| blob | c372270b4ce8b4ccaf140c927d1857382671270d |
1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2013, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
7 /**
8 * \file connection_or.c
9 * \brief Functions to handle OR connections, TLS handshaking, and
10 * cells on the network.
11 **/
14 /*
15 * Define this so we get channel internal functions, since we're implementing
16 * part of a subclass (channel_tls_t).
17 */
18 #define TOR_CHANNEL_INTERNAL_
41 #ifdef USE_BUFFEREVENTS
42 #include <event2/bufferevent_ssl.h>
43 #endif
54 static unsigned int
58 /*
59 * Call this when changing connection state, so notifications to the owning
60 * channel can be handled.
61 */
65 #ifdef USE_BUFFEREVENTS
69 #endif
71 /**************************************************************/
73 /** Map from identity digest of connected OR or desired OR to a connection_t
74 * with that identity digest. If there is more than one such connection_t,
75 * they form a linked list, with next_with_same_id as the next pointer. */
78 /** Global map between Extended ORPort identifiers and OR
79 * connections. */
82 /** If conn is listed in orconn_identity_map, remove it, and clear
83 * conn->identity_digest. Otherwise do nothing. */
84 void
86 {
97 }
99 }
104 else
111 }
113 }
114 }
117 }
119 /** Remove all entries from the identity-to-orconn map, and clear
120 * all identities in OR conns.*/
121 void
123 {
126 {
131 }
132 });
136 }
138 /** Change conn->identity_digest to digest, and add conn into
139 * orconn_digest_map. */
140 static void
142 {
152 /* If the identity was set previously, remove the old mapping. */
157 }
161 /* If we're setting the ID to zero, don't add a mapping. */
168 /* Deal with channels */
172 #if 1
173 /* Testing code to check for bugs in representation. */
177 }
178 #endif
179 }
181 /** Remove the Extended ORPort identifier of <b>conn</b> from the
182 * global identifier list. Also, clear the identifier from the
183 * connection itself. */
184 void
186 {
198 }
200 /** Return the connection whose ext_or_id is <b>id</b>. Return NULL if no such
201 * connection is found. */
202 or_connection_t *
204 {
208 }
210 /** Deallocate the global Extended ORPort identifier list */
211 void
213 {
216 }
218 /** Creates an Extended ORPort identifier for <b>conn</b> and deposits
219 * it into the global list of identifiers. */
220 void
222 {
229 /* Remove any previous identifiers: */
244 }
246 /**************************************************************/
248 /** Map from a string describing what a non-open OR connection was doing when
249 * failed, to an intptr_t describing the count of connections that failed that
250 * way. Note that the count is stored _as_ the pointer.
251 */
254 /** If true, do not record information in <b>broken_connection_counts</b>. */
257 /** Record that an OR connection failed in <b>state</b>. */
258 static void
260 {
271 val++;
274 }
276 /** Forget all recorded states for failed connections. If
277 * <b>stop_recording</b> is true, don't record any more. */
278 void
280 {
286 }
288 /** Write a detailed description the state of <b>orconn</b> into the
289 * <b>buflen</b>-byte buffer at <b>buf</b>. This description includes not
290 * only the OR-conn level state but also the TLS state. It's useful for
291 * diagnosing broken handshakes. */
292 static void
295 {
306 }
308 /** Record the current state of <b>orconn</b> as the state of a broken
309 * connection. */
310 static void
312 {
319 }
321 /** Helper type used to sort connection states and find the most frequent. */
327 /** Helper function used to sort broken_state_count_t by frequency. */
328 static int
330 {
336 else
338 }
340 /** Upper limit on the number of different states to report for connection
341 * failure. */
342 #define MAX_REASONS_TO_REPORT 10
344 /** Report a list of the top states for failed OR connections at log level
345 * <b>severity</b>, in log domain <b>domain</b>. */
346 void
348 {
378 }
380 /** Call this to change or_connection_t states, so the owning channel_tls_t can
381 * be notified.
382 */
384 static void
386 {
397 }
399 /** Return the number of circuits using an or_connection_t; this used to
400 * be an or_connection_t field, but it got moved to channel_t and we
401 * shouldn't maintain two copies. */
403 int
405 {
411 }
413 /**************************************************************/
415 /** Pack the cell_t host-order structure <b>src</b> into network-order
416 * in the buffer <b>dest</b>. See tor-spec.txt for details about the
417 * wire format.
418 *
419 * Note that this function doesn't touch <b>dst</b>-\>next: the caller
420 * should set it or clear it as appropriate.
421 */
422 void
424 {
433 }
436 }
438 /** Unpack the network-order buffer <b>src</b> into a host-order
439 * cell_t structure <b>dest</b>.
440 */
441 static void
443 {
450 }
453 }
455 /** Write the header of <b>cell</b> into the first VAR_CELL_MAX_HEADER_SIZE
456 * bytes of <b>hdr_out</b>. Returns number of bytes used. */
457 int
459 {
469 }
473 }
475 /** Allocate and return a new var_cell_t with <b>payload_len</b> bytes of
476 * payload space. */
477 var_cell_t *
479 {
486 }
488 /** Release all space held by <b>cell</b>. */
489 void
491 {
493 }
495 /** We've received an EOF from <b>conn</b>. Mark it for close and return. */
496 int
498 {
505 }
507 /** Handle any new bytes that have come in on connection <b>conn</b>.
508 * If conn is in 'open' state, hand it to
509 * connection_or_process_cells_from_inbuf()
510 * (else do nothing).
511 */
512 int
514 {
515 /** Don't let the inbuf of a nonopen OR connection grow beyond this many
516 * bytes: it's either a broken client, a non-Tor client, or a DOS
517 * attempt. */
518 #define MAX_OR_INBUF_WHEN_NONOPEN 0
527 /* start TLS after handshake completion, or deal with error */
532 /* Touch the channel's active timestamp if there is one */
535 }
538 }
542 #ifdef USE_BUFFEREVENTS
547 /* fall through. */
548 #endif
555 }
557 /* This check was necessary with 0.2.2, when the TLS_SERVER_RENEGOTIATING
558 * check would otherwise just let data accumulate. It serves no purpose
559 * in 0.2.3.
560 *
561 * XXX024 Remove this check once we verify that the above paragraph is
562 * 100% true. */
572 }
575 }
577 /** When adding cells to an OR connection's outbuf, keep adding until the
578 * outbuf is at least this long, or we run out of cells. */
579 #define OR_CONN_HIGHWATER (32*1024)
581 /** Add cells to an OR connection's outbuf whenever the outbuf's data length
582 * drops below this size. */
583 #define OR_CONN_LOWWATER (16*1024)
585 /** Called whenever we have flushed some data on an or_conn: add more data
586 * from active circuits. */
587 int
589 {
594 /* If we're under the low water mark, add cells until we're just over the
595 * high water mark. */
599 /* Compute how many more cells we want at most */
601 /* Bail out if we don't want any more */
603 /* We're still here; try to flush some more cells */
605 /* Bail out if it says it didn't flush anything */
607 /* How much in the outbuf now? */
609 /* Bail out if we didn't actually increase the outbuf size */
611 /* Update datalen for the next iteration */
613 }
614 }
617 }
619 /** Connection <b>conn</b> has finished writing and has no bytes left on
620 * its outbuf.
621 *
622 * Otherwise it's in state "open": stop writing and return.
623 *
624 * If <b>conn</b> is broken, mark it for close and return -1, else
625 * return 0.
626 */
627 int
629 {
643 }
645 }
647 /** Connected handler for OR connections: begin the TLS handshake.
648 */
649 int
651 {
664 /* start proxy handshake */
668 }
673 }
676 /* TLS handshaking error of some kind. */
679 }
681 }
683 /** Called when we're about to finally unlink and free an OR connection:
684 * perform necessary accounting and cleanup */
685 void
687 {
691 /* Tell the controlling channel we're closed */
694 /*
695 * NULL this out because the channel might hang around a little
696 * longer before channel_run_cleanup() gets it.
697 */
700 }
702 /* Remember why we're closing this connection. */
704 /* now mark things down as needed */
714 reason);
719 }
720 }
722 /* We only set hold_open_until_flushed when we're intentionally
723 * closing a connection. */
731 }
732 }
734 /** Return 1 if identity digest <b>id_digest</b> is known to be a
735 * currently or recently running relay. Otherwise return 0. */
736 int
738 {
743 * it. Probably it was in a recent consensus. "Yes". */
745 }
747 /** Set the per-conn read and write limits for <b>conn</b>. If it's a known
748 * relay, we will rely on the global read and write buckets, so give it
749 * per-conn limits that are big enough they'll never matter. But if it's
750 * not a known relay, first check if we set PerConnBwRate/Burst, then
751 * check if the consensus sets them, else default to 'big enough'.
752 *
753 * If <b>reset</b> is true, set the bucket to be full. Otherwise, just
754 * clip the bucket if it happens to be <em>too</em> full.
755 */
756 static void
759 {
762 /* It's in the consensus, or we have a descriptor for it meaning it
763 * was probably in a recent consensus. It's a recognized relay:
764 * give it full bandwidth. */
768 /* Not a recognized relay. Squeeze it down based on the suggested
769 * bandwidth parameters in the consensus, but allow local config
770 * options to override. */
777 }
781 #ifdef USE_BUFFEREVENTS
782 {
787 /* This can't overflow, since TokenBucketRefillInterval <= 1000,
788 * and rate started out less than INT_MAX. */
800 }
801 #else
805 }
806 /* If the new token bucket is smaller, take out the extra tokens.
807 * (If it's larger, don't -- the buckets can grow to reach the cap.) */
812 #endif
813 }
815 /** Either our set of relays or our per-conn rate limits have changed.
816 * Go through all the OR connections and update their token buckets to make
817 * sure they don't exceed their maximum values. */
818 void
821 {
823 {
826 });
827 }
829 /** How long do we wait before killing non-canonical OR connections with no
830 * circuits? In Tor versions up to 0.2.1.25 and 0.2.2.12-alpha, we waited 15
831 * minutes before cancelling these connections, which caused fast relays to
832 * accrue many many idle connections. Hopefully 3-4.5 minutes is low enough
833 * that it kills most idle connections, without being so low that we cause
834 * clients to bounce on and off.
835 *
836 * For canonical connections, the limit is higher, at 15-22.5 minutes.
837 *
838 * For each OR connection, we randomly add up to 50% extra to its idle_timeout
839 * field, to avoid exposing when exactly the last circuit closed. Since we're
840 * storing idle_timeout in a uint16_t, don't let these values get higher than
841 * 12 hours or so without revising connection_or_set_canonical and/or expanding
842 * idle_timeout.
843 */
844 #define IDLE_OR_CONN_TIMEOUT_NONCANONICAL 180
845 #define IDLE_OR_CONN_TIMEOUT_CANONICAL 900
847 /* Mark <b>or_conn</b> as canonical if <b>is_canonical</b> is set, and
848 * non-canonical otherwise. Adjust idle_timeout accordingly.
849 */
850 void
853 {
859 /* Don't recalculate an existing idle_timeout unless the canonical
860 * status changed. */
862 }
866 }
868 /** If we don't necessarily know the router we're connecting to, but we
869 * have an addr/port/id_digest, then fill in as much as we can. Start
870 * by checking to see if this describes a router we know.
871 * <b>started_here</b> is 1 if we are the initiator of <b>conn</b> and
872 * 0 if it's an incoming connection. */
873 void
878 {
887 tor_addr_port_t node_ap;
889 /* XXXX proposal 186 is making this more complex. For now, a conn
890 is canonical when it uses the _preferred_ address. */
894 /* Override the addr/port, so our log messages will make sense.
895 * This is dangerous, since if we ever try looking up a conn by
896 * its actual addr/port, we won't remember. Careful! */
897 /* XXXX arma: this is stupid, and it's the reason we need real_addr
898 * to track is_canonical properly. What requires it? */
899 /* XXXX <arma> i believe the reason we did this, originally, is because
900 * we wanted to log what OR a connection was to, and if we logged the
901 * right IP address and port 56244, that wouldn't be as helpful. now we
902 * log the "right" port too, so we know if it's moria1 or moria2.
903 */
906 }
912 /* If we're an authoritative directory server, we may know a
913 * nickname for this router. */
922 }
925 }
927 /*
928 * We have to tell channeltls.c to update the channel marks (local, in
929 * particular), since we may have changed the address.
930 */
934 }
935 }
937 /** These just pass all the is_bad_for_new_circs manipulation on to
938 * channel_t */
940 static unsigned int
942 {
948 }
950 static void
952 {
957 }
959 /** How old do we let a connection to an OR get before deciding it's
960 * too old for new circuits? */
961 #define TIME_BEFORE_OR_CONN_IS_TOO_OLD (60*60*24*7)
963 /** Given the head of the linked list for all the or_connections with a given
964 * identity, set elements of that list as is_bad_for_new_circs as
965 * appropriate. Helper for connection_or_set_bad_connections().
966 *
967 * Specifically, we set the is_bad_for_new_circs flag on:
968 * - all connections if <b>force</b> is true.
969 * - all connections that are too old.
970 * - all open non-canonical connections for which a canonical connection
971 * exists to the same router.
972 * - all open canonical connections for which a 'better' canonical
973 * connection exists to the same router.
974 * - all open non-canonical connections for which a 'better' non-canonical
975 * connection exists to the same router at the same address.
976 *
977 * See channel_is_better() in channel.c for our idea of what makes one OR
978 * connection better than another.
979 */
980 static void
982 {
987 /* Pass 1: expire everything that's old, and see what the status of
988 * everything else is. */
997 "Marking OR conn to %s:%d as too old for new circuits "
1002 }
1012 }
1013 }
1015 /* Pass 2: We know how about how good the best connection is.
1016 * expire everything that's worse, and find the very best if we can. */
1023 * when the connection finishes. */
1025 /* We have at least one open canonical connection to this router,
1026 * and this one is open but not canonical. Mark it bad. */
1028 "Marking OR conn to %s:%d as unsuitable for new circuits: "
1035 }
1043 }
1044 }
1049 /* Pass 3: One connection to OR is best. If it's canonical, mark as bad
1050 * every other open connection. If it's non-canonical, mark as bad
1051 * every other open connection to the same address.
1052 *
1053 * XXXX This isn't optimal; if we have connections to an OR at multiple
1054 * addresses, we'd like to pick the best _for each address_, and mark as
1055 * bad every open connection that isn't best for its address. But this
1056 * can only occur in cases where the other OR is old (so we have no
1057 * canonical connection to it), or where all the connections to the OR are
1058 * at noncanonical addresses and we have no good direct connection (which
1059 * means we aren't at risk of attaching circuits to it anyway). As
1060 * 0.1.2.x dies out, the first case will go away, and the second one is
1061 * "mostly harmless", so a fix can wait until somebody is bored.
1062 */
1072 /* This isn't the best conn, _and_ the best conn is better than it,
1073 even when we're being forgiving. */
1076 "Marking OR conn to %s:%d as unsuitable for new circuits: "
1078 "We have a better canonical one "
1087 "Marking OR conn to %s:%d as unsuitable for new circuits: "
1089 "one with the "
1095 }
1096 }
1097 }
1098 }
1100 /** Go through all the OR connections (or if <b>digest</b> is non-NULL, just
1101 * the OR connections with that digest), and set the is_bad_for_new_circs
1102 * flag based on the rules in connection_or_group_set_badness() (or just
1103 * always set it if <b>force</b> is true).
1104 */
1105 void
1107 {
1115 }
1117 /** <b>conn</b> is in the 'connecting' state, and it failed to complete
1118 * a TCP connection. Send notifications appropriately.
1119 *
1120 * <b>reason</b> specifies the or_conn_end_reason for the failure;
1121 * <b>msg</b> specifies the strerror-style error message.
1122 */
1123 void
1126 {
1130 }
1132 /** <b>conn</b> got an error in connection_handle_read_impl() or
1133 * connection_handle_write_impl() and is going to die soon.
1134 *
1135 * <b>reason</b> specifies the or_conn_end_reason for the failure;
1136 * <b>msg</b> specifies the strerror-style error message.
1137 */
1138 void
1141 {
1146 /* If we're connecting, call connect_failed() too */
1150 /* Tell the controlling channel if we have one */
1153 /* Don't transition if we're already in closing, closed or error */
1158 }
1159 }
1161 /* No need to mark for error because connection.c is about to do that */
1162 }
1164 /** Launch a new OR connection to <b>addr</b>:<b>port</b> and expect to
1165 * handshake with an OR with identity digest <b>id_digest</b>. Optionally,
1166 * pass in a pointer to a channel using this connection.
1167 *
1168 * If <b>id_digest</b> is me, do nothing. If we're already connected to it,
1169 * return that connection. If the connect() is in progress, set the
1170 * new conn's state to 'connecting' and return it. If connect() succeeds,
1171 * call connection_tls_start_handshake() on it.
1172 *
1173 * This function is called from router_retry_connections(), for
1174 * ORs connecting to ORs, and circuit_establish_circuit(), for
1175 * OPs connecting to ORs.
1176 *
1177 * Return the launched conn, or NULL if it failed.
1178 */
1179 or_connection_t *
1183 {
1187 tor_addr_t addr;
1190 tor_addr_t proxy_addr;
1201 }
1205 /*
1206 * Set up conn so it's got all the data we need to remember for channels
1207 *
1208 * This stuff needs to happen before connection_or_init_conn_from_address()
1209 * so connection_or_set_identity_digest() and such know where to look to
1210 * keep the channel up to date.
1211 */
1220 /* If we are using a proxy server, find it and use it. */
1228 }
1230 /* get_proxy_addrport() might fail if we have a Bridge line that
1231 references a transport, but no ClientTransportPlugin lines
1232 defining its transport proxy. If this is the case, let's try to
1233 output a useful log message to the user. */
1240 "using pluggable transport '%s', but we can't find a pluggable "
1241 "transport proxy supporting '%s'. This can happen if you "
1242 "haven't provided a ClientTransportPlugin line, or if "
1249 END_OR_CONN_REASON_PT_MISSING,
1250 conn);
1256 }
1260 }
1265 /* If the connection failed immediately, and we're using
1266 * a proxy, our proxy is down. Don't blame the Tor server. */
1277 /* writable indicates finish, readable indicates broken link,
1278 error indicates broken link on windows */
1280 /* case 1: fall through */
1281 }
1284 /* already marked for close */
1286 }
1288 }
1290 /** Mark orconn for close and transition the associated channel, if any, to
1291 * the closing state.
1292 *
1293 * It's safe to call this and connection_or_close_for_error() any time, and
1294 * channel layer will treat it as a connection closing for reasons outside
1295 * its control, like the remote end closing it. It can also be a local
1296 * reason that's specific to connection_t/or_connection_t rather than
1297 * the channel mechanism, such as expiration of old connections in
1298 * run_connection_housekeeping(). If you want to close a channel_t
1299 * from somewhere that logically works in terms of generic channels
1300 * rather than connections, use channel_mark_for_close(); see also
1301 * the comment on that function in channel.c.
1302 */
1304 void
1306 {
1314 /* Don't transition if we're already in closing, closed or error */
1319 }
1320 }
1321 }
1323 /** Mark orconn for close and transition the associated channel, if any, to
1324 * the error state.
1325 */
1327 void
1329 {
1337 /* Don't transition if we're already in closing, closed or error */
1342 }
1343 }
1344 }
1346 /** Begin the tls handshake with <b>conn</b>. <b>receiving</b> is 0 if
1347 * we initiated the connection, else it's 1.
1348 *
1349 * Assign a new tls object to conn->tls, begin reading on <b>conn</b>, and
1350 * pass <b>conn</b> to connection_tls_continue_handshake().
1351 *
1352 * Return -1 if <b>conn</b> is broken, else return 0.
1353 */
1356 {
1360 /* Incoming connections will need a new channel passed to the
1361 * channel_tls_listener */
1363 /* It shouldn't already be set */
1369 }
1372 }
1380 }
1384 #ifdef USE_BUFFEREVENTS
1393 }
1401 connection_handle_read_cb,
1402 connection_handle_write_cb,
1405 }
1406 #endif
1417 }
1419 }
1421 /** Block all future attempts to renegotiate on 'conn' */
1422 void
1424 {
1430 }
1432 /** Invoked on the server side from inside tor_tls_read() when the server
1433 * gets a successful TLS renegotiation from the client. */
1434 static void
1436 {
1440 /* Don't invoke this again. */
1444 /* XXXX_TLS double-check that it's ok to do this from inside read. */
1445 /* XXXX_TLS double-check that this verifies certificates. */
1447 }
1448 }
1450 /** Move forward with the tls handshake. If it finishes, hand
1451 * <b>conn</b> to connection_tls_finish_handshake().
1452 *
1453 * Return -1 if <b>conn</b> is broken, else return 0.
1454 */
1455 int
1457 {
1460 again:
1462 // log_notice(LD_OR, "Renegotiate with %p", conn->tls);
1464 // log_notice(LD_OR, "Result: %d", result);
1467 // log_notice(LD_OR, "Continue handshake with %p", conn->tls);
1469 // log_notice(LD_OR, "Result: %d", result);
1470 }
1472 CASE_TOR_TLS_ERROR_ANY:
1489 OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING);
1491 }
1492 }
1493 // log_notice(LD_OR,"Done. state was %d.", conn->base_.state);
1495 /* v2/v3 handshake, but not a client. */
1499 connection_or_tls_renegotiated_cb,
1500 conn);
1502 OR_CONN_STATE_TLS_SERVER_RENEGOTIATING);
1506 }
1507 }
1519 }
1521 }
1523 #ifdef USE_BUFFEREVENTS
1524 static void
1527 {
1530 /* XXXX cut-and-paste code; should become a function. */
1537 }
1538 }
1550 OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING);
1555 }
1558 }
1559 }
1564 /* v2 or v3 handshake, as a server. Only got one handshake, so
1565 * wait for the next one. */
1567 connection_or_tls_renegotiated_cb,
1568 conn);
1570 OR_CONN_STATE_TLS_SERVER_RENEGOTIATING);
1572 /* v2 handshake, as a server. Two handshakes happened already,
1573 * so we treat renegotiation as done.
1574 */
1584 }
1586 }
1587 }
1592 }
1599 }
1600 }
1603 }
1604 #endif
1606 /** Return 1 if we initiated this connection, or 0 if it started
1607 * out as an incoming connection.
1608 */
1609 int
1611 {
1619 }
1621 /** <b>Conn</b> just completed its handshake. Return 0 if all is well, and
1622 * return -1 if he is lying, broken, or otherwise something is wrong.
1623 *
1624 * If we initiated this connection (<b>started_here</b> is true), make sure
1625 * the other side sent a correctly formed certificate. If I initiated the
1626 * connection, make sure it's the right guy.
1627 *
1628 * Otherwise (if we _didn't_ initiate this connection), it's okay for
1629 * the certificate to be weird or absent.
1630 *
1631 * If we return 0, and the certificate is as expected, write a hash of the
1632 * identity key into <b>digest_rcvd_out</b>, which must have DIGEST_LEN
1633 * space in it.
1634 * If the certificate is invalid or missing on an incoming connection,
1635 * we return 0 and set <b>digest_rcvd_out</b> to DIGEST_LEN NUL bytes.
1636 * (If we return -1, the contents of this buffer are undefined.)
1637 *
1638 * As side effects,
1639 * 1) Set conn->circ_id_type according to tor-spec.txt.
1640 * 2) If we're an authdirserver and we initiated the connection: drop all
1641 * descriptors that claim to be on that IP/port but that aren't
1642 * this guy; and note that this guy is reachable.
1643 * 3) If this is a bridge and we didn't configure its identity
1644 * fingerprint, remember the keyid we just learned.
1645 */
1646 static int
1650 {
1670 }
1686 "The certificate seems to be valid on %s connection "
1688 }
1690 }
1696 }
1708 }
1710 /** Called when we (as a connection initiator) have definitively,
1711 * authenticatedly, learned that ID of the Tor instance on the other
1712 * side of <b>conn</b> is <b>peer_id</b>. For v1 and v2 handshakes,
1713 * this is right after we get a certificate chain in a TLS handshake
1714 * or renegotiation. For v3 handshakes, this is right after we get a
1715 * certificate chain in a CERTS cell.
1716 *
1717 * If we want any particular ID before, record the one we got.
1718 *
1719 * If we wanted an ID, but we didn't get it, log a warning and return -1.
1720 *
1721 * If we're testing reachability, remember what we learned.
1722 *
1723 * Return 0 on success, -1 on failure.
1724 */
1725 int
1728 {
1742 /* if it's a bridge and we didn't know its identity fingerprint, now
1743 * we do -- remember it for future attempts. */
1746 }
1749 /* I was aiming for a particular digest. I didn't get it! */
1754 DIGEST_LEN);
1756 "Tried connecting to router at %s:%d, but identity key was not "
1762 END_OR_CONN_REASON_OR_IDENTITY);
1766 END_OR_CONN_REASON_OR_IDENTITY,
1767 conn);
1769 }
1773 }
1776 }
1778 /** Return when a client used this, for connection.c, since client_used
1779 * is now one of the timestamps of channel_t */
1781 time_t
1783 {
1789 }
1791 /** The v1/v2 TLS handshake is finished.
1792 *
1793 * Make sure we are happy with the person we just handshaked with.
1794 *
1795 * If he initiated the connection, make sure he's not already connected,
1796 * then initialize conn from the information in router.
1797 *
1798 * If all is successful, call circuit_n_conn_done() to handle events
1799 * that have been pending on the <tls handshake completion. Also set the
1800 * directory to be dirty (only matters if I'm an authdirserver).
1801 *
1802 * If this is a v2 TLS handshake, send a versions cell.
1803 */
1804 static int
1806 {
1813 conn,
1828 }
1838 }
1840 }
1841 }
1843 /**
1844 * Called as client when initial TLS handshake is done, and we notice
1845 * that we got a v3-handshake signalling certificate from the server.
1846 * Set up structures, do bookkeeping, and send the versions cell.
1847 * Return 0 on success and -1 on failure.
1848 */
1849 static int
1851 {
1862 }
1864 /** Allocate a new connection handshake state for the connection
1865 * <b>conn</b>. Return 0 on success, -1 on failure. */
1866 int
1868 {
1873 }
1879 }
1881 /** Free all storage held by <b>state</b>. */
1882 void
1884 {
1893 }
1895 /**
1896 * Remember that <b>cell</b> has been transmitted (if <b>incoming</b> is
1897 * false) or received (if <b>incoming</b> is true) during a V3 handshake using
1898 * <b>state</b>.
1899 *
1900 * (We don't record the cell, but we keep a digest of everything sent or
1901 * received during the v3 handshake, and the client signs it in an
1902 * authenticate cell.)
1903 */
1904 void
1909 {
1912 packed_cell_t packed;
1919 }
1922 "while making a handshake digest. But we think we are sending "
1924 }
1930 /* Re-packing like this is a little inefficient, but we don't have to do
1931 this very often at all. */
1935 }
1937 /** Remember that a variable-length <b>cell</b> has been transmitted (if
1938 * <b>incoming</b> is false) or received (if <b>incoming</b> is true) during a
1939 * V3 handshake using <b>state</b>.
1940 *
1941 * (We don't record the cell, but we keep a digest of everything sent or
1942 * received during the v3 handshake, and the client signs it in an
1943 * authenticate cell.)
1944 */
1945 void
1950 {
1960 }
1972 }
1974 /** Set <b>conn</b>'s state to OR_CONN_STATE_OPEN, and tell other subsystems
1975 * as appropriate. Called when we are done with all TLS and OR handshaking.
1976 */
1977 int
1979 {
1989 }
1992 }
1994 /** Pack <b>cell</b> into wire-format, and write it onto <b>conn</b>'s outbuf.
1995 * For cells that use or affect a circuit, this should only be called by
1996 * connection_or_flush_from_first_active_circuit().
1997 */
1998 void
2000 {
2001 packed_cell_t networkcell;
2011 /* Touch the channel's active timestamp if there is one */
2017 }
2019 /** Pack a variable-length <b>cell</b> into wire-format, and write it onto
2020 * <b>conn</b>'s outbuf. Right now, this <em>DOES NOT</em> support cells that
2021 * affect a circuit.
2022 */
2023 void
2026 {
2038 /* Touch the channel's active timestamp if there is one */
2041 }
2043 /** See whether there's a variable-length cell waiting on <b>or_conn</b>'s
2044 * inbuf. Return values as for fetch_var_cell_from_buf(). */
2045 static int
2047 {
2054 }
2055 }
2057 /** Process cells from <b>conn</b>'s inbuf.
2058 *
2059 * Loop: while inbuf contains a cell, pull it off the inbuf, unpack it,
2060 * and hand it to command_process_cell().
2061 *
2062 * Always return 0.
2063 */
2064 static int
2066 {
2071 TOR_SOCKET_T_FORMAT": starting, inbuf_datalen %d "
2079 /* Touch the channel's active timestamp if there is one */
2090 cell_t cell;
2095 /* Touch the channel's active timestamp if there is one */
2102 /* retrieve cell info from buf (create the host-order struct from the
2103 * network-order string) */
2107 }
2108 }
2109 }
2111 /** Array of recognized link protocol versions. */
2113 /** Number of versions in <b>or_protocol_versions</b>. */
2117 /** Return true iff <b>v</b> is a link protocol version that this Tor
2118 * implementation believes it can support. */
2119 int
2121 {
2126 }
2128 }
2130 /** Send a VERSIONS cell on <b>conn</b>, telling the other host about the
2131 * link protocol versions that this Tor can support.
2132 *
2133 * If <b>v3_plus</b>, this is part of a V3 protocol handshake, so only
2134 * allow protocol version v3 or later. If not <b>v3_plus</b>, this is
2135 * not part of a v3 protocol handshake, so don't allow protocol v3 or
2136 * later.
2137 **/
2138 int
2140 {
2156 }
2164 }
2166 /** Send a NETINFO cell on <b>conn</b>, telling the other server what we know
2167 * about their address, our address, and the current time. */
2168 int
2170 {
2171 cell_t cell;
2183 }
2188 /* Timestamp, if we're a relay. */
2192 /* Their address. */
2194 /* We use &conn->real_addr below, unless it hasn't yet been set. If it
2195 * hasn't yet been set, we know that base_.addr hasn't been tampered with
2196 * yet either. */
2203 /* My address -- only include it if I'm a public relay, or if I'm a
2204 * bridge and this is an incoming connection. If I'm a bridge and this
2205 * is an outgoing connection, act like a normal client and omit it. */
2208 tor_addr_t my_addr;
2221 }
2224 }
2231 }
2233 /** Send a CERTS cell on the connection <b>conn</b>. Return 0 on success, -1
2234 * on failure. */
2235 int
2237 {
2243 ssize_t pos;
2266 else
2283 }
2285 /** Send an AUTH_CHALLENGE cell on the connection <b>conn</b>. Return 0
2286 * on success, -1 on failure. */
2287 int
2289 {
2312 }
2314 /** Compute the main body of an AUTHENTICATE cell that a client can use
2315 * to authenticate itself on a v3 handshake for <b>conn</b>. Write it to the
2316 * <b>outlen</b>-byte buffer at <b>out</b>.
2317 *
2318 * If <b>server</b> is true, only calculate the first
2319 * V3_AUTH_FIXED_PART_LEN bytes -- the part of the authenticator that's
2320 * determined by the rest of the handshake, and which match the provided value
2321 * exactly.
2322 *
2323 * If <b>server</b> is false and <b>signing_key</b> is NULL, calculate the
2324 * first V3_AUTH_BODY_LEN bytes of the authenticator (that is, everything
2325 * that should be signed), but don't actually sign it.
2326 *
2327 * If <b>server</b> is false and <b>signing_key</b> is provided, calculate the
2328 * entire authenticator, signed with <b>signing_key</b>.
2329 *
2330 * Return the length of the cell body on success, and -1 on failure.
2331 */
2332 int
2337 {
2340 /* assert state is reasonable XXXX */
2348 /* Type: 8 bytes. */
2352 {
2368 /* Client ID digest: 32 octets. */
2372 /* Server ID digest: 32 octets. */
2375 }
2377 {
2385 }
2387 /* Server log digest : 32 octets */
2391 /* Client log digest : 32 octets */
2394 }
2396 {
2397 /* Digest of cert used on TLS link : 32 octets. */
2405 }
2413 }
2415 /* HMAC of clientrandom and serverrandom using master key : 32 octets */
2424 /* 8 octets were reserved for the current time, but we're trying to get out
2425 * of the habit of sending time around willynilly. Fortunately, nothing
2426 * checks it. That's followed by 16 bytes of nonce. */
2435 {
2448 }
2449 }
2451 /** Send an AUTHENTICATE cell on the connection <b>conn</b>. Return 0 on
2452 * success, -1 on failure */
2453 int
2455 {
2460 /* XXXX make sure we're actually supposed to send this! */
2465 }
2470 }
2480 /* skip over length ; we don't know that yet. */
2485 pk,
2491 }
2500 }