search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add some "to-be-safe" escaped() wrappers to log statements in rend*.c, though I am...
[tor.git] / src / or / command.c
blobde13627d1c7d9696365ea2821740e9a0e0681a76
1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. */
4 /* See LICENSE for licensing information */
5 /* $Id$ */
6 const char command_c_id[] =
7 "$Id$";
8
9 /**
10 * \file command.c
11 * \brief Functions for processing incoming cells.
12 **/
13
14 /* In-points to command.c:
15 *
16 * - command_process_cell(), called from
17 * connection_or_process_cells_from_inbuf() in connection_or.c
18 */
19
20 #include "or.h"
21
22 /** Keep statistics about how many of each type of cell we've received. */
23 uint64_t stats_n_padding_cells_processed = 0;
24 uint64_t stats_n_create_cells_processed = 0;
25 uint64_t stats_n_created_cells_processed = 0;
26 uint64_t stats_n_relay_cells_processed = 0;
27 uint64_t stats_n_destroy_cells_processed = 0;
28
29 /* These are the main four functions for processing cells */
30 static void command_process_create_cell(cell_t *cell, connection_t *conn);
31 static void command_process_created_cell(cell_t *cell, connection_t *conn);
32 static void command_process_relay_cell(cell_t *cell, connection_t *conn);
33 static void command_process_destroy_cell(cell_t *cell, connection_t *conn);
34
35 #ifdef KEEP_TIMING_STATS
36 /** This is a wrapper function around the actual function that processes the
37 * <b>cell</b> that just arrived on <b>conn</b>. Increment <b>*time</b>
38 * by the number of microseconds used by the call to <b>*func(cell, conn)</b>.
39 */
40 static void
41 command_time_process_cell(cell_t *cell, connection_t *conn, int *time,
42 void (*func)(cell_t *, connection_t *))
43 {
44 struct timeval start, end;
45 long time_passed;
46
47 tor_gettimeofday(&start);
48
49 (*func)(cell, conn);
50
51 tor_gettimeofday(&end);
52 time_passed = tv_udiff(&start, &end) ;
53
54 if (time_passed > 10000) { /* more than 10ms */
55 log_debug(LD_OR,"That call just took %ld ms.",time_passed/1000);
56 }
57 if (time_passed < 0) {
58 log_info(LD_GENERAL,"That call took us back in time!");
59 time_passed = 0;
60 }
61 *time += time_passed;
62 }
63 #endif
64
65 /** Process a <b>cell</b> that was just received on <b>conn</b>. Keep internal
66 * statistics about how many of each cell we've processed so far
67 * this second, and the total number of microseconds it took to
68 * process each type of cell.
69 */
70 void
71 command_process_cell(cell_t *cell, connection_t *conn)
72 {
73 #ifdef KEEP_TIMING_STATS
74 /* how many of each cell have we seen so far this second? needs better
75 * name. */
76 static int num_create=0, num_created=0, num_relay=0, num_destroy=0;
77 /* how long has it taken to process each type of cell? */
78 static int create_time=0, created_time=0, relay_time=0, destroy_time=0;
79 static time_t current_second = 0; /* from previous calls to time */
80
81 time_t now = time(NULL);
82
83 if (now > current_second) { /* the second has rolled over */
84 /* print stats */
85 log_info(LD_OR,
86 "At end of second: %d creates (%d ms), %d createds (%d ms), "
87 "%d relays (%d ms), %d destroys (%d ms)",
88 num_create, create_time/1000,
89 num_created, created_time/1000,
90 num_relay, relay_time/1000,
91 num_destroy, destroy_time/1000);
92
93 /* zero out stats */
94 num_create = num_created = num_relay = num_destroy = 0;
95 create_time = created_time = relay_time = destroy_time = 0;
96
97 /* remember which second it is, for next time */
98 current_second = now;
99 }
100 #endif
101
102 switch (cell->command) {
103 case CELL_PADDING:
104 ++stats_n_padding_cells_processed;
105 /* do nothing */
106 break;
107 case CELL_CREATE:
108 case CELL_CREATE_FAST:
109 ++stats_n_create_cells_processed;
110 #ifdef KEEP_TIMING_STATS
111 ++num_create;
112 command_time_process_cell(cell, conn, &create_time,
113 command_process_create_cell);
114 #else
115 command_process_create_cell(cell, conn);
116 #endif
117 break;
118 case CELL_CREATED:
119 case CELL_CREATED_FAST:
120 ++stats_n_created_cells_processed;
121 #ifdef KEEP_TIMING_STATS
122 ++num_created;
123 command_time_process_cell(cell, conn, &created_time,
124 command_process_created_cell);
125 #else
126 command_process_created_cell(cell, conn);
127 #endif
128 break;
129 case CELL_RELAY:
130 ++stats_n_relay_cells_processed;
131 #ifdef KEEP_TIMING_STATS
132 ++num_relay;
133 command_time_process_cell(cell, conn, &relay_time,
134 command_process_relay_cell);
135 #else
136 command_process_relay_cell(cell, conn);
137 #endif
138 break;
139 case CELL_DESTROY:
140 ++stats_n_destroy_cells_processed;
141 #ifdef KEEP_TIMING_STATS
142 ++num_destroy;
143 command_time_process_cell(cell, conn, &destroy_time,
144 command_process_destroy_cell);
145 #else
146 command_process_destroy_cell(cell, conn);
147 #endif
148 break;
149 default:
150 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
151 "Cell of unknown type (%d) received. Dropping.", cell->command);
152 break;
153 }
154 }
155
156 /** Process a 'create' <b>cell</b> that just arrived from <b>conn</b>. Make a
157 * new circuit with the p_circ_id specified in cell. Put the circuit in state
158 * onionskin_pending, and pass the onionskin to the cpuworker. Circ will get
159 * picked up again when the cpuworker finishes decrypting it.
160 */
161 static void
162 command_process_create_cell(cell_t *cell, connection_t *conn)
163 {
164 circuit_t *circ;
165 int id_is_high;
166
167 if (we_are_hibernating()) {
168 log_info(LD_OR,
169 "Received create cell but we're shutting down. Sending back "
170 "destroy.");
171 connection_or_send_destroy(cell->circ_id, conn,
172 END_CIRC_REASON_HIBERNATING);
173 return;
174 }
175
176 /* If the high bit of the circuit ID is not as expected, then switch
177 * which half of the space we'll use for our own CREATE cells.
178 *
179 * This can happen because Tor 0.0.9pre5 and earlier decide which
180 * half to use based on nickname, and we now use identity keys.
181 */
182 id_is_high = cell->circ_id & (1<<15);
183 if (id_is_high && conn->circ_id_type == CIRC_ID_TYPE_HIGHER) {
184 log_info(LD_OR, "Got a high circuit ID from %s (%d); switching to "
185 "low circuit IDs.",
186 conn->nickname ? conn->nickname : "client", conn->s);
187 conn->circ_id_type = CIRC_ID_TYPE_LOWER;
188 } else if (!id_is_high && conn->circ_id_type == CIRC_ID_TYPE_LOWER) {
189 log_info(LD_OR, "Got a low circuit ID from %s (%d); switching to "
190 "high circuit IDs.",
191 conn->nickname ? conn->nickname : "client", conn->s);
192 conn->circ_id_type = CIRC_ID_TYPE_HIGHER;
193 }
194
195 circ = circuit_get_by_circid_orconn(cell->circ_id, conn);
196
197 if (circ) {
198 routerinfo_t *router = router_get_by_digest(conn->identity_digest);
199 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
200 "received CREATE cell (circID %d) for known circ. "
201 "Dropping (age %d).",
202 cell->circ_id, (int)(time(NULL) - conn->timestamp_created));
203 if (router)
204 log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
205 "Details: nickname \"%s\", platform %s.",
206 router->nickname, escaped(router->platform));
207 return;
208 }
209
210 circ = circuit_new(cell->circ_id, conn);
211 circ->purpose = CIRCUIT_PURPOSE_OR;
212 circuit_set_state(circ, CIRCUIT_STATE_ONIONSKIN_PENDING);
213 if (cell->command == CELL_CREATE) {
214 circ->onionskin = tor_malloc(ONIONSKIN_CHALLENGE_LEN);
215 memcpy(circ->onionskin, cell->payload, ONIONSKIN_CHALLENGE_LEN);
216
217 /* hand it off to the cpuworkers, and then return */
218 if (assign_to_cpuworker(NULL, CPUWORKER_TASK_ONION, circ) < 0) {
219 log_warn(LD_GENERAL,"Failed to hand off onionskin. Closing.");
220 circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL);
221 return;
222 }
223 log_debug(LD_OR,"success: handed off onionskin.");
224 } else {
225 /* This is a CREATE_FAST cell; we can handle it immediately without using
226 * a CPU worker.*/
227 char keys[CPATH_KEY_MATERIAL_LEN];
228 char reply[DIGEST_LEN*2];
229 tor_assert(cell->command == CELL_CREATE_FAST);
230 if (fast_server_handshake(cell->payload, reply, keys, sizeof(keys))<0) {
231 log_warn(LD_OR,"Failed to generate key material. Closing.");
232 circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL);
233 return;
234 }
235 if (onionskin_answer(circ, CELL_CREATED_FAST, reply, keys)<0) {
236 log_warn(LD_OR,"Failed to reply to CREATE_FAST cell. Closing.");
237 circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL);
238 return;
239 }
240 }
241 }
242
243 /** Process a 'created' <b>cell</b> that just arrived from <b>conn</b>.
244 * Find the circuit
245 * that it's intended for. If we're not the origin of the circuit, package
246 * the 'created' cell in an 'extended' relay cell and pass it back. If we
247 * are the origin of the circuit, send it to circuit_finish_handshake() to
248 * finish processing keys, and then call circuit_send_next_onion_skin() to
249 * extend to the next hop in the circuit if necessary.
250 */
251 static void
252 command_process_created_cell(cell_t *cell, connection_t *conn)
253 {
254 circuit_t *circ;
255
256 circ = circuit_get_by_circid_orconn(cell->circ_id, conn);
257
258 if (!circ) {
259 log_info(LD_OR,
260 "(circID %d) unknown circ (probably got a destroy earlier). "
261 "Dropping.", cell->circ_id);
262 return;
263 }
264
265 if (circ->n_circ_id != cell->circ_id) {
266 log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,
267 "got created cell from OPward? Closing.");
268 circuit_mark_for_close(circ, END_CIRC_REASON_TORPROTOCOL);
269 return;
270 }
271
272 if (CIRCUIT_IS_ORIGIN(circ)) { /* we're the OP. Handshake this. */
273 log_debug(LD_OR,"at OP. Finishing handshake.");
274 if (circuit_finish_handshake(circ, cell->command, cell->payload) < 0) {
275 log_warn(LD_OR,"circuit_finish_handshake failed.");
276 circuit_mark_for_close(circ, END_CIRC_AT_ORIGIN);
277 return;
278 }
279 log_debug(LD_OR,"Moving to next skin.");
280 if (circuit_send_next_onion_skin(circ) < 0) {
281 log_info(LD_OR,"circuit_send_next_onion_skin failed.");
282 /* XXX push this circuit_close lower */
283 circuit_mark_for_close(circ, END_CIRC_AT_ORIGIN);
284 return;
285 }
286 } else { /* pack it into an extended relay cell, and send it. */
287 log_debug(LD_OR,
288 "Converting created cell to extended relay cell, sending.");
289 connection_edge_send_command(NULL, circ, RELAY_COMMAND_EXTENDED,
290 cell->payload, ONIONSKIN_REPLY_LEN, NULL);
291 }
292 }
293
294 /** Process a 'relay' <b>cell</b> that just arrived from <b>conn</b>. Make sure
295 * it came in with a recognized circ_id. Pass it on to
296 * circuit_receive_relay_cell() for actual processing.
297 */
298 static void
299 command_process_relay_cell(cell_t *cell, connection_t *conn)
300 {
301 circuit_t *circ;
302 int reason;
303
304 circ = circuit_get_by_circid_orconn(cell->circ_id, conn);
305
306 if (!circ) {
307 log_debug(LD_OR,
308 "unknown circuit %d on connection from %s:%d. Dropping.",
309 cell->circ_id, conn->address, conn->port);
310 return;
311 }
312
313 if (circ->state == CIRCUIT_STATE_ONIONSKIN_PENDING) {
314 log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,"circuit in create_wait. Closing.");
315 circuit_mark_for_close(circ, END_CIRC_REASON_TORPROTOCOL);
316 return;
317 }
318
319 if (cell->circ_id == circ->p_circ_id) { /* it's an outgoing cell */
320 if ((reason = circuit_receive_relay_cell(cell, circ,
321 CELL_DIRECTION_OUT)) < 0) {
322 log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,"circuit_receive_relay_cell "
323 "(forward) failed. Closing.");
324 circuit_mark_for_close(circ, -reason);
325 return;
326 }
327 } else { /* it's an ingoing cell */
328 if ((reason = circuit_receive_relay_cell(cell, circ,
329 CELL_DIRECTION_IN)) < 0) {
330 log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,"circuit_receive_relay_cell "
331 "(backward) failed. Closing.");
332 circuit_mark_for_close(circ, -reason);
333 return;
334 }
335 }
336 }
337
338 /** Process a 'destroy' <b>cell</b> that just arrived from
339 * <b>conn</b>. Find the circ that it refers to (if any).
340 *
341 * If the circ is in state
342 * onionskin_pending, then call onion_pending_remove() to remove it
343 * from the pending onion list (note that if it's already being
344 * processed by the cpuworker, it won't be in the list anymore; but
345 * when the cpuworker returns it, the circuit will be gone, and the
346 * cpuworker response will be dropped).
347 *
348 * Then mark the circuit for close (which marks all edges for close,
349 * and passes the destroy cell onward if necessary).
350 */
351 static void
352 command_process_destroy_cell(cell_t *cell, connection_t *conn)
353 {
354 circuit_t *circ;
355 uint8_t reason;
356
357 circ = circuit_get_by_circid_orconn(cell->circ_id, conn);
358 reason = (uint8_t)cell->payload[0];
359 if (!circ) {
360 log_info(LD_OR,"unknown circuit %d on connection from %s:%d. Dropping.",
361 cell->circ_id, conn->address, conn->port);
362 return;
363 }
364 log_debug(LD_OR,"Received for circID %d.",cell->circ_id);
365
366 if (cell->circ_id == circ->p_circ_id) {
367 /* the destroy came from behind */
368 circuit_set_circid_orconn(circ, 0, NULL, P_CONN_CHANGED);
369 circuit_mark_for_close(circ, reason);
370 } else { /* the destroy came from ahead */
371 circuit_set_circid_orconn(circ, 0, NULL, N_CONN_CHANGED);
372 if (CIRCUIT_IS_ORIGIN(circ)) {
373 circuit_mark_for_close(circ, reason);
374 } else {
375 char payload[1];
376 log_debug(LD_OR, "Delivering 'truncated' back.");
377 payload[0] = (char)reason;
378 connection_edge_send_command(NULL, circ, RELAY_COMMAND_TRUNCATED,
379 payload, sizeof(payload), NULL);
380 }
381 }
382 }
383
The Onion Router