *answer to a
* new string describing the supported configuration variables and their
* types. */
int
getinfo_helper_config(control_connection_t *conn,
const char *question, char **answer)
{
(void) conn;
if (!strcmp(question, "config/names")) {
smartlist_t *sl = smartlist_create();
int i;
for (i = 0; _option_vars[i].name; ++i) {
config_var_t *var = &_option_vars[i];
const char *type, *desc;
char *line;
size_t len;
desc = config_find_description(&options_format, var->name);
switch (var->type) {
case CONFIG_TYPE_STRING: type = "String"; break;
case CONFIG_TYPE_FILENAME: type = "Filename"; break;
case CONFIG_TYPE_UINT: type = "Integer"; break;
case CONFIG_TYPE_INTERVAL: type = "TimeInterval"; break;
case CONFIG_TYPE_MEMUNIT: type = "DataSize"; break;
case CONFIG_TYPE_DOUBLE: type = "Float"; break;
case CONFIG_TYPE_BOOL: type = "Boolean"; break;
case CONFIG_TYPE_ISOTIME: type = "Time"; break;
case CONFIG_TYPE_ROUTERSET: type = "RouterList"; break;
case CONFIG_TYPE_CSV: type = "CommaList"; break;
case CONFIG_TYPE_LINELIST: type = "LineList"; break;
case CONFIG_TYPE_LINELIST_S: type = "Dependant"; break;
case CONFIG_TYPE_LINELIST_V: type = "Virtual"; break;
default:
case CONFIG_TYPE_OBSOLETE:
type = NULL; break;
}
if (!type)
continue;
len = strlen(var->name)+strlen(type)+16;
if (desc)
len += strlen(desc);
line = tor_malloc(len);
if (desc)
tor_snprintf(line, len, "%s %s %sn",var->name,type,desc);
else
tor_snprintf(line, len, "%s %sn",var->name,type);
smartlist_add(sl, line);
}
*answer = smartlist_join_strings(sl, "", 0, NULL);
SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
smartlist_free(sl);
}
return 0;
}