src/or/connection_or.c

   1 /* Copyright 2001,2002,2003 Roger Dingledine, Matej Pfajfar. */
   2 /* See LICENSE for licensing information */
   3 /* $Id$ */
   4
   5 #include "or.h"
   6
   7 extern or_options_t options; /* command-line and config-file options */
   8
   9 static int connection_tls_finish_handshake(connection_t *conn);
  10 static int connection_or_process_cells_from_inbuf(connection_t *conn);
  11
  12 /**************************************************************/
  13
  14 static void cell_pack(char *dest, const cell_t *src) {
  15   *(uint16_t*)dest     = htons(src->circ_id);
  16   *(uint8_t*)(dest+2)  = src->command;
  17   memcpy(dest+3, src->payload, CELL_PAYLOAD_SIZE);
  18 }
  19
  20 static void cell_unpack(cell_t *dest, const char *src) {
  21   dest->circ_id = ntohs(*(uint16_t*)(src));
  22   dest->command = *(uint8_t*)(src+2);
  23   memcpy(dest->payload, src+3, CELL_PAYLOAD_SIZE);
  24 }
  25
  26 /**************************************************************/
  27
  28 int connection_or_process_inbuf(connection_t *conn) {
  29
  30   assert(conn && conn->type == CONN_TYPE_OR);
  31
  32   if(conn->inbuf_reached_eof) {
  33     log_fn(LOG_INFO,"OR connection reached EOF. Closing.");
  34     connection_mark_for_close(conn,0);
  35     return 0;
  36   }
  37
  38   if(conn->state != OR_CONN_STATE_OPEN)
  39     return 0; /* don't do anything */
  40   return connection_or_process_cells_from_inbuf(conn);
  41 }
  42
  43 int connection_or_finished_flushing(connection_t *conn) {
  44   int e, len=sizeof(e);
  45
  46   assert(conn && conn->type == CONN_TYPE_OR);
  47   assert_connection_ok(conn,0);
  48
  49   switch(conn->state) {
  50     case OR_CONN_STATE_CONNECTING:
  51       if (getsockopt(conn->s, SOL_SOCKET, SO_ERROR, (void*)&e, &len) < 0)  { /* not yet */
  52         if(!ERRNO_CONN_EINPROGRESS(errno)){
  53           log_fn(LOG_DEBUG,"in-progress connect failed. Removing.");
  54           connection_mark_for_close(conn,0);
  55           return -1;
  56         } else {
  57           return 0; /* no change, see if next time is better */
  58         }
  59       }
  60       /* the connect has finished. */
  61
  62       log_fn(LOG_INFO,"OR connect() to router %s:%u finished.",
  63           conn->address,conn->port);
  64
  65       if(connection_tls_start_handshake(conn, 0) < 0) {
  66         /* TLS handhaking error of some kind. */
  67         connection_mark_for_close(conn,0);
  68         return -1;
  69       }
  70       return 0;
  71     case OR_CONN_STATE_OPEN:
  72       connection_stop_writing(conn);
  73       return 0;
  74     default:
  75       log_fn(LOG_WARN,"BUG: called in unexpected state %d",conn->state);
  76       return 0;
  77   }
  78 }
  79
  80 /*********************/
  81
  82 void connection_or_init_conn_from_router(connection_t *conn, routerinfo_t *router) {
  83   conn->addr = router->addr;
  84   conn->port = router->or_port;
  85   conn->receiver_bucket = conn->bandwidth = router->bandwidthburst;
  86   conn->identity_pkey = crypto_pk_dup_key(router->identity_pkey);
  87   conn->nickname = tor_strdup(router->nickname);
  88   tor_free(conn->address);
  89   conn->address = tor_strdup(router->address);
  90 }
  91
  92 connection_t *connection_or_connect(routerinfo_t *router) {
  93   connection_t *conn;
  94
  95   assert(router);
  96
  97   if(router_is_me(router)) {
  98     log_fn(LOG_WARN,"You asked me to connect to myself! Failing.");
  99     return NULL;
 100   }
 101
 102   /* this function should never be called if we're already connected to router, but */
 103   /* check first to be sure */
 104   conn = connection_exact_get_by_addr_port(router->addr,router->or_port);
 105   if(conn)
 106     return conn;
 107
 108   conn = connection_new(CONN_TYPE_OR);
 109
 110   /* set up conn so it's got all the data we need to remember */
 111   connection_or_init_conn_from_router(conn, router);
 112   conn->state = OR_CONN_STATE_CONNECTING;
 113
 114   if(connection_add(conn) < 0) { /* no space, forget it */
 115     connection_free(conn);
 116     return NULL;
 117   }
 118
 119   switch(connection_connect(conn, router->address, router->addr, router->or_port)) {
 120     case -1:
 121       connection_mark_for_close(conn, 0);
 122       return NULL;
 123     case 0:
 124       connection_set_poll_socket(conn);
 125       connection_watch_events(conn, POLLIN | POLLOUT | POLLERR);
 126       /* writable indicates finish, readable indicates broken link,
 127          error indicates broken link on windows */
 128       return conn;
 129     /* case 1: fall through */
 130   }
 131
 132   connection_set_poll_socket(conn);
 133
 134   if(connection_tls_start_handshake(conn, 0) >= 0)
 135     return conn;
 136
 137   /* failure */
 138   connection_mark_for_close(conn, 0);
 139   return NULL;
 140 }
 141
 142 /* ********************************** */
 143
 144 int connection_tls_start_handshake(connection_t *conn, int receiving) {
 145   conn->state = OR_CONN_STATE_HANDSHAKING;
 146   conn->tls = tor_tls_new(conn->s, receiving);
 147   if(!conn->tls) {
 148     log_fn(LOG_WARN,"tor_tls_new failed. Closing.");
 149     return -1;
 150   }
 151   connection_start_reading(conn);
 152   log_fn(LOG_DEBUG,"starting the handshake");
 153   if(connection_tls_continue_handshake(conn) < 0) {
 154     return -1;
 155   }
 156   return 0;
 157 }
 158
 159 int connection_tls_continue_handshake(connection_t *conn) {
 160   switch(tor_tls_handshake(conn->tls)) {
 161     case TOR_TLS_ERROR:
 162     case TOR_TLS_CLOSE:
 163       log_fn(LOG_INFO,"tls error. breaking.");
 164       return -1;
 165     case TOR_TLS_DONE:
 166      return connection_tls_finish_handshake(conn);
 167     case TOR_TLS_WANTWRITE:
 168       connection_start_writing(conn);
 169       log_fn(LOG_DEBUG,"wanted write");
 170       return 0;
 171     case TOR_TLS_WANTREAD: /* handshaking conns are *always* reading */
 172       log_fn(LOG_DEBUG,"wanted read");
 173       return 0;
 174   }
 175   return 0;
 176 }
 177
 178 static int connection_tls_finish_handshake(connection_t *conn) {
 179   routerinfo_t *router;
 180   char nickname[MAX_NICKNAME_LEN+1];
 181   connection_t *c;
 182
 183   conn->state = OR_CONN_STATE_OPEN;
 184   directory_set_dirty();
 185   connection_watch_events(conn, POLLIN);
 186   log_fn(LOG_DEBUG,"tls handshake done. verifying.");
 187   if (! tor_tls_peer_has_cert(conn->tls)) { /* It's an OP. */
 188     if (options.ORPort) { /* I'm an OR; good. */
 189       conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
 190       return 0;
 191     } else { /* Neither side sent a certificate: ouch. */
 192       log_fn(LOG_WARN,"Neither peer sent a cert! Closing.");
 193       return -1;
 194     }
 195   }
 196   /* Okay; the other side is an OR. */
 197   if (tor_tls_get_peer_cert_nickname(conn->tls, nickname, MAX_NICKNAME_LEN)) {
 198     log_fn(LOG_WARN,"Other side (%s:%d) has a cert without a valid nickname. Closing.",
 199            conn->address, conn->port);
 200     return -1;
 201   }
 202   log_fn(LOG_DEBUG, "Other side (%s:%d) claims to be '%s'", conn->address,
 203          conn->port, nickname);
 204   router = router_get_by_nickname(nickname);
 205   if (!router) {
 206     log_fn(LOG_INFO, "Unrecognized router with nickname '%s' at %s:%d",
 207            nickname, conn->address, conn->port);
 208     return -1;
 209   }
 210   if(tor_tls_verify(conn->tls, router->identity_pkey)<0) {
 211     log_fn(LOG_WARN,"Other side '%s' (%s:%d) has a cert but it's invalid. Closing.",
 212            nickname, conn->address, conn->port);
 213     return -1;
 214   }
 215   log_fn(LOG_DEBUG,"The router's cert is valid.");
 216
 217   if (conn->nickname) {
 218     /* I initiated this connection. */
 219     if (strcasecmp(conn->nickname, nickname)) {
 220       log_fn(options.DirPort ? LOG_WARN : LOG_INFO,
 221              "Other side (%s:%d) is '%s', but we tried to connect to '%s'",
 222              conn->address, conn->port, nickname, conn->nickname);
 223       return -1;
 224     }
 225   } else {
 226     if((c=connection_exact_get_by_addr_port(router->addr,router->or_port))) {
 227       log_fn(LOG_INFO,"Router %s is already connected on fd %d. Dropping fd %d.", router->nickname, c->s, conn->s);
 228       return -1;
 229     }
 230     connection_or_init_conn_from_router(conn,router);
 231   }
 232
 233   if (!options.ORPort) { /* If I'm an OP... */
 234     conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
 235   }
 236   circuit_n_conn_open(conn); /* send the pending creates, if any. */
 237   /* Note the success */
 238   rep_hist_note_connect_succeeded(nickname, time(NULL));
 239   return 0;
 240 }
 241
 242 /* ********************************** */
 243
 244 void connection_or_write_cell_to_buf(const cell_t *cell, connection_t *conn) {
 245   char networkcell[CELL_NETWORK_SIZE];
 246   char *n = networkcell;
 247
 248   assert(cell && conn);
 249   assert(connection_speaks_cells(conn));
 250
 251   cell_pack(n, cell);
 252
 253   connection_write_to_buf(n, CELL_NETWORK_SIZE, conn);
 254 }
 255
 256 /* if there's a whole cell there, pull it off and process it. */
 257 static int connection_or_process_cells_from_inbuf(connection_t *conn) {
 258   char buf[CELL_NETWORK_SIZE];
 259   cell_t cell;
 260
 261 loop:
 262   log_fn(LOG_DEBUG,"%d: starting, inbuf_datalen %d (%d pending in tls object).",
 263          conn->s,(int)buf_datalen(conn->inbuf),tor_tls_get_pending_bytes(conn->tls));
 264   if(buf_datalen(conn->inbuf) < CELL_NETWORK_SIZE) /* entire response available? */
 265     return 0; /* not yet */
 266
 267   connection_fetch_from_buf(buf, CELL_NETWORK_SIZE, conn);
 268
 269   /* retrieve cell info from buf (create the host-order struct from the
 270    * network-order string) */
 271   cell_unpack(&cell, buf);
 272
 273   command_process_cell(&cell, conn);
 274
 275   goto loop; /* process the remainder of the buffer */
 276 }
 277
 278 /*
 279   Local Variables:
 280   mode:c
 281   indent-tabs-mode:nil
 282   c-basic-offset:2
 283   End:
 284 */