| blob | 9649bdf278673ca17e25e59f438d7d7a97cca2c1 |
2 /* * Copyright (c) 2012-2019, The Tor Project, Inc. */
3 /* See LICENSE for licensing information */
5 /**
6 * \file channel.c
7 *
8 * \brief OR/OP-to-OR channel abstraction layer. A channel's job is to
9 * transfer cells from Tor instance to Tor instance. Currently, there is only
10 * one implementation of the channel abstraction: in channeltls.c.
11 *
12 * Channels are a higher-level abstraction than or_connection_t: In general,
13 * any means that two Tor relays use to exchange cells, or any means that a
14 * relay and a client use to exchange cells, is a channel.
15 *
16 * Channels differ from pluggable transports in that they do not wrap an
17 * underlying protocol over which cells are transmitted: they <em>are</em> the
18 * underlying protocol.
19 *
20 * This module defines the generic parts of the channel_t interface, and
21 * provides the machinery necessary for specialized implementations to be
22 * created. At present, there is one specialized implementation in
23 * channeltls.c, which uses connection_or.c to send cells over a TLS
24 * connection.
25 *
26 * Every channel implementation is responsible for being able to transmit
27 * cells that are passed to it
28 *
29 * For *inbound* cells, the entry point is: channel_process_cell(). It takes a
30 * cell and will pass it to the cell handler set by
31 * channel_set_cell_handlers(). Currently, this is passed back to the command
32 * subsystem which is command_process_cell().
33 *
34 * NOTE: For now, the separation between channels and specialized channels
35 * (like channeltls) is not that well defined. So the channeltls layer calls
36 * channel_process_cell() which originally comes from the connection subsytem.
37 * This should be hopefully be fixed with #23993.
38 *
39 * For *outbound* cells, the entry point is: channel_write_packed_cell().
40 * Only packed cells are dequeued from the circuit queue by the scheduler
41 * which uses channel_flush_from_first_active_circuit() to decide which cells
42 * to flush from which circuit on the channel. They are then passed down to
43 * the channel subsystem. This calls the low layer with the function pointer
44 * .write_packed_cell().
45 *
46 * Each specialized channel (currently only channeltls_t) MUST implement a
47 * series of function found in channel_t. See channel.h for more
48 * documentation.
49 **/
51 /*
52 * Define this so channel.h gives us things only channel_t subclasses
53 * should touch.
54 */
55 #define TOR_CHANNEL_INTERNAL_
57 /* This one's for stuff only channel.c and the test suite should see */
58 #define CHANNEL_PRIVATE_
88 /* Global lists of channels */
90 /* All channel_t instances */
93 /* All channel_t instances not in ERROR or CLOSED states */
96 /* All channel_t instances in ERROR or CLOSED states */
99 /* All channel_listener_t instances */
102 /* All channel_listener_t instances in LISTENING state */
105 /* All channel_listener_t instances in LISTENING state */
108 /** Map from channel->global_identifier to channel. Contains the same
109 * elements as all_channels. */
112 static unsigned
114 {
116 }
117 static int
119 {
121 }
130 /* Counter for ID numbers */
133 /* Digest->channel map
134 *
135 * Similar to the one used in connection_or.c, this maps from the identity
136 * digest of a remote endpoint to a channel_t to that endpoint. Channels
137 * should be placed here when registered and removed when they close or error.
138 * If more than one channel exists, follow the next_with_same_id pointer
139 * as a linked list.
140 */
152 {
154 }
159 {
161 }
164 channel_idmap_eq)
168 /* Functions to maintain the digest map */
178 /***********************************
179 * Channel state utility functions *
180 **********************************/
182 /**
183 * Indicate whether a given channel state is valid.
184 */
185 int
187 {
202 }
205 }
207 /**
208 * Indicate whether a given channel listener state is valid.
209 */
210 int
212 {
225 }
228 }
230 /**
231 * Indicate whether a channel state transition is valid.
232 *
233 * This function takes two channel states and indicates whether a
234 * transition between them is permitted (see the state definitions and
235 * transition table in or.h at the channel_state_t typedef).
236 */
237 int
239 {
271 }
274 }
276 /**
277 * Indicate whether a channel listener state transition is valid.
278 *
279 * This function takes two channel listener states and indicates whether a
280 * transition between them is permitted (see the state definitions and
281 * transition table in or.h at the channel_listener_state_t typedef).
282 */
283 int
285 channel_listener_state_t to)
286 {
307 }
310 }
312 /**
313 * Return a human-readable description for a channel state.
314 */
317 {
342 }
345 }
347 /**
348 * Return a human-readable description for a channel listener state.
349 */
352 {
371 }
374 }
376 /***************************************
377 * Channel registration/unregistration *
378 ***************************************/
380 /**
381 * Register a channel.
382 *
383 * This function registers a newly created channel in the global lists/maps
384 * of active channels.
385 */
386 void
388 {
392 /* No-op if already registered */
402 /* Make sure we have all_channels, then add it */
408 /* Is it finished? */
410 /* Put it in the finished list, creating it if necessary */
415 /* Put it in the active list, creating it if necessary */
420 /* It should have a digest set */
422 /* Yeah, we're good, add it to the map */
430 }
431 }
432 }
434 /* Mark it as registered */
436 }
438 /**
439 * Unregister a channel.
440 *
441 * This function removes a channel from the global lists and maps and is used
442 * when freeing a closed/errored channel.
443 */
444 void
446 {
449 /* No-op if not registered */
452 /* Is it finished? */
454 /* Get it out of the finished list */
457 /* Get it out of the active list */
459 }
461 /* Get it out of all_channels */
466 /* Mark it as unregistered */
469 /* Should it be in the digest map? */
472 /* Remove it */
474 }
475 }
477 /**
478 * Register a channel listener.
479 *
480 * This function registers a newly created channel listener in the global
481 * lists/maps of active channel listeners.
482 */
483 void
485 {
488 /* No-op if already registered */
498 /* Make sure we have all_listeners, then add it */
502 /* Is it finished? */
505 /* Put it in the finished list, creating it if necessary */
509 /* Put it in the active list, creating it if necessary */
512 }
514 /* Mark it as registered */
516 }
518 /**
519 * Unregister a channel listener.
520 *
521 * This function removes a channel listener from the global lists and maps
522 * and is used when freeing a closed/errored channel listener.
523 */
524 void
526 {
529 /* No-op if not registered */
532 /* Is it finished? */
535 /* Get it out of the finished list */
538 /* Get it out of the active list */
540 }
542 /* Get it out of all_listeners */
545 /* Mark it as unregistered */
547 }
549 /*********************************
550 * Channel digest map maintenance
551 *********************************/
553 /**
554 * Add a channel to the digest map.
555 *
556 * This function adds a channel to the digest map and inserts it into the
557 * correct linked list if channels with that remote endpoint identity digest
558 * already exist.
559 */
560 STATIC void
562 {
567 /* Assert that the state makes sense */
570 /* Assert that there is a digest */
580 }
589 }
591 /**
592 * Remove a channel from the digest map.
593 *
594 * This function removes a channel from the digest map and the linked list of
595 * channels for that digest if more than one exists.
596 */
597 static void
599 {
604 /* Assert that there is a digest */
607 /* Pull it out of its list, wherever that list is */
613 /* Look for it in the map */
615 /* Okay, it's here */
620 }
629 /* Shouldn't happen */
632 "digest %s from identity map, but couldn't find any with "
636 }
637 }
639 /****************************
640 * Channel lookup functions *
641 ***************************/
643 /**
644 * Find channel by global ID.
645 *
646 * This function searches for a channel by the global_identifier assigned
647 * at initialization time. This identifier is unique for the lifetime of the
648 * Tor process.
649 */
650 channel_t *
652 {
653 channel_t lookup;
660 }
663 }
665 /** Return true iff <b>chan</b> matches <b>rsa_id_digest</b> and <b>ed_id</b>.
666 * as its identity keys. If either is NULL, do not check for a match. */
667 int
671 {
677 }
680 ED25519_PUBKEY_LEN))
682 }
684 }
686 /**
687 * Find channel by RSA/Ed25519 identity of of the remote endpoint.
688 *
689 * This function looks up a channel by the digest of its remote endpoint's RSA
690 * identity key. If <b>ed_id</b> is provided and nonzero, only a channel
691 * matching the <b>ed_id</b> will be returned.
692 *
693 * It's possible that more than one channel to a given endpoint exists. Use
694 * channel_next_with_rsa_identity() to walk the list of channels; make sure
695 * to test for Ed25519 identity match too (as appropriate)
696 */
697 channel_t *
700 {
705 * an RSA identity, and that every lookup
706 * contain an RSA identity */
708 /* Treat zero as meaning "We don't care about the presence or absence of
709 * an Ed key", not "There must be no Ed key". */
711 }
717 }
720 }
723 }
725 /**
726 * Get next channel with digest.
727 *
728 * This function takes a channel and finds the next channel in the list
729 * with the same digest.
730 */
731 channel_t *
733 {
737 }
739 /**
740 * Relays run this once an hour to look over our list of channels to other
741 * relays. It prints out some statistics if there are multiple connections
742 * to many relays.
743 *
744 * This function is similar to connection_or_set_bad_connections(),
745 * and probably could be adapted to replace it, if it was modified to actually
746 * take action on any of these connections.
747 */
748 void
750 {
763 /* Only consider relay connections */
767 total_relays++;
771 total_dirauths++;
779 connections_to_relay++;
780 total_relay_connections++;
782 total_dirauth_connections++;
787 total_half_canonical++;
788 }
789 }
794 }
796 /* Don't bother warning about excessive connections unless we have
797 * at least this many connections, total.
798 */
799 #define MIN_RELAY_CONNECTIONS_TO_WARN 25
800 /* If the average number of connections for a regular relay is more than
801 * this, that's too high.
802 */
803 #define MAX_AVG_RELAY_CONNECTIONS 1.5
804 /* If the average number of connections for a dirauth is more than
805 * this, that's too high.
806 */
807 #define MAX_AVG_DIRAUTH_CONNECTIONS 4
809 /* How many connections total would be okay, given the number of
810 * relays and dirauths that we have connections to? */
815 /* If we average 1.5 or more connections per relay, something is wrong */
819 "Your relay has a very large number of connections to other relays. "
820 "Is your outbound address the same as your relay address? "
821 "Found %d connections to %d relays. Found %d current canonical "
822 "connections, in %d of which we were a non-canonical peer. "
823 "%d relays had more than 1 connection, %d had more than 2, and "
830 "Found %d connections to %d relays. Found %d current canonical "
831 "connections, in %d of which we were a non-canonical peer. "
832 "%d relays had more than 1 connection, %d had more than 2, and "
837 }
838 }
840 /**
841 * Initialize a channel.
842 *
843 * This function should be called by subclasses to set up some per-channel
844 * variables. I.e., this is the superclass constructor. Before this, the
845 * channel should be allocated with tor_malloc_zero().
846 */
847 void
849 {
852 /* Assign an ID and bump the counter */
855 /* Init timestamp */
858 /* Warn about exhausted circuit IDs no more than hourly. */
861 /* Initialize list entries. */
864 /* Timestamp it */
867 /* It hasn't been open yet. */
870 /* Scheduler state is idle */
873 /* Channel is not in the scheduler heap. */
875 }
877 /**
878 * Initialize a channel listener.
879 *
880 * This function should be called by subclasses to set up some per-channel
881 * variables. I.e., this is the superclass constructor. Before this, the
882 * channel listener should be allocated with tor_malloc_zero().
883 */
884 void
886 {
889 /* Assign an ID and bump the counter */
892 /* Timestamp it */
894 }
896 /**
897 * Free a channel; nothing outside of channel.c and subclasses should call
898 * this - it frees channels after they have closed and been unregistered.
899 */
900 void
902 {
905 /* It must be closed or errored */
908 /* It must be deregistered */
915 /* Get this one out of the scheduler */
918 /*
919 * Get rid of cmux policy before we do anything, so cmux policies don't
920 * see channels in weird half-freed states.
921 */
924 }
926 /* Remove all timers and associated handle entries now */
931 /* Call a free method if there is one */
936 /* Get rid of cmux */
942 }
945 }
947 /**
948 * Free a channel listener; nothing outside of channel.c and subclasses
949 * should call this - it frees channel listeners after they have closed and
950 * been unregistered.
951 */
952 void
954 {
960 chan_l);
962 /* It must be closed or errored */
965 /* It must be deregistered */
968 /* Call a free method if there is one */
972 }
974 /**
975 * Free a channel and skip the state/registration asserts; this internal-
976 * use-only function should be called only from channel_free_all() when
977 * shutting down the Tor process.
978 */
979 static void
981 {
988 /* Get this one out of the scheduler */
991 /*
992 * Get rid of cmux policy before we do anything, so cmux policies don't
993 * see channels in weird half-freed states.
994 */
997 }
999 /* Remove all timers and associated handle entries now */
1004 /* Call a free method if there is one */
1009 /* Get rid of cmux */
1013 }
1016 }
1018 /**
1019 * Free a channel listener and skip the state/registration asserts; this
1020 * internal-use-only function should be called only from channel_free_all()
1021 * when shutting down the Tor process.
1022 */
1023 static void
1025 {
1031 chan_l);
1033 /* Call a free method if there is one */
1036 /*
1037 * The incoming list just gets emptied and freed; we request close on
1038 * any channels we find there, but since we got called while shutting
1039 * down they will get deregistered and freed elsewhere anyway.
1040 */
1049 }
1052 }
1054 /**
1055 * Set the listener for a channel listener.
1056 *
1057 * This function sets the handler for new incoming channels on a channel
1058 * listener.
1059 */
1060 void
1062 channel_listener_fn_ptr listener)
1063 {
1068 "Setting listener callback for channel listener %p "
1071 listener);
1075 }
1077 /**
1078 * Return the fixed-length cell handler for a channel.
1079 *
1080 * This function gets the handler for incoming fixed-length cells installed
1081 * on a channel.
1082 */
1083 channel_cell_handler_fn_ptr
1085 {
1092 }
1094 /**
1095 * Return the variable-length cell handler for a channel.
1096 *
1097 * This function gets the handler for incoming variable-length cells
1098 * installed on a channel.
1099 */
1100 channel_var_cell_handler_fn_ptr
1102 {
1109 }
1111 /**
1112 * Set both cell handlers for a channel.
1113 *
1114 * This function sets both the fixed-length and variable length cell handlers
1115 * for a channel.
1116 */
1117 void
1119 channel_cell_handler_fn_ptr cell_handler,
1120 channel_var_cell_handler_fn_ptr
1121 var_cell_handler)
1122 {
1133 /* Change them */
1136 }
1138 /*
1139 * On closing channels
1140 *
1141 * There are three functions that close channels, for use in
1142 * different circumstances:
1143 *
1144 * - Use channel_mark_for_close() for most cases
1145 * - Use channel_close_from_lower_layer() if you are connection_or.c
1146 * and the other end closes the underlying connection.
1147 * - Use channel_close_for_error() if you are connection_or.c and
1148 * some sort of error has occurred.
1149 */
1151 /**
1152 * Mark a channel for closure.
1153 *
1154 * This function tries to close a channel_t; it will go into the CLOSING
1155 * state, and eventually the lower layer should put it into the CLOSED or
1156 * ERROR state. Then, channel_run_cleanup() will eventually free it.
1157 */
1158 void
1160 {
1164 /* If it's already in CLOSING, CLOSED or ERROR, this is a no-op */
1173 /* Note closing by request from above */
1176 /* Change state to CLOSING */
1179 /* Tell the lower layer */
1182 /*
1183 * It's up to the lower layer to change state to CLOSED or ERROR when we're
1184 * ready; we'll try to free channels that are in the finished list from
1185 * channel_run_cleanup(). The lower layer should do this by calling
1186 * channel_closed().
1187 */
1188 }
1190 /**
1191 * Mark a channel listener for closure.
1192 *
1193 * This function tries to close a channel_listener_t; it will go into the
1194 * CLOSING state, and eventually the lower layer should put it into the CLOSED
1195 * or ERROR state. Then, channel_run_cleanup() will eventually free it.
1196 */
1197 void
1199 {
1203 /* If it's already in CLOSING, CLOSED or ERROR, this is a no-op */
1213 /* Note closing by request from above */
1216 /* Change state to CLOSING */
1219 /* Tell the lower layer */
1222 /*
1223 * It's up to the lower layer to change state to CLOSED or ERROR when we're
1224 * ready; we'll try to free channels that are in the finished list from
1225 * channel_run_cleanup(). The lower layer should do this by calling
1226 * channel_listener_closed().
1227 */
1228 }
1230 /**
1231 * Close a channel from the lower layer.
1232 *
1233 * Notify the channel code that the channel is being closed due to a non-error
1234 * condition in the lower layer. This does not call the close() method, since
1235 * the lower layer already knows.
1236 */
1237 void
1239 {
1242 /* If it's already in CLOSING, CLOSED or ERROR, this is a no-op */
1251 /* Note closing by event from below */
1254 /* Change state to CLOSING */
1256 }
1258 /**
1259 * Notify that the channel is being closed due to an error condition.
1260 *
1261 * This function is called by the lower layer implementing the transport
1262 * when a channel must be closed due to an error condition. This does not
1263 * call the channel's close method, since the lower layer already knows.
1264 */
1265 void
1267 {
1270 /* If it's already in CLOSING, CLOSED or ERROR, this is a no-op */
1276 chan);
1278 /* Note closing by event from below */
1281 /* Change state to CLOSING */
1283 }
1285 /**
1286 * Notify that the lower layer is finished closing the channel.
1287 *
1288 * This function should be called by the lower layer when a channel
1289 * is finished closing and it should be regarded as inactive and
1290 * freed by the channel code.
1291 */
1292 void
1294 {
1298 /* No-op if already inactive */
1302 /* Inform any pending (not attached) circs that they should
1303 * give up. */
1307 /* Now close all the attached circuits on it. */
1314 }
1315 }
1317 /**
1318 * Clear the identity_digest of a channel.
1319 *
1320 * This function clears the identity digest of the remote endpoint for a
1321 * channel; this is intended for use by the lower layer.
1322 */
1323 void
1325 {
1331 "Clearing remote endpoint digest on channel %p with "
1339 /* if it's registered get it out of the digest map */
1344 }
1346 /**
1347 * Set the identity_digest of a channel.
1348 *
1349 * This function sets the identity digest of the remote endpoint for a
1350 * channel; this is intended for use by the lower layer.
1351 */
1352 void
1356 {
1362 "Setting remote endpoint digest on channel %p with "
1365 identity_digest ?
1370 was_in_digest_map =
1374 should_be_in_digest_map =
1381 /* We should always remove it; we'll add it back if we're writing
1382 * in a new digest.
1383 */
1388 identity_digest,
1393 }
1398 }
1400 /* Put it in the digest map if we should */
1403 }
1405 /**
1406 * Clear the remote end metadata (identity_digest) of a channel.
1407 *
1408 * This function clears all the remote end info from a channel; this is
1409 * intended for use by the lower layer.
1410 */
1411 void
1413 {
1419 "Clearing remote endpoint identity on channel %p with "
1427 /* if it's registered get it out of the digest map */
1432 }
1434 /**
1435 * Write to a channel the given packed cell.
1436 *
1437 * Two possible errors can happen. Either the channel is not opened or the
1438 * lower layer (specialized channel) failed to write it. In both cases, it is
1439 * the caller responsibility to free the cell.
1440 */
1441 static int
1443 {
1450 /* Assert that the state makes sense for a cell write */
1453 {
1454 circid_t circ_id;
1457 }
1458 }
1460 /* For statistical purposes, figure out how big this cell is */
1463 /* Can we send it right out? If so, try */
1466 }
1468 /* Write the cell on the connection's outbuf. */
1471 }
1472 /* Timestamp for transmission */
1474 /* Update the counter */
1477 /* Successfully sent the cell. */
1480 done:
1482 }
1484 /**
1485 * Write a packed cell to a channel.
1486 *
1487 * Write a packed cell to a channel using the write_cell() method. This is
1488 * called by the transport-independent code to deliver a packed cell to a
1489 * channel for transmission.
1490 *
1491 * Return 0 on success else a negative value. In both cases, the caller should
1492 * not access the cell anymore, it is freed both on success and error.
1493 */
1494 int
1496 {
1507 }
1509 "Writing %p to channel %p with global ID "
1514 end:
1515 /* Whatever happens, we free the cell. Either an error occurred or the cell
1516 * was put on the connection outbuf, both cases we have ownership of the
1517 * cell and we free it. */
1520 }
1522 /**
1523 * Change channel state.
1524 *
1525 * This internal and subclass use only function is used to change channel
1526 * state, performing all transition validity checks and whatever actions
1527 * are appropriate to the state transition in question.
1528 */
1529 static void
1531 {
1532 channel_state_t from_state;
1543 /* Check for no-op transitions */
1551 }
1553 /* If we're going to a closing or closed state, we must have a reason set */
1558 }
1561 "Changing state of channel %p (global ID %"PRIu64
1563 chan,
1570 /* Need to add to the right lists if the channel is registered */
1577 /* Need to take off active list and put on finished list? */
1583 }
1584 /* Need to put on active list? */
1589 }
1592 /* Now we need to handle the identity map */
1603 }
1604 }
1606 /*
1607 * If we're going to a closed/closing state, we don't need scheduling any
1608 * more; in CHANNEL_STATE_MAINT we can't accept writes.
1609 */
1616 }
1617 }
1619 /**
1620 * As channel_change_state_, but change the state to any state but open.
1621 */
1622 void
1624 {
1627 }
1629 /**
1630 * As channel_change_state, but change the state to open.
1631 */
1632 void
1634 {
1637 /* Tell circuits if we opened and stuff */
1640 }
1642 /**
1643 * Change channel listener state.
1644 *
1645 * This internal and subclass use only function is used to change channel
1646 * listener state, performing all transition validity checks and whatever
1647 * actions are appropriate to the state transition in question.
1648 */
1649 void
1651 channel_listener_state_t to_state)
1652 {
1653 channel_listener_state_t from_state;
1663 /* Check for no-op transitions */
1671 }
1673 /* If we're going to a closing or closed state, we must have a reason set */
1678 }
1681 "Changing state of channel listener %p (global ID %"PRIu64
1689 /* Need to add to the right lists if the channel listener is registered */
1696 /* Need to take off active list and put on finished list? */
1702 }
1703 /* Need to put on active list? */
1708 }
1709 }
1715 }
1716 }
1718 /* Maximum number of cells that is allowed to flush at once within
1719 * channel_flush_some_cells(). */
1720 #define MAX_CELLS_TO_GET_FROM_CIRCUITS_FOR_UNLIMITED 256
1722 /**
1723 * Try to flush cells of the given channel chan up to a maximum of num_cells.
1724 *
1725 * This is called by the scheduler when it wants to flush cells from the
1726 * channel's circuit queue(s) to the connection outbuf (not yet on the wire).
1727 *
1728 * If the channel is not in state CHANNEL_STATE_OPEN, this does nothing and
1729 * will return 0 meaning no cells were flushed.
1730 *
1731 * If num_cells is -1, we'll try to flush up to the maximum cells allowed
1732 * defined in MAX_CELLS_TO_GET_FROM_CIRCUITS_FOR_UNLIMITED.
1733 *
1734 * On success, the number of flushed cells are returned and it can never be
1735 * above num_cells. If 0 is returned, no cells were flushed either because the
1736 * channel was not opened or we had no cells on the channel. A negative number
1737 * can NOT be sent back.
1738 *
1739 * This function is part of the fast path. */
1742 {
1752 /* If we aren't in CHANNEL_STATE_OPEN, nothing goes through */
1755 /* Calculate number of cells, including clamp */
1760 MAX_CELLS_TO_GET_FROM_CIRCUITS_FOR_UNLIMITED) {
1764 }
1765 }
1767 /* Try to get more cells from any active circuits */
1770 }
1771 }
1773 done:
1775 }
1777 /**
1778 * Check if any cells are available.
1779 *
1780 * This is used by the scheduler to know if the channel has more to flush
1781 * after a scheduling round.
1782 */
1785 {
1790 /* Else no */
1792 }
1794 /**
1795 * Notify the channel we're done flushing the output in the lower layer.
1796 *
1797 * Connection.c will call this when we've flushed the output; there's some
1798 * dirreq-related maintenance to do.
1799 */
1800 void
1802 {
1807 DIRREQ_TUNNELED,
1808 DIRREQ_CHANNEL_BUFFER_FLUSHED);
1809 }
1811 /**
1812 * Process the queue of incoming channels on a listener.
1813 *
1814 * Use a listener's registered callback to process as many entries in the
1815 * queue of incoming channels as possible.
1816 */
1817 void
1819 {
1822 /*
1823 * CHANNEL_LISTENER_STATE_CLOSING permitted because we drain the queue
1824 * while closing a listener.
1825 */
1831 "Processing queue of incoming connections for channel "
1844 chan,
1846 listener,
1848 /* Make sure this is set correctly */
1855 }
1857 /**
1858 * Take actions required when a channel becomes open.
1859 *
1860 * Handle actions we should do when we know a channel is open; a lot of
1861 * this comes from the old connection_or_set_state_open() of connection_or.c.
1862 *
1863 * Because of this mechanism, future channel_t subclasses should take care
1864 * not to change a channel from CHANNEL_STATE_OPENING to CHANNEL_STATE_OPEN
1865 * until there is positive confirmation that the network is operational.
1866 * In particular, anything UDP-based should not make this transition until a
1867 * packet is received from the other side.
1868 */
1869 void
1871 {
1872 tor_addr_t remote_addr;
1885 /* only report it to the geoip module if it's a client */
1895 now);
1897 /* Notify the DoS subsystem of a new client. */
1900 }
1901 }
1902 /* Otherwise the underlying transport can't tell us this, so skip it */
1903 }
1904 }
1906 /* Disable or reduce padding according to user prefs. */
1909 /* Disable if torrc disabled */
1913 CHANNELPADDING_SOS_PARAM,
1915 /* Disable if we're using RSOS and the consensus disabled padding
1916 * for RSOS */
1919 /* Padding can be forced and/or reduced by clients, regardless of if
1920 * the channel supports it */
1922 }
1923 }
1926 }
1928 /**
1929 * Queue an incoming channel on a listener.
1930 *
1931 * Internal and subclass use only function to queue an incoming channel from
1932 * a listener. A subclass of channel_listener_t should call this when a new
1933 * incoming channel is created.
1934 */
1935 void
1938 {
1951 /* Do we need to queue it, or can we just call the listener right away? */
1957 /* If we need to queue and have no queue, create one */
1960 }
1962 /* Bump the counter and timestamp it */
1967 /* If we don't need to queue, process it right away */
1971 }
1972 /*
1973 * Otherwise, we need to queue; queue and then process the queue if
1974 * we can.
1975 */
1980 }
1981 }
1983 /**
1984 * Process a cell from the given channel.
1985 */
1986 void
1988 {
1994 /* Nothing we can do if we have no registered cell handlers */
1998 /* Timestamp for receiving */
2000 /* Update received counter. */
2005 "Processing incoming cell_t %p for channel %p (global ID "
2009 }
2011 /** If <b>packed_cell</b> on <b>chan</b> is a destroy cell, then set
2012 * *<b>circid_out</b> to its circuit ID, and return true. Otherwise, return
2013 * false. */
2014 /* XXXX Move this function. */
2015 int
2019 {
2024 }
2029 }
2030 }
2032 }
2034 /**
2035 * Send destroy cell on a channel.
2036 *
2037 * Write a destroy cell with circ ID <b>circ_id</b> and reason <b>reason</b>
2038 * onto channel <b>chan</b>. Don't perform range-checking on reason:
2039 * we may want to propagate reasons from other cells.
2040 */
2041 int
2043 {
2052 }
2054 /* Check to make sure we can send on this channel first */
2059 "Sending destroy (circID %u) on channel %p "
2065 "Someone called channel_send_destroy() for circID %u "
2070 }
2073 }
2075 /**
2076 * Dump channel statistics to the log.
2077 *
2078 * This is called from dumpstats() in main.c and spams the log with
2079 * statistics on channels.
2080 */
2081 void
2083 {
2103 }
2104 }
2106 /**
2107 * Dump channel listener statistics to the log.
2108 *
2109 * This is called from dumpstats() in main.c and spams the log with
2110 * statistics on channel listeners.
2111 */
2112 void
2114 {
2134 }
2135 }
2137 /**
2138 * Clean up channels.
2139 *
2140 * This gets called periodically from run_scheduled_events() in main.c;
2141 * it cleans up after closed channels.
2142 */
2143 void
2145 {
2148 /* Check if we need to do anything */
2151 /* Iterate through finished_channels and get rid of them */
2154 /* Remove it from the list */
2156 /* Also unregister it */
2158 /* ... and free it */
2161 }
2163 /**
2164 * Clean up channel listeners.
2165 *
2166 * This gets called periodically from run_scheduled_events() in main.c;
2167 * it cleans up after closed channel listeners.
2168 */
2169 void
2171 {
2174 /* Check if we need to do anything */
2177 /* Iterate through finished_channels and get rid of them */
2180 /* Remove it from the list */
2182 /* Also unregister it */
2184 /* ... and free it */
2187 }
2189 /**
2190 * Free a list of channels for channel_free_all().
2191 */
2192 static void
2194 {
2198 /* Deregister and free it */
2205 /* Detach circuits early so they can find the channel */
2208 }
2214 }
2218 }
2220 /**
2221 * Free a list of channel listeners for channel_free_all().
2222 */
2223 static void
2225 {
2229 /* Deregister and free it */
2242 }
2246 }
2248 /**
2249 * Close all channels and free everything.
2250 *
2251 * This gets called from tor_free_all() in main.c to clean up on exit.
2252 * It will close all registered channels and free associated storage,
2253 * then free the all_channels, active_channels, listening_channels and
2254 * finished_channels lists and also channel_identity_map.
2255 */
2256 void
2258 {
2262 /* First, let's go for finished channels */
2267 }
2269 /* Now the finished listeners */
2274 }
2276 /* Now all active channels */
2281 }
2283 /* Now all active listeners */
2288 }
2290 /* Now all channels, in case any are left over */
2295 }
2297 /* Now all listeners, in case any are left over */
2302 }
2304 /* Now free channel_identity_map */
2307 /* Geez, anything still left over just won't die ... let it leak then */
2310 /* Same with channel_gid_map */
2317 }
2319 /**
2320 * Connect to a given addr/port/digest.
2321 *
2322 * This sets up a new outgoing channel; in the future if multiple
2323 * channel_t subclasses are available, this is where the selection policy
2324 * should go. It may also be desirable to fold port into tor_addr_t
2325 * or make a new type including a tor_addr_t and port, so we have a
2326 * single abstract object encapsulating all the protocol details of
2327 * how to contact an OR.
2328 */
2329 channel_t *
2333 {
2335 }
2337 /**
2338 * Decide which of two channels to prefer for extending a circuit.
2339 *
2340 * This function is called while extending a circuit and returns true iff
2341 * a is 'better' than b. The most important criterion here is that a
2342 * canonical channel is always better than a non-canonical one, but the
2343 * number of circuits and the age are used as tie-breakers.
2344 *
2345 * This is based on the former connection_or_is_better() of connection_or.c
2346 */
2347 int
2349 {
2355 /* If one channel is bad for new circuits, and the other isn't,
2356 * use the one that is still good. */
2362 /* Check if one is canonical and the other isn't first */
2369 /* Check if we suspect that one of the channels will be preferred
2370 * by the peer */
2374 /*
2375 * Okay, if we're here they tied on canonicity, the prefer the older
2376 * connection, so that the adversary can't create a new connection
2377 * and try to switch us over to it (which will leak information
2378 * about long-lived circuits). Additionally, switching connections
2379 * too often makes us more vulnerable to attacks like Torscan and
2380 * passive netflow-based equivalents.
2381 *
2382 * Connections will still only live for at most a week, due to
2383 * the check in connection_or_group_set_badness() against
2384 * TIME_BEFORE_OR_CONN_IS_TOO_OLD, which marks old connections as
2385 * unusable for new circuits after 1 week. That check sets
2386 * is_bad_for_new_circs, which is checked in channel_get_for_extend().
2387 *
2388 * We check channel_is_bad_for_new_circs() above here anyway, for safety.
2389 */
2395 }
2397 /**
2398 * Get a channel to extend a circuit.
2399 *
2400 * Pick a suitable channel to extend a circuit to given the desired digest
2401 * the address we believe is correct for that digest; this tries to see
2402 * if we already have one for the requested endpoint, but if there is no good
2403 * channel, set *msg_out to a message describing the channel's state
2404 * and our next action, and set *launch_out to a boolean indicated whether
2405 * the caller should try to launch a new channel with channel_connect().
2406 */
2407 channel_t *
2413 {
2423 /* Walk the list, unrefing the old one and refing the new at each
2424 * iteration.
2425 */
2433 /* Never return a channel on which the other end appears to be
2434 * a client. */
2437 }
2439 /* The Ed25519 key has to match too */
2442 }
2444 /* Never return a non-open connection. */
2446 /* If the address matches, don't launch a new connection for this
2447 * circuit. */
2451 }
2453 /* Never return a connection that shouldn't be used for circs. */
2457 }
2459 /* Only return canonical connections or connections where the address
2460 * is the address we wanted. */
2465 }
2470 }
2474 }
2493 }
2494 }
2496 /**
2497 * Describe the transport subclass for a channel.
2498 *
2499 * Invoke a method to get a string description of the lower-layer
2500 * transport for this channel.
2501 */
2504 {
2509 }
2511 /**
2512 * Describe the transport subclass for a channel listener.
2513 *
2514 * Invoke a method to get a string description of the lower-layer
2515 * transport for this channel listener.
2516 */
2519 {
2524 }
2526 /**
2527 * Dump channel statistics.
2528 *
2529 * Dump statistics for one channel to the log.
2530 */
2533 {
2536 tor_addr_t remote_addr;
2560 /* Handle digest. */
2572 }
2574 /* Handle remote address and descriptions */
2597 actual);
2599 }
2601 /* Handle marks */
2616 /* Describe circuits */
2626 /* Describe timestamps */
2646 /* Describe counters and rates */
2664 }
2678 }
2679 }
2686 }
2700 }
2701 }
2702 }
2704 /* Dump anything the lower layer has to say */
2706 }
2708 /**
2709 * Dump channel listener statistics.
2710 *
2711 * Dump statistics for one channel listener to the log.
2712 */
2713 void
2715 {
2748 /*
2749 * If it's sensible to do so, get the rate of incoming channels on this
2750 * listener
2751 */
2767 }
2768 }
2770 /* Dump anything the lower layer has to say */
2772 }
2774 /**
2775 * Invoke transport-specific stats dump for channel.
2776 *
2777 * If there is a lower-layer statistics dump method, invoke it.
2778 */
2779 void
2781 {
2785 }
2787 /**
2788 * Invoke transport-specific stats dump for channel listener.
2789 *
2790 * If there is a lower-layer statistics dump method, invoke it.
2791 */
2792 void
2795 {
2799 }
2801 /**
2802 * Return text description of the remote endpoint.
2803 *
2804 * This function return a test provided by the lower layer of the remote
2805 * endpoint for this channel; it should specify the actual address connected
2806 * to/from.
2807 *
2808 * Subsequent calls to channel_get_{actual,canonical}_remote_{address,descr}
2809 * may invalidate the return value from this function.
2810 */
2813 {
2817 /* Param 1 indicates the actual description */
2819 }
2821 /**
2822 * Return the text address of the remote endpoint.
2823 *
2824 * Subsequent calls to channel_get_{actual,canonical}_remote_{address,descr}
2825 * may invalidate the return value from this function.
2826 */
2829 {
2830 /* Param 1 indicates the actual description */
2832 }
2834 /**
2835 * Return text description of the remote endpoint canonical address.
2836 *
2837 * This function return a test provided by the lower layer of the remote
2838 * endpoint for this channel; it should use the known canonical address for
2839 * this OR's identity digest if possible.
2840 *
2841 * Subsequent calls to channel_get_{actual,canonical}_remote_{address,descr}
2842 * may invalidate the return value from this function.
2843 */
2846 {
2850 /* Param 0 indicates the canonicalized description */
2852 }
2854 /**
2855 * Get remote address if possible.
2856 *
2857 * Write the remote address out to a tor_addr_t if the underlying transport
2858 * supports this operation, and return 1. Return 0 if the underlying transport
2859 * doesn't let us do this.
2860 */
2863 {
2869 /* Else no support, method not implemented */
2871 }
2873 /**
2874 * Return true iff the channel has any cells on the connection outbuf waiting
2875 * to be sent onto the network.
2876 */
2877 int
2879 {
2883 /* Check with the lower layer */
2885 }
2887 /**
2888 * Check the is_bad_for_new_circs flag.
2889 *
2890 * This function returns the is_bad_for_new_circs flag of the specified
2891 * channel.
2892 */
2893 int
2895 {
2899 }
2901 /**
2902 * Mark a channel as bad for new circuits.
2903 *
2904 * Set the is_bad_for_new_circs_flag on chan.
2905 */
2906 void
2908 {
2912 }
2914 /**
2915 * Get the client flag.
2916 *
2917 * This returns the client flag of a channel, which will be set if
2918 * command_process_create_cell() in command.c thinks this is a connection
2919 * from a client.
2920 */
2921 int
2923 {
2927 }
2929 /**
2930 * Set the client flag.
2931 *
2932 * Mark a channel as being from a client.
2933 */
2934 void
2936 {
2940 }
2942 /**
2943 * Clear the client flag.
2944 *
2945 * Mark a channel as being _not_ from a client.
2946 */
2947 void
2949 {
2953 }
2955 /**
2956 * Get the canonical flag for a channel.
2957 *
2958 * This returns the is_canonical for a channel; this flag is determined by
2959 * the lower layer and can't be set in a transport-independent way.
2960 */
2961 int
2963 {
2968 }
2970 /**
2971 * Test incoming flag.
2972 *
2973 * This function gets the incoming flag; this is set when a listener spawns
2974 * a channel. If this returns true the channel was remotely initiated.
2975 */
2976 int
2978 {
2982 }
2984 /**
2985 * Set the incoming flag.
2986 *
2987 * This function is called when a channel arrives on a listening channel
2988 * to mark it as incoming.
2989 */
2990 void
2992 {
2996 }
2998 /**
2999 * Test local flag.
3000 *
3001 * This function gets the local flag; the lower layer should set this when
3002 * setting up the channel if is_local_addr() is true for all of the
3003 * destinations it will communicate with on behalf of this channel. It's
3004 * used to decide whether to declare the network reachable when seeing incoming
3005 * traffic on the channel.
3006 */
3007 int
3009 {
3013 }
3015 /**
3016 * Set the local flag.
3017 *
3018 * This internal-only function should be called by the lower layer if the
3019 * channel is to a local address. See channel_is_local() above or the
3020 * description of the is_local bit in channel.h.
3021 */
3022 void
3024 {
3028 }
3030 /**
3031 * Mark a channel as remote.
3032 *
3033 * This internal-only function should be called by the lower layer if the
3034 * channel is not to a local address but has previously been marked local.
3035 * See channel_is_local() above or the description of the is_local bit in
3036 * channel.h
3037 */
3038 void
3040 {
3044 }
3046 /**
3047 * Test outgoing flag.
3048 *
3049 * This function gets the outgoing flag; this is the inverse of the incoming
3050 * bit set when a listener spawns a channel. If this returns true the channel
3051 * was locally initiated.
3052 */
3053 int
3055 {
3059 }
3061 /**
3062 * Mark a channel as outgoing.
3063 *
3064 * This function clears the incoming flag and thus marks a channel as
3065 * outgoing.
3066 */
3067 void
3069 {
3073 }
3075 /************************
3076 * Flow control queries *
3077 ***********************/
3079 /**
3080 * Estimate the number of writeable cells.
3081 *
3082 * Ask the lower layer for an estimate of how many cells it can accept.
3083 */
3084 int
3086 {
3093 /* Query lower layer */
3097 /* No cells are writeable in any other state */
3099 }
3102 }
3104 /*********************
3105 * Timestamp updates *
3106 ********************/
3108 /**
3109 * Update the created timestamp for a channel.
3110 *
3111 * This updates the channel's created timestamp and should only be called
3112 * from channel_init().
3113 */
3114 void
3116 {
3122 }
3124 /**
3125 * Update the created timestamp for a channel listener.
3126 *
3127 * This updates the channel listener's created timestamp and should only be
3128 * called from channel_init_listener().
3129 */
3130 void
3132 {
3138 }
3140 /**
3141 * Update the last active timestamp for a channel.
3142 *
3143 * This function updates the channel's last active timestamp; it should be
3144 * called by the lower layer whenever there is activity on the channel which
3145 * does not lead to a cell being transmitted or received; the active timestamp
3146 * is also updated from channel_timestamp_recv() and channel_timestamp_xmit(),
3147 * but it should be updated for things like the v3 handshake and stuff that
3148 * produce activity only visible to the lower layer.
3149 */
3150 void
3152 {
3160 /* Clear any potential netflow padding timer. We're active */
3162 }
3164 /**
3165 * Update the last active timestamp for a channel listener.
3166 */
3167 void
3169 {
3175 }
3177 /**
3178 * Update the last accepted timestamp.
3179 *
3180 * This function updates the channel listener's last accepted timestamp; it
3181 * should be called whenever a new incoming channel is accepted on a
3182 * listener.
3183 */
3184 void
3186 {
3193 }
3195 /**
3196 * Update client timestamp.
3197 *
3198 * This function is called by relay.c to timestamp a channel that appears to
3199 * be used as a client.
3200 */
3201 void
3203 {
3209 }
3211 /**
3212 * Update the recv timestamp.
3213 *
3214 * This is called whenever we get an incoming cell from the lower layer.
3215 * This also updates the active timestamp.
3216 */
3217 void
3219 {
3227 /* Clear any potential netflow padding timer. We're active */
3229 }
3231 /**
3232 * Update the xmit timestamp.
3233 *
3234 * This is called whenever we pass an outgoing cell to the lower layer. This
3235 * also updates the active timestamp.
3236 */
3237 void
3239 {
3248 /* Clear any potential netflow padding timer. We're active */
3250 }
3252 /***************************************************************
3253 * Timestamp queries - see above for definitions of timestamps *
3254 **************************************************************/
3256 /**
3257 * Query created timestamp for a channel.
3258 */
3259 time_t
3261 {
3265 }
3267 /**
3268 * Query client timestamp.
3269 */
3270 time_t
3272 {
3276 }
3278 /**
3279 * Query xmit timestamp.
3280 */
3281 time_t
3283 {
3287 }
3289 /**
3290 * Check if a channel matches an extend_info_t.
3291 *
3292 * This function calls the lower layer and asks if this channel matches a
3293 * given extend_info_t.
3294 */
3295 int
3297 {
3303 }
3305 /**
3306 * Check if a channel matches a given target address; return true iff we do.
3307 *
3308 * This function calls into the lower layer and asks if this channel thinks
3309 * it matches a given target address for circuit extension purposes.
3310 */
3311 int
3314 {
3320 }
3322 /**
3323 * Return the total number of circuits used by a channel.
3324 *
3325 * @param chan Channel to query
3326 * @return Number of circuits using this as n_chan or p_chan
3327 */
3328 unsigned int
3330 {
3335 }
3337 /**
3338 * Set up circuit ID generation.
3339 *
3340 * This is called when setting up a channel and replaces the old
3341 * connection_or_set_circid_type().
3342 */
3347 {
3358 else
3361 }
3371 }
3374 }
3375 }
3377 static int
3379 {
3385 }
3387 /** Helper for channel_update_bad_for_new_circs(): Perform the
3388 * channel_update_bad_for_new_circs operation on all channels in <b>lst</b>,
3389 * all of which MUST have the same RSA ID. (They MAY have different
3390 * Ed25519 IDs.) */
3391 static void
3393 {
3394 /*XXXX This function should really be about channels. 15056 */
3400 /* if there is only one channel, don't bother looping */
3405 }
3412 }
3413 }
3418 /* it would be more efficient to do a slice, but this case is rare */
3427 common_ed25519_identity)) {
3431 }
3438 /* XXXX 15056 we may want to do something special with connections that have
3439 * no set Ed25519 identity! */
3443 }
3445 /** Go through all the channels (or if <b>digest</b> is non-NULL, just
3446 * the OR connections with that digest), and set the is_bad_for_new_circs
3447 * flag based on the rules in connection_or_group_set_badness() (or just
3448 * always set it if <b>force</b> is true).
3449 */
3450 void
3452 {
3455 channel_idmap_entry_t search;
3461 }
3463 }
3465 /* no digest; just look at everything. */
3469 }
3470 }