网络

开发平台：

Unix_Linux

control.c：源码内容

}
/** Lookup the 'getinfo' entry question, and return
* the answer in *answer (or NULL if key not recognized).
* Return 0 if success or unrecognized, or -1 if recognized but
* internal error. */
static int
handle_getinfo_helper(control_connection_t *control_conn,
const char *question, char **answer)
{
int i;
*answer = NULL; /* unrecognized key by default */
for (i = 0; getinfo_items[i].varname; ++i) {
int match;
if (getinfo_items[i].is_prefix)
match = !strcmpstart(question, getinfo_items[i].varname);
else
match = !strcmp(question, getinfo_items[i].varname);
if (match) {
tor_assert(getinfo_items[i].fn);
return getinfo_items[i].fn(control_conn, question, answer);
}
}
return 0; /* unrecognized */
}
/** Called when we receive a GETINFO command. Try to fetch all requested
* information, and reply with information or error message. */
static int
handle_control_getinfo(control_connection_t *conn, uint32_t len,
const char *body)
{
smartlist_t *questions = smartlist_create();
smartlist_t *answers = smartlist_create();
smartlist_t *unrecognized = smartlist_create();
char *msg = NULL, *ans = NULL;
int i;
(void) len; /* body is NUL-terminated, so it's safe to ignore the length. */
smartlist_split_string(questions, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
SMARTLIST_FOREACH(questions, const char *, q,
{
if (handle_getinfo_helper(conn, q, &ans) < 0) {
connection_write_str_to_buf("551 Internal errorrn", conn);
goto done;
}
if (!ans) {
smartlist_add(unrecognized, (char*)q);
} else {
smartlist_add(answers, tor_strdup(q));
smartlist_add(answers, ans);
}
});
if (smartlist_len(unrecognized)) {
for (i=0; i < smartlist_len(unrecognized)-1; ++i)
connection_printf_to_buf(conn,
"552-Unrecognized key "%s"rn",
(char*)smartlist_get(unrecognized, i));
connection_printf_to_buf(conn,
"552 Unrecognized key "%s"rn",
(char*)smartlist_get(unrecognized, i));
goto done;
}
for (i = 0; i < smartlist_len(answers); i += 2) {
char *k = smartlist_get(answers, i);
char *v = smartlist_get(answers, i+1);
if (!strchr(v, 'n') && !strchr(v, 'r')) {
connection_printf_to_buf(conn, "250-%s=", k);
connection_write_str_to_buf(v, conn);
connection_write_str_to_buf("rn", conn);
} else {
char *esc = NULL;
size_t esc_len;
esc_len = write_escaped_data(v, strlen(v), &esc);
connection_printf_to_buf(conn, "250+%s=rn", k);
connection_write_to_buf(esc, esc_len, TO_CONN(conn));
tor_free(esc);
}
}
connection_write_str_to_buf("250 OKrn", conn);
done:
SMARTLIST_FOREACH(answers, char *, cp, tor_free(cp));
smartlist_free(answers);
SMARTLIST_FOREACH(questions, char *, cp, tor_free(cp));
smartlist_free(questions);
smartlist_free(unrecognized);
tor_free(msg);
return 0;
}
/** Given a string, convert it to a circuit purpose. */
static uint8_t
circuit_purpose_from_string(const char *string)
{
if (!strcmpstart(string, "purpose="))
string += strlen("purpose=");
if (!strcmp(string, "general"))
return CIRCUIT_PURPOSE_C_GENERAL;
else if (!strcmp(string, "controller"))
return CIRCUIT_PURPOSE_CONTROLLER;
else
return CIRCUIT_PURPOSE_UNKNOWN;
}
/** Return a newly allocated smartlist containing the arguments to the command
* waiting in body. If there are fewer than min_args arguments,
* or if max_args is nonnegative and there are more than
* max_args arguments, send a 512 error to the controller, using
* command as the command name in the error message. */
static smartlist_t *
getargs_helper(const char *command, control_connection_t *conn,
const char *body, int min_args, int max_args)
{
smartlist_t *args = smartlist_create();
smartlist_split_string(args, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
if (smartlist_len(args) < min_args) {
connection_printf_to_buf(conn, "512 Missing argument to %srn",command);
goto err;
} else if (max_args >= 0 && smartlist_len(args) > max_args) {
connection_printf_to_buf(conn, "512 Too many arguments to %srn",command);
goto err;
}
return args;
err:
SMARTLIST_FOREACH(args, char *, s, tor_free(s));
smartlist_free(args);
return NULL;
}
/** Called when we get an EXTENDCIRCUIT message. Try to extend the listed
* circuit, and report success or failure. */
static int
handle_control_extendcircuit(control_connection_t *conn, uint32_t len,
const char *body)
{
smartlist_t *router_nicknames=NULL, *routers=NULL;
origin_circuit_t *circ = NULL;
int zero_circ;
uint8_t intended_purpose = CIRCUIT_PURPOSE_C_GENERAL;
smartlist_t *args;
(void) len;
router_nicknames = smartlist_create();
args = getargs_helper("EXTENDCIRCUIT", conn, body, 2, -1);
if (!args)
goto done;
zero_circ = !strcmp("0", (char*)smartlist_get(args,0));
if (!zero_circ && !(circ = get_circ(smartlist_get(args,0)))) {
connection_printf_to_buf(conn, "552 Unknown circuit "%s"rn",
(char*)smartlist_get(args, 0));
}
smartlist_split_string(router_nicknames, smartlist_get(args,1), ",", 0, 0);
if (zero_circ && smartlist_len(args)>2) {
char *purp = smartlist_get(args,2);
intended_purpose = circuit_purpose_from_string(purp);
if (intended_purpose == CIRCUIT_PURPOSE_UNKNOWN) {
connection_printf_to_buf(conn, "552 Unknown purpose "%s"rn", purp);
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
goto done;
}
}
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
if (!zero_circ && !circ) {
goto done;
}
routers = smartlist_create();
SMARTLIST_FOREACH(router_nicknames, const char *, n,
{
routerinfo_t *r = router_get_by_nickname(n, 1);
if (!r) {
connection_printf_to_buf(conn, "552 No such router "%s"rn", n);
goto done;
}
smartlist_add(routers, r);
});
if (!smartlist_len(routers)) {
connection_write_str_to_buf("512 No router names providedrn", conn);
goto done;
}
if (zero_circ) {
/* start a new circuit */
circ = origin_circuit_init(intended_purpose, 0);
}
/* now circ refers to something that is ready to be extended */
SMARTLIST_FOREACH(routers, routerinfo_t *, r,
{
extend_info_t *info = extend_info_from_router(r);
circuit_append_new_exit(circ, info);
extend_info_free(info);
});
/* now that we've populated the cpath, start extending */
if (zero_circ) {
int err_reason = 0;
if ((err_reason = circuit_handle_first_hop(circ)) < 0) {
circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
connection_write_str_to_buf("551 Couldn't start circuitrn", conn);
goto done;
}
} else {
if (circ->_base.state == CIRCUIT_STATE_OPEN) {
int err_reason = 0;
circuit_set_state(TO_CIRCUIT(circ), CIRCUIT_STATE_BUILDING);
if ((err_reason = circuit_send_next_onion_skin(circ)) < 0) {
log_info(LD_CONTROL,
"send_next_onion_skin failed; circuit marked for closing.");
circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
connection_write_str_to_buf("551 Couldn't send onion skinrn", conn);
goto done;
}
}
}
connection_printf_to_buf(conn, "250 EXTENDED %lurn",
(unsigned long)circ->global_identifier);
if (zero_circ) /* send a 'launched' event, for completeness */
control_event_circuit_status(circ, CIRC_EVENT_LAUNCHED, 0);
done:
SMARTLIST_FOREACH(router_nicknames, char *, n, tor_free(n));
smartlist_free(router_nicknames);
if (routers)
smartlist_free(routers);
return 0;
}
/** Called when we get a SETCIRCUITPURPOSE message. If we can find the
* circuit and it's a valid purpose, change it. */
static int
handle_control_setcircuitpurpose(control_connection_t *conn,
uint32_t len, const char *body)
{
origin_circuit_t *circ = NULL;
uint8_t new_purpose;
smartlist_t *args;
(void) len; /* body is NUL-terminated, so it's safe to ignore the length. */
args = getargs_helper("SETCIRCUITPURPOSE", conn, body, 2, -1);
if (!args)
goto done;
if (!(circ = get_circ(smartlist_get(args,0)))) {
connection_printf_to_buf(conn, "552 Unknown circuit "%s"rn",
(char*)smartlist_get(args, 0));
goto done;
}
{
char *purp = smartlist_get(args,1);
new_purpose = circuit_purpose_from_string(purp);
if (new_purpose == CIRCUIT_PURPOSE_UNKNOWN) {
connection_printf_to_buf(conn, "552 Unknown purpose "%s"rn", purp);
goto done;
}
}
circ->_base.purpose = new_purpose;
connection_write_str_to_buf("250 OKrn", conn);
done:
if (args) {
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
}
return 0;
}
/** Called when we get an ATTACHSTREAM message. Try to attach the requested
* stream, and report success or failure. */
static int
handle_control_attachstream(control_connection_t *conn, uint32_t len,
const char *body)
{
edge_connection_t *ap_conn = NULL;
origin_circuit_t *circ = NULL;
int zero_circ;
smartlist_t *args;
crypt_path_t *cpath=NULL;
int hop=0, hop_line_ok=1;
(void) len;
args = getargs_helper("ATTACHSTREAM", conn, body, 2, -1);
if (!args)
return 0;
zero_circ = !strcmp("0", (char*)smartlist_get(args,1));
if (!(ap_conn = get_stream(smartlist_get(args, 0)))) {
connection_printf_to_buf(conn, "552 Unknown stream "%s"rn",
(char*)smartlist_get(args, 0));
} else if (!zero_circ && !(circ = get_circ(smartlist_get(args, 1)))) {
connection_printf_to_buf(conn, "552 Unknown circuit "%s"rn",
(char*)smartlist_get(args, 1));
} else if (circ && smartlist_len(args) > 2) {
char *hopstring = smartlist_get(args, 2);
if (!strcasecmpstart(hopstring, "HOP=")) {
hopstring += strlen("HOP=");
hop = (int) tor_parse_ulong(hopstring, 10, 0, INT_MAX,
&hop_line_ok, NULL);
if (!hop_line_ok) { /* broken hop line */
connection_printf_to_buf(conn, "552 Bad value hop=%srn", hopstring);
}
}
}
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
if (!ap_conn || (!zero_circ && !circ) || !hop_line_ok)
return 0;
if (ap_conn->_base.state != AP_CONN_STATE_CONTROLLER_WAIT &&
ap_conn->_base.state != AP_CONN_STATE_CONNECT_WAIT &&
ap_conn->_base.state != AP_CONN_STATE_RESOLVE_WAIT) {
connection_write_str_to_buf(
"555 Connection is not managed by controller.rn",
conn);
return 0;
}
/* Do we need to detach it first? */
if (ap_conn->_base.state != AP_CONN_STATE_CONTROLLER_WAIT) {
circuit_t *tmpcirc = circuit_get_by_edge_conn(ap_conn);
connection_edge_end(ap_conn, END_STREAM_REASON_TIMEOUT);
/* Un-mark it as ending, since we're going to reuse it. */
ap_conn->edge_has_sent_end = 0;
ap_conn->end_reason = 0;
if (tmpcirc)
circuit_detach_stream(tmpcirc,ap_conn);
ap_conn->_base.state = AP_CONN_STATE_CONTROLLER_WAIT;
}
if (circ && (circ->_base.state != CIRCUIT_STATE_OPEN)) {
connection_write_str_to_buf(
"551 Can't attach stream to non-open origin circuitrn",
conn);
return 0;
}
/* Is this a single hop circuit? */
if (circ && (circuit_get_cpath_len(circ)<2 || hop==1)) {
routerinfo_t *r = NULL;
char* exit_digest;
if (circ->build_state &&
circ->build_state->chosen_exit &&
circ->build_state->chosen_exit->identity_digest) {
exit_digest = circ->build_state->chosen_exit->identity_digest;
r = router_get_by_digest(exit_digest);
}
/* Do both the client and relay allow one-hop exit circuits? */
if (!r || !r->allow_single_hop_exits ||
!get_options()->AllowSingleHopCircuits) {
connection_write_str_to_buf(
"551 Can't attach stream to this one-hop circuit.rn", conn);
return 0;
}
ap_conn->chosen_exit_name = tor_strdup(hex_str(exit_digest, DIGEST_LEN));
}
if (circ && hop>0) {
/* find this hop in the circuit, and set cpath */
cpath = circuit_get_cpath_hop(circ, hop);
if (!cpath) {
connection_printf_to_buf(conn,
"551 Circuit doesn't have %d hops.rn", hop);
return 0;
}
}
if (connection_ap_handshake_rewrite_and_attach(ap_conn, circ, cpath) < 0) {
connection_write_str_to_buf("551 Unable to attach streamrn", conn);
return 0;
}
send_control_done(conn);
return 0;
}
/** Called when we get a POSTDESCRIPTOR message. Try to learn the provided
* descriptor, and report success or failure. */
static int
handle_control_postdescriptor(control_connection_t *conn, uint32_t len,
const char *body)
{
char *desc;
const char *msg=NULL;
uint8_t purpose = ROUTER_PURPOSE_GENERAL;
int cache = 0; /* eventually, we may switch this to 1 */
char *cp = memchr(body, 'n', len);
smartlist_t *args = smartlist_create();
tor_assert(cp);
*cp++ = '';
smartlist_split_string(args, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
SMARTLIST_FOREACH(args, char *, option,
{
if (!strcasecmpstart(option, "purpose=")) {
option += strlen("purpose=");
purpose = router_purpose_from_string(option);
if (purpose == ROUTER_PURPOSE_UNKNOWN) {
connection_printf_to_buf(conn, "552 Unknown purpose "%s"rn",
option);
goto done;
}
} else if (!strcasecmpstart(option, "cache=")) {
option += strlen("cache=");
if (!strcmp(option, "no"))
cache = 0;
else if (!strcmp(option, "yes"))
cache = 1;
else {
connection_printf_to_buf(conn, "552 Unknown cache request "%s"rn",
option);
goto done;
}
} else { /* unrecognized argument? */
connection_printf_to_buf(conn,
"512 Unexpected argument "%s" to postdescriptorrn", option);
goto done;
}
});
read_escaped_data(cp, len-(cp-body), &desc);
switch (router_load_single_router(desc, purpose, cache, &msg)) {
case -1:
if (!msg) msg = "Could not parse descriptor";
connection_printf_to_buf(conn, "554 %srn", msg);
break;
case 0:
if (!msg) msg = "Descriptor not added";
connection_printf_to_buf(conn, "251 %srn",msg);
break;
case 1:
send_control_done(conn);
break;
}
tor_free(desc);
done:
SMARTLIST_FOREACH(args, char *, arg, tor_free(arg));
smartlist_free(args);
return 0;
}
/** Called when we receive a REDIRECTSTERAM command. Try to change the target
* address of the named AP stream, and report success or failure. */
static int
handle_control_redirectstream(control_connection_t *conn, uint32_t len,
const char *body)
{
edge_connection_t *ap_conn = NULL;
char *new_addr = NULL;
uint16_t new_port = 0;
smartlist_t *args;
(void) len;
args = getargs_helper("REDIRECTSTREAM", conn, body, 2, -1);
if (!args)
return 0;
if (!(ap_conn = get_stream(smartlist_get(args, 0)))
|| !ap_conn->socks_request) {
connection_printf_to_buf(conn, "552 Unknown stream "%s"rn",
(char*)smartlist_get(args, 0));
} else {
int ok = 1;
if (smartlist_len(args) > 2) { /* they included a port too */
new_port = (uint16_t) tor_parse_ulong(smartlist_get(args, 2),
10, 1, 65535, &ok, NULL);
}
if (!ok) {
connection_printf_to_buf(conn, "512 Cannot parse port "%s"rn",
(char*)smartlist_get(args, 2));
} else {
new_addr = tor_strdup(smartlist_get(args, 1));
}
}
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
if (!new_addr)
return 0;
strlcpy(ap_conn->socks_request->address, new_addr,
sizeof(ap_conn->socks_request->address));
if (new_port)
ap_conn->socks_request->port = new_port;
tor_free(new_addr);
send_control_done(conn);
return 0;
}
/** Called when we get a CLOSESTREAM command; try to close the named stream
* and report success or failure. */
static int
handle_control_closestream(control_connection_t *conn, uint32_t len,
const char *body)
{
edge_connection_t *ap_conn=NULL;
uint8_t reason=0;
smartlist_t *args;
int ok;
(void) len;
args = getargs_helper("CLOSESTREAM", conn, body, 2, -1);
if (!args)
return 0;
else if (!(ap_conn = get_stream(smartlist_get(args, 0))))
connection_printf_to_buf(conn, "552 Unknown stream "%s"rn",
(char*)smartlist_get(args, 0));
else {
reason = (uint8_t) tor_parse_ulong(smartlist_get(args,1), 10, 0, 255,
&ok, NULL);
if (!ok) {
connection_printf_to_buf(conn, "552 Unrecognized reason "%s"rn",
(char*)smartlist_get(args, 1));
ap_conn = NULL;
}
}
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
if (!ap_conn)
return 0;
connection_mark_unattached_ap(ap_conn, reason);
send_control_done(conn);
return 0;
}
/** Called when we get a CLOSECIRCUIT command; try to close the named circuit
* and report success or failure. */
static int
handle_control_closecircuit(control_connection_t *conn, uint32_t len,
const char *body)
{
origin_circuit_t *circ = NULL;
int safe = 0;
smartlist_t *args;
(void) len;
args = getargs_helper("CLOSECIRCUIT", conn, body, 1, -1);
if (!args)
return 0;
if (!(circ=get_circ(smartlist_get(args, 0))))
connection_printf_to_buf(conn, "552 Unknown circuit "%s"rn",
(char*)smartlist_get(args, 0));
else {
int i;
for (i=1; i < smartlist_len(args); ++i) {
if (!strcasecmp(smartlist_get(args, i), "IfUnused"))
safe = 1;
else
log_info(LD_CONTROL, "Skipping unknown option %s",
(char*)smartlist_get(args,i));
}
}
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
if (!circ)
return 0;
if (!safe || !circ->p_streams) {
circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_REQUESTED);
}
send_control_done(conn);
return 0;
}
/** Called when we get a RESOLVE command: start trying to resolve
* the listed addresses. */
static int
handle_control_resolve(control_connection_t *conn, uint32_t len,
const char *body)
{
smartlist_t *args, *failed;
int is_reverse = 0;
(void) len; /* body is nul-terminated; it's safe to ignore the length */
if (!(conn->event_mask & ((uint32_t)1L<<EVENT_ADDRMAP))) {
log_warn(LD_CONTROL, "Controller asked us to resolve an address, but "
"isn't listening for ADDRMAP events. It probably won't see "
"the answer.");
}
args = smartlist_create();
smartlist_split_string(args, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
if (smartlist_len(args) &&
!strcasecmp(smartlist_get(args, 0), "mode=reverse")) {
char *cp = smartlist_get(args, 0);
smartlist_del_keeporder(args, 0);
tor_free(cp);
is_reverse = 1;
}
failed = smartlist_create();
SMARTLIST_FOREACH(args, const char *, arg, {
if (dnsserv_launch_request(arg, is_reverse)<0)
smartlist_add(failed, (char*)arg);
});
send_control_done(conn);
SMARTLIST_FOREACH(failed, const char *, arg, {
control_event_address_mapped(arg, arg, time(NULL),
"Unable to launch resolve request");
});
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
smartlist_free(failed);
return 0;
}
/** Called when we get a PROTOCOLINFO command: send back a reply. */
static int
handle_control_protocolinfo(control_connection_t *conn, uint32_t len,
const char *body)
{
const char *bad_arg = NULL;
smartlist_t *args;
(void)len;
conn->have_sent_protocolinfo = 1;
args = smartlist_create();
smartlist_split_string(args, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
SMARTLIST_FOREACH(args, const char *, arg, {
int ok;
tor_parse_long(arg, 10, 0, LONG_MAX, &ok, NULL);
if (!ok) {
bad_arg = arg;
break;
}
});
if (bad_arg) {
connection_printf_to_buf(conn, "513 No such version %srn",
escaped(bad_arg));
/* Don't tolerate bad arguments when not authenticated. */
if (!STATE_IS_OPEN(TO_CONN(conn)->state))
connection_mark_for_close(TO_CONN(conn));
goto done;
} else {
or_options_t *options = get_options();
int cookies = options->CookieAuthentication;
char *cfile = get_cookie_file();
char *esc_cfile = esc_for_log(cfile);
char *methods;
{
int passwd = (options->HashedControlPassword != NULL ||
options->HashedControlSessionPassword != NULL);
smartlist_t *mlist = smartlist_create();
if (cookies)
smartlist_add(mlist, (char*)"COOKIE");
if (passwd)
smartlist_add(mlist, (char*)"HASHEDPASSWORD");
if (!cookies && !passwd)
smartlist_add(mlist, (char*)"NULL");
methods = smartlist_join_strings(mlist, ",", 0, NULL);
smartlist_free(mlist);
}
connection_printf_to_buf(conn,
"250-PROTOCOLINFO 1rn"
"250-AUTH METHODS=%s%s%srn"
"250-VERSION Tor=%srn"
"250 OKrn",
methods,
cookies?" COOKIEFILE=":"",
cookies?esc_cfile:"",
escaped(VERSION));
tor_free(methods);
tor_free(cfile);
tor_free(esc_cfile);
}
done:
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
return 0;
}
/** Called when we get a USEFEATURE command: parse the feature list, and
* set up the control_connection's options properly. */
static int
handle_control_usefeature(control_connection_t *conn,
uint32_t len,
const char *body)
{
smartlist_t *args;
int verbose_names = 0, extended_events = 0;
int bad = 0;
(void) len; /* body is nul-terminated; it's safe to ignore the length */
args = smartlist_create();
smartlist_split_string(args, body, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
SMARTLIST_FOREACH(args, const char *, arg, {
if (!strcasecmp(arg, "VERBOSE_NAMES"))
verbose_names = 1;
else if (!strcasecmp(arg, "EXTENDED_EVENTS"))
extended_events = 1;
else {
connection_printf_to_buf(conn, "552 Unrecognized feature "%s"rn",
arg);
bad = 1;
break;
}
});
if (!bad) {
if (verbose_names) {
conn->use_long_names = 1;
control_update_global_event_mask();
}
if (extended_events)
conn->use_extended_events = 1;
send_control_done(conn);
}
SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
smartlist_free(args);
return 0;
}
/** Called when conn has no more bytes left on its outbuf. */
int
connection_control_finished_flushing(control_connection_t *conn)
{
tor_assert(conn);
connection_stop_writing(TO_CONN(conn));
return 0;
}
/** Called when conn has gotten its socket closed. */
int
connection_control_reached_eof(control_connection_t *conn)
{
tor_assert(conn);
log_info(LD_CONTROL,"Control connection reached EOF. Closing.");
connection_mark_for_close(TO_CONN(conn));
return 0;
}
/** Return true iff cmd is allowable (or at least forgivable) at this
* stage of the protocol. */
static int
is_valid_initial_command(control_connection_t *conn, const char *cmd)
{
if (conn->_base.state == CONTROL_CONN_STATE_OPEN)
return 1;
if (!strcasecmp(cmd, "PROTOCOLINFO"))
return !conn->have_sent_protocolinfo;
if (!strcasecmp(cmd, "AUTHENTICATE") ||
!strcasecmp(cmd, "QUIT"))
return 1;
return 0;
}
/** Do not accept any control command of more than 1MB in length. Anything
* that needs to be anywhere near this long probably means that one of our
* interfaces is broken. */
#define MAX_COMMAND_LINE_LENGTH (1024*1024)
/** Called when data has arrived on a v1 control connection: Try to fetch
* commands from conn->inbuf, and execute them.
*/
int
connection_control_process_inbuf(control_connection_t *conn)
{
size_t data_len;
uint32_t cmd_data_len;
int cmd_len;
char *args;
tor_assert(conn);
tor_assert(conn->_base.state == CONTROL_CONN_STATE_OPEN ||
conn->_base.state == CONTROL_CONN_STATE_NEEDAUTH);
if (!conn->incoming_cmd) {
conn->incoming_cmd = tor_malloc(1024);
conn->incoming_cmd_len = 1024;
conn->incoming_cmd_cur_len = 0;
}
if (conn->_base.state == CONTROL_CONN_STATE_NEEDAUTH &&
peek_buf_has_control0_command(conn->_base.inbuf)) {
/* Detect v0 commands and send a "no more v0" message. */
size_t body_len;
char buf[128];
set_uint16(buf+2, htons(0x0000)); /* type == error */
set_uint16(buf+4, htons(0x0001)); /* code == internal error */
strlcpy(buf+6, "The v0 control protocol is not supported by Tor 0.1.2.17 "
"and later; upgrade your controller.",
sizeof(buf)-6);
body_len = 2+strlen(buf+6)+2; /* code, msg, nul. */
set_uint16(buf+0, htons(body_len));
connection_write_to_buf(buf, 4+body_len, TO_CONN(conn));
connection_mark_for_close(TO_CONN(conn));
conn->_base.hold_open_until_flushed = 1;
return 0;
}
again:
while (1) {
size_t last_idx;
int r;
/* First, fetch a line. */
do {
data_len = conn->incoming_cmd_len - conn->incoming_cmd_cur_len;
r = fetch_from_buf_line(conn->_base.inbuf,
conn->incoming_cmd+conn->incoming_cmd_cur_len,
&data_len);
if (r == 0)
/* Line not all here yet. Wait. */
return 0;
else if (r == -1) {
if (data_len + conn->incoming_cmd_cur_len > MAX_COMMAND_LINE_LENGTH) {
connection_write_str_to_buf("500 Line too long.rn", conn);
connection_stop_reading(TO_CONN(conn));
connection_mark_for_close(TO_CONN(conn));
conn->_base.hold_open_until_flushed = 1;
}
while (conn->incoming_cmd_len < data_len+conn->incoming_cmd_cur_len)
conn->incoming_cmd_len *= 2;
conn->incoming_cmd = tor_realloc(conn->incoming_cmd,
conn->incoming_cmd_len);
}
} while (r != 1);
tor_assert(data_len);
last_idx = conn->incoming_cmd_cur_len;
conn->incoming_cmd_cur_len += (int)data_len;
/* We have appended a line to incoming_cmd. Is the command done? */
if (last_idx == 0 && *conn->incoming_cmd != '+')
/* One line command, didn't start with '+'. */
break;
/* XXXX this code duplication is kind of dumb. */
if (last_idx+3 == conn->incoming_cmd_cur_len &&
!memcmp(conn->incoming_cmd + last_idx, ".rn", 3)) {
/* Just appended ".rn"; we're done. Remove it. */
conn->incoming_cmd[last_idx] = '';
conn->incoming_cmd_cur_len -= 3;
break;
} else if (last_idx+2 == conn->incoming_cmd_cur_len &&
!memcmp(conn->incoming_cmd + last_idx, ".n", 2)) {
/* Just appended ".n"; we're done. Remove it. */
conn->incoming_cmd[last_idx] = '';
conn->incoming_cmd_cur_len -= 2;
break;
}
/* Otherwise, read another line. */
}
data_len = conn->incoming_cmd_cur_len;
/* Okay, we now have a command sitting on conn->incoming_cmd. See if we
* recognize it.
*/
cmd_len = 0;
while ((size_t)cmd_len < data_len
&& !TOR_ISSPACE(conn->incoming_cmd[cmd_len]))
++cmd_len;
data_len -= cmd_len;
conn->incoming_cmd[cmd_len]='';
args = conn->incoming_cmd+cmd_len+1;
while (*args == ' ' || *args == 't') {
++args;
--data_len;
}
/* If the connection is already closing, ignore further commands */
if (TO_CONN(conn)->marked_for_close) {
return 0;
}
/* Otherwise, Quit is always valid. */
if (!strcasecmp(conn->incoming_cmd, "QUIT")) {
connection_write_str_to_buf("250 closing connectionrn", conn);
connection_mark_for_close(TO_CONN(conn));
conn->_base.hold_open_until_flushed = 1;
return 0;
}
if (conn->_base.state == CONTROL_CONN_STATE_NEEDAUTH &&
!is_valid_initial_command(conn, conn->incoming_cmd)) {
connection_write_str_to_buf("514 Authentication required.rn", conn);
connection_mark_for_close(TO_CONN(conn));
return 0;
}
if (data_len >= UINT32_MAX) {
connection_write_str_to_buf("500 A 4GB command? Nice try.rn", conn);
connection_mark_for_close(TO_CONN(conn));
return 0;
}
cmd_data_len = (uint32_t)data_len;
if (!strcasecmp(conn->incoming_cmd, "SETCONF")) {
if (handle_control_setconf(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "RESETCONF")) {
if (handle_control_resetconf(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "GETCONF")) {
if (handle_control_getconf(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "+LOADCONF")) {
if (handle_control_loadconf(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "SETEVENTS")) {
if (handle_control_setevents(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "AUTHENTICATE")) {
if (handle_control_authenticate(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "SAVECONF")) {
if (handle_control_saveconf(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "SIGNAL")) {
if (handle_control_signal(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "MAPADDRESS")) {
if (handle_control_mapaddress(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "GETINFO")) {
if (handle_control_getinfo(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "EXTENDCIRCUIT")) {
if (handle_control_extendcircuit(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "SETCIRCUITPURPOSE")) {
if (handle_control_setcircuitpurpose(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "SETROUTERPURPOSE")) {
connection_write_str_to_buf("511 SETROUTERPURPOSE is obsolete.rn", conn);
} else if (!strcasecmp(conn->incoming_cmd, "ATTACHSTREAM")) {
if (handle_control_attachstream(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "+POSTDESCRIPTOR")) {
if (handle_control_postdescriptor(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "REDIRECTSTREAM")) {
if (handle_control_redirectstream(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "CLOSESTREAM")) {
if (handle_control_closestream(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "CLOSECIRCUIT")) {
if (handle_control_closecircuit(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "USEFEATURE")) {
if (handle_control_usefeature(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "RESOLVE")) {
if (handle_control_resolve(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "PROTOCOLINFO")) {
if (handle_control_protocolinfo(conn, cmd_data_len, args))
return -1;
} else {
connection_printf_to_buf(conn, "510 Unrecognized command "%s"rn",
conn->incoming_cmd);
}
conn->incoming_cmd_cur_len = 0;
goto again;
}
/** Something has happened to circuit circ: tell any interested
* control connections. */
int
control_event_circuit_status(origin_circuit_t *circ, circuit_status_event_t tp,
int reason_code)
{
const char *status;
char extended_buf[96];
int providing_reason=0;
if (!EVENT_IS_INTERESTING(EVENT_CIRCUIT_STATUS))
return 0;
tor_assert(circ);
switch (tp)
{
case CIRC_EVENT_LAUNCHED: status = "LAUNCHED"; break;
case CIRC_EVENT_BUILT: status = "BUILT"; break;
case CIRC_EVENT_EXTENDED: status = "EXTENDED"; break;
case CIRC_EVENT_FAILED: status = "FAILED"; break;
case CIRC_EVENT_CLOSED: status = "CLOSED"; break;
default:
log_warn(LD_BUG, "Unrecognized status code %d", (int)tp);
return 0;
}
tor_snprintf(extended_buf, sizeof(extended_buf), "PURPOSE=%s",
circuit_purpose_to_controller_string(circ->_base.purpose));
if (tp == CIRC_EVENT_FAILED || tp == CIRC_EVENT_CLOSED) {
const char *reason_str = circuit_end_reason_to_control_string(reason_code);
char *reason = NULL;
size_t n=strlen(extended_buf);
providing_reason=1;
if (!reason_str) {
reason = tor_malloc(16);
tor_snprintf(reason, 16, "UNKNOWN_%d", reason_code);
reason_str = reason;
}
if (reason_code > 0 && reason_code & END_CIRC_REASON_FLAG_REMOTE) {
tor_snprintf(extended_buf+n, sizeof(extended_buf)-n,
" REASON=DESTROYED REMOTE_REASON=%s", reason_str);
} else {
tor_snprintf(extended_buf+n, sizeof(extended_buf)-n,
" REASON=%s", reason_str);
}
tor_free(reason);
}
if (EVENT_IS_INTERESTING1S(EVENT_CIRCUIT_STATUS)) {
char *path = circuit_list_path(circ,0);
const char *sp = strlen(path) ? " " : "";
send_control_event_extended(EVENT_CIRCUIT_STATUS, SHORT_NAMES,
"650 CIRC %lu %s%s%s@%srn",
(unsigned long)circ->global_identifier,
status, sp, path, extended_buf);
tor_free(path);
}
if (EVENT_IS_INTERESTING1L(EVENT_CIRCUIT_STATUS)) {
char *vpath = circuit_list_path_for_controller(circ);
const char *sp = strlen(vpath) ? " " : "";
send_control_event_extended(EVENT_CIRCUIT_STATUS, LONG_NAMES,
"650 CIRC %lu %s%s%s@%srn",
(unsigned long)circ->global_identifier,
status, sp, vpath, extended_buf);
tor_free(vpath);
}
return 0;
}
/** Given an AP connection conn and a len-character buffer
* buf, determine the address:port combination requested on
* conn, and write it to buf. Return 0 on success, -1 on
* failure. */
static int
write_stream_target_to_buf(edge_connection_t *conn, char *buf, size_t len)
{
char buf2[256];
if (conn->chosen_exit_name)
if (tor_snprintf(buf2, sizeof(buf2), ".%s.exit", conn->chosen_exit_name)<0)
return -1;
if (!conn->socks_request)
return -1;
if (tor_snprintf(buf, len, "%s%s%s:%d",
conn->socks_request->address,
conn->chosen_exit_name ? buf2 : "",
!conn->chosen_exit_name &&
connection_edge_is_rendezvous_stream(conn) ? ".onion" : "",
conn->socks_request->port)<0)
return -1;
return 0;
}
/** Something has happened to the stream associated with AP connection
* conn: tell any interested control connections. */
int
control_event_stream_status(edge_connection_t *conn, stream_status_event_t tp,
int reason_code)
{
char reason_buf[64];
char addrport_buf[64];
const char *status;
circuit_t *circ;
origin_circuit_t *origin_circ = NULL;
char buf[256];
const char *purpose = "";
tor_assert(conn->socks_request);
if (!EVENT_IS_INTERESTING(EVENT_STREAM_STATUS))
return 0;
if (tp == STREAM_EVENT_CLOSED &&
(reason_code & END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED))
return 0;
write_stream_target_to_buf(conn, buf, sizeof(buf));
reason_buf[0] = '';
switch (tp)
{
case STREAM_EVENT_SENT_CONNECT: status = "SENTCONNECT"; break;
case STREAM_EVENT_SENT_RESOLVE: status = "SENTRESOLVE"; break;
case STREAM_EVENT_SUCCEEDED: status = "SUCCEEDED"; break;
case STREAM_EVENT_FAILED: status = "FAILED"; break;
case STREAM_EVENT_CLOSED: status = "CLOSED"; break;
case STREAM_EVENT_NEW: status = "NEW"; break;
case STREAM_EVENT_NEW_RESOLVE: status = "NEWRESOLVE"; break;
case STREAM_EVENT_FAILED_RETRIABLE: status = "DETACHED"; break;
case STREAM_EVENT_REMAP: status = "REMAP"; break;
default:
log_warn(LD_BUG, "Unrecognized status code %d", (int)tp);
return 0;
}
if (reason_code && (tp == STREAM_EVENT_FAILED ||
tp == STREAM_EVENT_CLOSED ||
tp == STREAM_EVENT_FAILED_RETRIABLE)) {
const char *reason_str = stream_end_reason_to_control_string(reason_code);
char *r = NULL;
if (!reason_str) {
r = tor_malloc(16);
tor_snprintf(r, 16, "UNKNOWN_%d", reason_code);
reason_str = r;
}
if (reason_code & END_STREAM_REASON_FLAG_REMOTE)
tor_snprintf(reason_buf, sizeof(reason_buf),
"REASON=END REMOTE_REASON=%s", reason_str);
else
tor_snprintf(reason_buf, sizeof(reason_buf),
"REASON=%s", reason_str);
tor_free(r);
} else if (reason_code && tp == STREAM_EVENT_REMAP) {
switch (reason_code) {
case REMAP_STREAM_SOURCE_CACHE:
strlcpy(reason_buf, "SOURCE=CACHE", sizeof(reason_buf));
break;
case REMAP_STREAM_SOURCE_EXIT:
strlcpy(reason_buf, "SOURCE=EXIT", sizeof(reason_buf));
break;
default:
tor_snprintf(reason_buf, sizeof(reason_buf), "REASON=UNKNOWN_%d",
reason_code);
/* XXX do we want SOURCE=UNKNOWN_%d above instead? -RD */
break;
}
}
if (tp == STREAM_EVENT_NEW) {
tor_snprintf(addrport_buf,sizeof(addrport_buf), "%sSOURCE_ADDR=%s:%d",
strlen(reason_buf) ? " " : "",
TO_CONN(conn)->address, TO_CONN(conn)->port );
} else {
addrport_buf[0] = '';
}
if (tp == STREAM_EVENT_NEW_RESOLVE) {
purpose = " PURPOSE=DNS_REQUEST";
} else if (tp == STREAM_EVENT_NEW) {
if (conn->is_dns_request ||
(conn->socks_request &&
SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command)))
purpose = " PURPOSE=DNS_REQUEST";
else if (conn->use_begindir) {
connection_t *linked = TO_CONN(conn)->linked_conn;
int linked_dir_purpose = -1;
if (linked && linked->type == CONN_TYPE_DIR)
linked_dir_purpose = linked->purpose;
if (DIR_PURPOSE_IS_UPLOAD(linked_dir_purpose))
purpose = " PURPOSE=DIR_UPLOAD";
else
purpose = " PURPOSE=DIR_FETCH";
} else
purpose = " PURPOSE=USER";
}
circ = circuit_get_by_edge_conn(conn);
if (circ && CIRCUIT_IS_ORIGIN(circ))
origin_circ = TO_ORIGIN_CIRCUIT(circ);
send_control_event_extended(EVENT_STREAM_STATUS, ALL_NAMES,
"650 STREAM "U64_FORMAT" %s %lu %s@%s%s%srn",
U64_PRINTF_ARG(conn->_base.global_identifier), status,
origin_circ?
(unsigned long)origin_circ->global_identifier : 0ul,
buf, reason_buf, addrport_buf, purpose);
/* XXX need to specify its intended exit, etc? */
return 0;
}
/** Figure out the best name for the target router of an OR connection
* conn, and write it into the len-character buffer
* name. Use verbose names if long_names is set. */
static void
orconn_target_get_name(int long_names,
char *name, size_t len, or_connection_t *conn)
{
if (! long_names) {
if (conn->nickname)
strlcpy(name, conn->nickname, len);
else
tor_snprintf(name, len, "%s:%d",
conn->_base.address, conn->_base.port);
} else {
routerinfo_t *ri = router_get_by_digest(conn->identity_digest);
if (ri) {
tor_assert(len > MAX_VERBOSE_NICKNAME_LEN);
router_get_verbose_nickname(name, ri);
} else if (! tor_digest_is_zero(conn->identity_digest)) {
name[0] = '$';
base16_encode(name+1, len-1, conn->identity_digest,
DIGEST_LEN);
} else {
tor_snprintf(name, len, "%s:%d",
conn->_base.address, conn->_base.port);
}
}
}
/** Called when the status of an OR connection conn changes: tell any
* interested control connections. tp is the new status for the
* connection. If conn has just closed or failed, then reason
* may be the reason why.
*/
int
control_event_or_conn_status(or_connection_t *conn, or_conn_status_event_t tp,
int reason)
{
int ncircs = 0;
const char *status;
char name[128];
char ncircs_buf[32] = {0}; /* > 8 + log10(2^32)=10 + 2 */
if (!EVENT_IS_INTERESTING(EVENT_OR_CONN_STATUS))
return 0;
switch (tp)
{
case OR_CONN_EVENT_LAUNCHED: status = "LAUNCHED"; break;
case OR_CONN_EVENT_CONNECTED: status = "CONNECTED"; break;
case OR_CONN_EVENT_FAILED: status = "FAILED"; break;
case OR_CONN_EVENT_CLOSED: status = "CLOSED"; break;
case OR_CONN_EVENT_NEW: status = "NEW"; break;
default:
log_warn(LD_BUG, "Unrecognized status code %d", (int)tp);
return 0;
}
ncircs = circuit_count_pending_on_or_conn(conn);
ncircs += conn->n_circuits;
if (ncircs && (tp == OR_CONN_EVENT_FAILED || tp == OR_CONN_EVENT_CLOSED)) {
tor_snprintf(ncircs_buf, sizeof(ncircs_buf), "%sNCIRCS=%d",
reason ? " " : "", ncircs);
}
if (EVENT_IS_INTERESTING1S(EVENT_OR_CONN_STATUS)) {
orconn_target_get_name(0, name, sizeof(name), conn);
send_control_event_extended(EVENT_OR_CONN_STATUS, SHORT_NAMES,
"650 ORCONN %s %s@%s%s%srn",
name, status,
reason ? "REASON=" : "",
orconn_end_reason_to_control_string(reason),
ncircs_buf);
}
if (EVENT_IS_INTERESTING1L(EVENT_OR_CONN_STATUS)) {
orconn_target_get_name(1, name, sizeof(name), conn);
send_control_event_extended(EVENT_OR_CONN_STATUS, LONG_NAMES,
"650 ORCONN %s %s@%s%s%srn",
name, status,
reason ? "REASON=" : "",
orconn_end_reason_to_control_string(reason),
ncircs_buf);
}
return 0;
}
/**
* Print out STREAM_BW event for a single conn
*/
int
control_event_stream_bandwidth(edge_connection_t *edge_conn)
{
if (EVENT_IS_INTERESTING(EVENT_STREAM_BANDWIDTH_USED)) {
if (!edge_conn->n_read && !edge_conn->n_written)
return 0;
send_control_event(EVENT_STREAM_BANDWIDTH_USED, ALL_NAMES,
"650 STREAM_BW "U64_FORMAT" %lu %lurn",
U64_PRINTF_ARG(edge_conn->_base.global_identifier),
(unsigned long)edge_conn->n_read,
(unsigned long)edge_conn->n_written);
edge_conn->n_written = edge_conn->n_read = 0;
}
return 0;
}
/** A second or more has elapsed: tell any interested control
* connections how much bandwidth streams have used. */
int
control_event_stream_bandwidth_used(void)
{
if (EVENT_IS_INTERESTING(EVENT_STREAM_BANDWIDTH_USED)) {
smartlist_t *conns = get_connection_array();
edge_connection_t *edge_conn;
SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn)
{
if (conn->type != CONN_TYPE_AP)
continue;
edge_conn = TO_EDGE_CONN(conn);
if (!edge_conn->n_read && !edge_conn->n_written)
continue;
send_control_event(EVENT_STREAM_BANDWIDTH_USED, ALL_NAMES,
"650 STREAM_BW "U64_FORMAT" %lu %lurn",
U64_PRINTF_ARG(edge_conn->_base.global_identifier),
(unsigned long)edge_conn->n_read,
(unsigned long)edge_conn->n_written);
edge_conn->n_written = edge_conn->n_read = 0;
}
SMARTLIST_FOREACH_END(conn);
}
return 0;
}
/** A second or more has elapsed: tell any interested control
* connections how much bandwidth we used. */
int
control_event_bandwidth_used(uint32_t n_read, uint32_t n_written)
{
if (EVENT_IS_INTERESTING(EVENT_BANDWIDTH_USED)) {
send_control_event(EVENT_BANDWIDTH_USED, ALL_NAMES,
"650 BW %lu %lurn",
(unsigned long)n_read,
(unsigned long)n_written);
}
return 0;
}
/** Called when we are sending a log message to the controllers: suspend
* sending further log messages to the controllers until we're done. Used by
* CONN_LOG_PROTECT. */
void
disable_control_logging(void)
{
++disable_log_messages;
}
/** We're done sending a log message to the controllers: re-enable controller
* logging. Used by CONN_LOG_PROTECT. */
void
enable_control_logging(void)
{
if (--disable_log_messages < 0)
tor_assert(0);
}
/** We got a log message: tell any interested control connections. */
void
control_event_logmsg(int severity, uint32_t domain, const char *msg)
{
int event;
/* Don't even think of trying to add stuff to a buffer from a cpuworker
* thread. */
if (! in_main_thread())
return;
if (disable_log_messages)
return;
if (domain == LD_BUG && EVENT_IS_INTERESTING(EVENT_STATUS_GENERAL) &&
severity <= LOG_NOTICE) {
char *esc = esc_for_log(msg);
++disable_log_messages;
control_event_general_status(severity, "BUG REASON="%s"", esc);
--disable_log_messages;
tor_free(esc);
}
event = log_severity_to_event(severity);
if (event >= 0 && EVENT_IS_INTERESTING(event)) {
char *b = NULL;
const char *s;
if (strchr(msg, 'n')) {
char *cp;
b = tor_strdup(msg);
for (cp = b; *cp; ++cp)
if (*cp == 'r' || *cp == 'n')
*cp = ' ';
}
switch (severity) {
case LOG_DEBUG: s = "DEBUG"; break;
case LOG_INFO: s = "INFO"; break;
case LOG_NOTICE: s = "NOTICE"; break;
case LOG_WARN: s = "WARN"; break;
case LOG_ERR: s = "ERR"; break;
default: s = "UnknownLogSeverity"; break;
}
++disable_log_messages;
send_control_event(event, ALL_NAMES, "650 %s %srn", s, b?b:msg);
--disable_log_messages;
tor_free(b);
}
}
/** Called whenever we receive new router descriptors: tell any
* interested control connections. routers is a list of
* routerinfo_t's.
*/
int
control_event_descriptors_changed(smartlist_t *routers)
{
size_t len;
char *msg;
smartlist_t *identities = NULL;
char buf[HEX_DIGEST_LEN+1];
if (!EVENT_IS_INTERESTING(EVENT_NEW_DESC))
return 0;
if (EVENT_IS_INTERESTING1S(EVENT_NEW_DESC)) {
identities = smartlist_create();
SMARTLIST_FOREACH(routers, routerinfo_t *, r,
{
base16_encode(buf,sizeof(buf),r->cache_info.identity_digest,DIGEST_LEN);
smartlist_add(identities, tor_strdup(buf));
});
}
if (EVENT_IS_INTERESTING1S(EVENT_NEW_DESC)) {
char *ids = smartlist_join_strings(identities, " ", 0, &len);
size_t ids_len = strlen(ids)+32;
msg = tor_malloc(ids_len);
tor_snprintf(msg, ids_len, "650 NEWDESC %srn", ids);
send_control_event_string(EVENT_NEW_DESC, SHORT_NAMES|ALL_FORMATS, msg);
tor_free(ids);
tor_free(msg);
}
if (EVENT_IS_INTERESTING1L(EVENT_NEW_DESC)) {
smartlist_t *names = smartlist_create();
char *ids;
size_t names_len;
SMARTLIST_FOREACH(routers, routerinfo_t *, ri, {
char *b = tor_malloc(MAX_VERBOSE_NICKNAME_LEN+1);
router_get_verbose_nickname(b, ri);
smartlist_add(names, b);
});
ids = smartlist_join_strings(names, " ", 0, &names_len);
names_len = strlen(ids)+32;
msg = tor_malloc(names_len);
tor_snprintf(msg, names_len, "650 NEWDESC %srn", ids);
send_control_event_string(EVENT_NEW_DESC, LONG_NAMES|ALL_FORMATS, msg);
tor_free(ids);
tor_free(msg);
SMARTLIST_FOREACH(names, char *, cp, tor_free(cp));
smartlist_free(names);
}
if (identities) {
SMARTLIST_FOREACH(identities, char *, cp, tor_free(cp));
smartlist_free(identities);
}
return 0;
}
/** Called when an address mapping on from from changes to to.
* expires values less than 3 are special; see connection_edge.c. If
* error is non-NULL, it is an error code describing the failure
* mode of the mapping.
*/
int
control_event_address_mapped(const char *from, const char *to, time_t expires,
const char *error)
{
if (!EVENT_IS_INTERESTING(EVENT_ADDRMAP))
return 0;
if (expires < 3 || expires == TIME_MAX)
send_control_event_extended(EVENT_ADDRMAP, ALL_NAMES,
"650 ADDRMAP %s %s NEVER@%srn", from, to,
error?error:"");
else {
char buf[ISO_TIME_LEN+1];
char buf2[ISO_TIME_LEN+1];
format_local_iso_time(buf,expires);
format_iso_time(buf2,expires);
send_control_event_extended(EVENT_ADDRMAP, ALL_NAMES,
"650 ADDRMAP %s %s "%s""
"@%s%sEXPIRES="%s"rn",
from, to, buf,
error?error:"", error?" ":"",
buf2);
}
return 0;
}
/** The authoritative dirserver has received a new descriptor that
* has passed basic syntax checks and is properly self-signed.
*
* Notify any interested party of the new descriptor and what has
* been done with it, and also optionally give an explanation/reason. */
int
control_event_or_authdir_new_descriptor(const char *action,
const char *desc, size_t desclen,
const char *msg)
{
char firstline[1024];
char *buf;
size_t totallen;
char *esc = NULL;
size_t esclen;
if (!EVENT_IS_INTERESTING(EVENT_AUTHDIR_NEWDESCS))
return 0;
tor_snprintf(firstline, sizeof(firstline),
"650+AUTHDIR_NEWDESC=rn%srn%srn",
action,
msg ? msg : "");
/* Escape the server descriptor properly */
esclen = write_escaped_data(desc, desclen, &esc);
totallen = strlen(firstline) + esclen + 1;
buf = tor_malloc(totallen);
strlcpy(buf, firstline, totallen);
strlcpy(buf+strlen(firstline), esc, totallen);
send_control_event_string(EVENT_AUTHDIR_NEWDESCS, ALL_NAMES|ALL_FORMATS,
buf);
send_control_event_string(EVENT_AUTHDIR_NEWDESCS, ALL_NAMES|ALL_FORMATS,
"650 OKrn");
tor_free(esc);
tor_free(buf);
return 0;
}
/** Helper function for NS-style events. Constructs and sends an event
* of type event with string event_string out of the set of
* networkstatuses statuses. Currently it is used for NS events
* and NEWCONSENSUS events. */
static int
control_event_networkstatus_changed_helper(smartlist_t *statuses,
uint16_t event,
const char *event_string)
{
smartlist_t *strs;
char *s, *esc = NULL;
if (!EVENT_IS_INTERESTING(event) || !smartlist_len(statuses))
return 0;
strs = smartlist_create();
smartlist_add(strs, tor_strdup("650+"));
smartlist_add(strs, tor_strdup(event_string));
smartlist_add(strs, tor_strdup("rn"));
SMARTLIST_FOREACH(statuses, routerstatus_t *, rs,
{
s = networkstatus_getinfo_helper_single(rs);
if (!s) continue;
smartlist_add(strs, s);
});
s = smartlist_join_strings(strs, "", 0, NULL);
write_escaped_data(s, strlen(s), &esc);
SMARTLIST_FOREACH(strs, char *, cp, tor_free(cp));
smartlist_free(strs);
tor_free(s);
send_control_event_string(event, ALL_NAMES|ALL_FORMATS, esc);
send_control_event_string(event, ALL_NAMES|ALL_FORMATS,
"650 OKrn");
tor_free(esc);
return 0;
}
/** Called when the routerstatus_ts statuses have changed: sends
* an NS event to any controller that cares. */
int
control_event_networkstatus_changed(smartlist_t *statuses)
{
return control_event_networkstatus_changed_helper(statuses, EVENT_NS, "NS");
}
/** Called when we get a new consensus networkstatus. Sends a NEWCONSENSUS
* event consisting of an NS-style line for each relay in the consensus. */
int
control_event_newconsensus(const networkstatus_t *consensus)
{
if (!control_event_is_interesting(EVENT_NEWCONSENSUS))
return 0;
return control_event_networkstatus_changed_helper(
consensus->routerstatus_list, EVENT_NEWCONSENSUS, "NEWCONSENSUS");
}
/** Called when a single local_routerstatus_t has changed: Sends an NS event
* to any controller that cares. */
int
control_event_networkstatus_changed_single(routerstatus_t *rs)
{
smartlist_t *statuses;
int r;
if (!EVENT_IS_INTERESTING(EVENT_NS))
return 0;
statuses = smartlist_create();
smartlist_add(statuses, rs);
r = control_event_networkstatus_changed(statuses);
smartlist_free(statuses);
return r;
}
/** Our own router descriptor has changed; tell any controllers that care.
*/
int
control_event_my_descriptor_changed(void)
{
send_control_event(EVENT_DESCCHANGED, ALL_NAMES, "650 DESCCHANGEDrn");
return 0;
}
/** Helper: sends a status event where type is one of
* EVENT_STATUS_{GENERAL,CLIENT,SERVER}, where severity is one of
* LOG_{NOTICE,WARN,ERR}, and where format is a printf-style format
* string corresponding to args. */
static int
control_event_status(int type, int severity, const char *format, va_list args)
{
char format_buf[160];
const char *status, *sev;
switch (type) {
case EVENT_STATUS_GENERAL:
status = "STATUS_GENERAL";
break;
case EVENT_STATUS_CLIENT:
status = "STATUS_CLIENT";
break;
case EVENT_STATUS_SERVER:
status = "STATUS_SERVER";
break;
default:
log_warn(LD_BUG, "Unrecognized status type %d", type);
return -1;
}
switch (severity) {
case LOG_NOTICE:
sev = "NOTICE";
break;
case LOG_WARN:
sev = "WARN";
break;
case LOG_ERR:
sev = "ERR";
break;
default:
log_warn(LD_BUG, "Unrecognized status severity %d", severity);
return -1;
}
if (tor_snprintf(format_buf, sizeof(format_buf), "650 %s %s %srn",
status, sev, format)<0) {
log_warn(LD_BUG, "Format string too long.");
return -1;
}
send_control_event_impl(type, ALL_NAMES|ALL_FORMATS, 0, format_buf, args);
return 0;
}
/** Format and send an EVENT_STATUS_GENERAL event whose main text is obtained
* by formatting the arguments using the printf-style format. */
int
control_event_general_status(int severity, const char *format, ...)
{
va_list ap;
int r;
if (!EVENT_IS_INTERESTING(EVENT_STATUS_GENERAL))
return 0;
va_start(ap, format);
r = control_event_status(EVENT_STATUS_GENERAL, severity, format, ap);
va_end(ap);
return r;
}
/** Format and send an EVENT_STATUS_CLIENT event whose main text is obtained
* by formatting the arguments using the printf-style format. */
int
control_event_client_status(int severity, const char *format, ...)
{
va_list ap;
int r;
if (!EVENT_IS_INTERESTING(EVENT_STATUS_CLIENT))
return 0;
va_start(ap, format);
r = control_event_status(EVENT_STATUS_CLIENT, severity, format, ap);
va_end(ap);
return r;
}
/** Format and send an EVENT_STATUS_SERVER event whose main text is obtained
* by formatting the arguments using the printf-style format. */
int
control_event_server_status(int severity, const char *format, ...)
{
va_list ap;
int r;
if (!EVENT_IS_INTERESTING(EVENT_STATUS_SERVER))
return 0;
va_start(ap, format);
r = control_event_status(EVENT_STATUS_SERVER, severity, format, ap);
va_end(ap);
return r;
}
/** Called when the status of an entry guard with the given nickname
* and identity digest has changed to status: tells any
* controllers that care. */
int
control_event_guard(const char *nickname, const char *digest,
const char *status)
{
char hbuf[HEX_DIGEST_LEN+1];
base16_encode(hbuf, sizeof(hbuf), digest, DIGEST_LEN);
if (!EVENT_IS_INTERESTING(EVENT_GUARD))
return 0;
if (EVENT_IS_INTERESTING1L(EVENT_GUARD)) {
char buf[MAX_VERBOSE_NICKNAME_LEN+1];
routerinfo_t *ri = router_get_by_digest(digest);
if (ri) {
router_get_verbose_nickname(buf, ri);
} else {
tor_snprintf(buf, sizeof(buf), "$%s~%s", hbuf, nickname);
}
send_control_event(EVENT_GUARD, LONG_NAMES,
"650 GUARD ENTRY %s %srn", buf, status);
}
if (EVENT_IS_INTERESTING1S(EVENT_GUARD)) {
send_control_event(EVENT_GUARD, SHORT_NAMES,
"650 GUARD ENTRY $%s %srn", hbuf, status);
}
return 0;
}
/** Helper: Return a newly allocated string containing a path to the
* file where we store our authentication cookie. */
static char *
get_cookie_file(void)
{
or_options_t *options = get_options();
if (options->CookieAuthFile && strlen(options->CookieAuthFile)) {
return tor_strdup(options->CookieAuthFile);
} else {
return get_datadir_fname("control_auth_cookie");
}
}
/** Choose a random authentication cookie and write it to disk.
* Anybody who can read the cookie from disk will be considered
* authorized to use the control connection. Return -1 if we can't
* write the file, or 0 on success. */
int
init_cookie_authentication(int enabled)
{
char *fname;
if (!enabled) {
authentication_cookie_is_set = 0;
return 0;
}
/* We don't want to generate a new cookie every time we call
* options_act(). One should be enough. */
if (authentication_cookie_is_set)
return 0; /* all set */
fname = get_cookie_file();
crypto_rand(authentication_cookie, AUTHENTICATION_COOKIE_LEN);
authentication_cookie_is_set = 1;
if (write_bytes_to_file(fname, authentication_cookie,
AUTHENTICATION_COOKIE_LEN, 1)) {
log_warn(LD_FS,"Error writing authentication cookie to %s.",
escaped(fname));
tor_free(fname);
return -1;
}
#ifndef MS_WINDOWS
if (get_options()->CookieAuthFileGroupReadable) {
if (chmod(fname, 0640)) {
log_warn(LD_FS,"Unable to make %s group-readable.", escaped(fname));
}
}
#endif
tor_free(fname);
return 0;
}
/** Convert the name of a bootstrapping phase s into strings
* tag and summary suitable for display by the controller. */
static int
bootstrap_status_to_string(bootstrap_status_t s, const char **tag,
const char **summary)
{
switch (s) {
case BOOTSTRAP_STATUS_UNDEF:
*tag = "undef";
*summary = "Undefined";
break;
case BOOTSTRAP_STATUS_STARTING:
*tag = "starting";
*summary = "Starting";
break;
case BOOTSTRAP_STATUS_CONN_DIR:
*tag = "conn_dir";
*summary = "Connecting to directory server";
break;
case BOOTSTRAP_STATUS_HANDSHAKE:
*tag = "status_handshake";
*summary = "Finishing handshake";
break;
case BOOTSTRAP_STATUS_HANDSHAKE_DIR:
*tag = "handshake_dir";
*summary = "Finishing handshake with directory server";
break;
case BOOTSTRAP_STATUS_ONEHOP_CREATE:
*tag = "onehop_create";
*summary = "Establishing an encrypted directory connection";
break;
case BOOTSTRAP_STATUS_REQUESTING_STATUS:
*tag = "requesting_status";
*summary = "Asking for networkstatus consensus";
break;
case BOOTSTRAP_STATUS_LOADING_STATUS:
*tag = "loading_status";
*summary = "Loading networkstatus consensus";
break;
case BOOTSTRAP_STATUS_LOADING_KEYS:
*tag = "loading_keys";
*summary = "Loading authority key certs";
break;
case BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS:
*tag = "requesting_descriptors";
*summary = "Asking for relay descriptors";
break;
case BOOTSTRAP_STATUS_LOADING_DESCRIPTORS:
*tag = "loading_descriptors";
*summary = "Loading relay descriptors";
break;
case BOOTSTRAP_STATUS_CONN_OR:
*tag = "conn_or";
*summary = "Connecting to the Tor network";
break;
case BOOTSTRAP_STATUS_HANDSHAKE_OR:
*tag = "handshake_or";
*summary = "Finishing handshake with first hop";
break;
case BOOTSTRAP_STATUS_CIRCUIT_CREATE:
*tag = "circuit_create";
*summary = "Establishing a Tor circuit";
break;
case BOOTSTRAP_STATUS_DONE:
*tag = "done";
*summary = "Done";
break;
default:
// log_warn(LD_BUG, "Unrecognized bootstrap status code %d", s);
*tag = *summary = "unknown";
return -1;
}
return 0;
}
/** What percentage through the bootstrap process are we? We remember
* this so we can avoid sending redundant bootstrap status events, and
* so we can guess context for the bootstrap messages which are
* ambiguous. It starts at 'undef', but gets set to 'starting' while
* Tor initializes. */
static int bootstrap_percent = BOOTSTRAP_STATUS_UNDEF;
/** How many problems have we had getting to the next bootstrapping phase?
* These include failure to establish a connection to a Tor relay,
* failures to finish the TLS handshake, failures to validate the
* consensus document, etc. */
static int bootstrap_problems = 0;
/* We only tell the controller once we've hit a threshold of problems
* for the current phase. */
#define BOOTSTRAP_PROBLEM_THRESHOLD 10
/** Called when Tor has made progress at bootstrapping its directory
* information and initial circuits.
*
* status is the new status, that is, what task we will be doing
* next. percent is zero if we just started this task, else it
* represents progress on the task. */
void
control_event_bootstrap(bootstrap_status_t status, int progress)
{
const char *tag, *summary;
char buf[BOOTSTRAP_MSG_LEN];
if (bootstrap_percent == BOOTSTRAP_STATUS_DONE)
return; /* already bootstrapped; nothing to be done here. */
/* special case for handshaking status, since our TLS handshaking code
* can't distinguish what the connection is going to be for. */
if (status == BOOTSTRAP_STATUS_HANDSHAKE) {
if (bootstrap_percent < BOOTSTRAP_STATUS_CONN_OR) {
status = BOOTSTRAP_STATUS_HANDSHAKE_DIR;
} else {
status = BOOTSTRAP_STATUS_HANDSHAKE_OR;
}
}
if (status > bootstrap_percent ||
(progress && progress > bootstrap_percent)) {
bootstrap_status_to_string(status, &tag, &summary);
log(status ? LOG_NOTICE : LOG_INFO, LD_CONTROL,
"Bootstrapped %d%%: %s.", progress ? progress : status, summary);
tor_snprintf(buf, sizeof(buf),
"BOOTSTRAP PROGRESS=%d TAG=%s SUMMARY="%s"",
progress ? progress : status, tag, summary);
tor_snprintf(last_sent_bootstrap_message,
sizeof(last_sent_bootstrap_message),
"NOTICE %s", buf);
control_event_client_status(LOG_NOTICE, "%s", buf);
if (status > bootstrap_percent) {
bootstrap_percent = status; /* new milestone reached */
}
if (progress > bootstrap_percent) {
/* incremental progress within a milestone */
bootstrap_percent = progress;
bootstrap_problems = 0; /* Progress! Reset our problem counter. */
}
}
}
/** Called when Tor has failed to make bootstrapping progress in a way
* that indicates a problem. warn gives a hint as to why, and
* reason provides an "or_conn_end_reason" tag.
*/
void
control_event_bootstrap_problem(const char *warn, int reason)
{
int status = bootstrap_percent;
const char *tag, *summary;
char buf[BOOTSTRAP_MSG_LEN];
const char *recommendation = "ignore";
if (bootstrap_percent == 100)
return; /* already bootstrapped; nothing to be done here. */
bootstrap_problems++;
if (bootstrap_problems >= BOOTSTRAP_PROBLEM_THRESHOLD)
recommendation = "warn";
if (reason == END_OR_CONN_REASON_NO_ROUTE)
recommendation = "warn";
if (get_options()->UseBridges &&
!any_bridge_descriptors_known() &&
!any_pending_bridge_descriptor_fetches())
recommendation = "warn";
while (status>=0 && bootstrap_status_to_string(status, &tag, &summary) < 0)
status--; /* find a recognized status string based on current progress */
status = bootstrap_percent; /* set status back to the actual number */
log_fn(!strcmp(recommendation, "warn") ? LOG_WARN : LOG_INFO,
LD_CONTROL, "Problem bootstrapping. Stuck at %d%%: %s. (%s; %s; "
"count %d; recommendation %s)",
status, summary, warn,
orconn_end_reason_to_control_string(reason),
bootstrap_problems, recommendation);
tor_snprintf(buf, sizeof(buf),
"BOOTSTRAP PROGRESS=%d TAG=%s SUMMARY="%s" WARNING="%s" REASON=%s "
"COUNT=%d RECOMMENDATION=%s",
bootstrap_percent, tag, summary, warn,
orconn_end_reason_to_control_string(reason), bootstrap_problems,
recommendation);
tor_snprintf(last_sent_bootstrap_message,
sizeof(last_sent_bootstrap_message),
"WARN %s", buf);
control_event_client_status(LOG_WARN, "%s", buf);
}
/** We just generated a new summary of which countries we've seen clients
* from recently. Send a copy to the controller in case it wants to
* display it for the user. */
void
control_event_clients_seen(const char *timestarted, const char *countries)
{
send_control_event(EVENT_CLIENTS_SEEN, 0,
"650 CLIENTS_SEEN TimeStarted="%s" CountrySummary=%srn",
timestarted, countries);
}